aiotestking uk

SY0-401 Exam Questions - Online Test


SY0-401 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Privilege creep among long-term employees can be mitigated by which of the following procedures? 

A. User permission reviews 

B. Mandatory vacations 

C. Separation of duties 

D. Job function rotation 

Answer:

Explanation: 

Privilege creep is the steady build-up of access rights beyond what a user requires to perform his/her task. Privilege creep can be decreased by conducting sporadic access rights reviews, which will confirm each user's need to access specific roles and rights in an effort to find and rescind excess privileges. 

Q2. Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key? 

A. Session Key 

B. Public Key 

C. Private Key 

D. Digital Signature 

Answer:

Explanation: 

Explanation: Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t disclosed to people who aren’t authorized to use the encryption system. 

Q3. A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue? 

A. HTTP 

B. DHCP 

C. DNS 

D. NetBIOS 

Answer:

Explanation: 

DNS links IP addresses and human-friendly fully qualified domain names (FQDNs), which are made up of the Top-level domain (TLD), the registered domain name, and the Subdomain or hostname. 

Therefore, if the DNS ports are blocked websites will not be reachable. 

Q4. A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts? 

A. High availability 

B. Load balancing 

C. Backout contingency plan 

D. Clustering 

Answer:

Explanation: 

High availability (HA) refers to the measures used to keep services and systems operational during an outage. In short, the goal is to provide all services to all users, where they need them and when they need them. With high availability, the goal is to have key services available 99.999 percent of the time (also known as five nines availability). 

Q5. Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO). 

A. WPA2-PSK 

B. WPA - EAP - TLS 

C. WPA2-CCMP 

D. WPA -CCMP 

E. WPA - LEAP 

F. WEP 

Answer: A,E 

Explanation: 

A brute force attack is an attack that attempts to guess a password. WPA2-PSK and WEP both use a “Pre-Shared Key”. The pre-shared key is a password and therefore is susceptible to a brute force attack. 

Q6. Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices? 

A. Remote wiping enabled for all removable storage devices 

B. Full-disk encryption enabled for all removable storage devices 

C. A well defined acceptable use policy 

D. A policy which details controls on removable storage use 

Answer:

Explanation: 

Q7. An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used together, would BEST prevent users from reusing their existing password? (Select TWO). 

A. Length of password 

B. Password history 

C. Minimum password age 

D. Password expiration 

E. Password complexity 

F. Non-dictionary words 

Answer: B,C 

Explanation: 

In this question, users are forced to change their passwords every six weeks. However, they are able to change their password and enter the same password as the new password. 

Password history determines the number of previous passwords that cannot be used when a user changes his password. For example, a password history value of 5 would disallow a user from changing his password to any of his previous 5 passwords. 

When a user is forced to change his password due to a maximum password age period expiring, (the question states that the network requires that the passwords be changed every six weeks) he could change his password to a previously used password. Or if a password history value of 5 is configured, the user could change his password six times to cycle back round to his original password. This is where the minimum password age comes in. This is the period that a password must be used for. For example, a minimum password age of 30 would determine that when a user changes his password, he must continue to use the same password for at least 30 days. 

Q8. Which of the following presents the STRONGEST access control? 

A. MAC 

B. TACACS 

C. DAC 

D. RBAC 

Answer:

Explanation: 

A: With Mandatory Access Control (MAC) all access is predefined. This makes it the strongest access control of the options presented in the question. 

Q9. Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem? 

A. The intermediate CA certificates were not installed on the server. 

B. The certificate is not the correct type for a virtual server. 

C. The encryption key used in the certificate is too short. 

D. The client’s browser is trying to negotiate SSL instead of TLS. 

Answer:

Explanation: 

In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. 

Q10. Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following would provide the BEST level of protection? 

A. HIPS 

B. Antivirus 

C. NIDS 

D. ACL 

Answer:

Explanation: 

Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it. 

Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that are detected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the connection and/or blocking the traffic from the offending IP address. An IPS can also correct Cyclic Redundancy Check (CRC) errors, unfragment packet streams, prevent TCP sequencing issues, and clean up unwanted transport and network layer options. Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. A Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. As a zero-day attack is an unknown vulnerability (a vulnerability that does not have a fix or a patch to prevent it), the best defence would be an intrusion prevention system.