aiotestking uk

SY0-401 Exam Questions - Online Test


SY0-401 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern? 

A. Host-based firewall 

B. Cable locks 

C. Locking cabinets 

D. Surveillance video 

Answer:

Explanation: 

Q2. Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie? 

A. Network based firewall 

B. Anti-spam software 

C. Host based firewall 

D. Anti-spyware software 

Answer:

Explanation: 

Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie. 

Q3. Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which of the following would be the BEST way to mitigate this issue and still provide coverage where needed? (Select TWO). 

A. Disable the wired ports 

B. Use channels 1, 4 and 7 only 

C. Enable MAC filtering 

D. Disable SSID broadcast 

E. Switch from 802.11a to 802.11b 

Answer: C,D 

Explanation: Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use. A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. 

Q4. The call center supervisor has reported that many employees have been playing preinstalled games on company computers and this is reducing productivity. 

Which of the following would be MOST effective for preventing this behavior? 

A. Acceptable use policies 

B. Host-based firewalls 

C. Content inspection 

D. Application whitelisting 

Answer:

Explanation: 

Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list. 

Q5. A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks? 

A. Spoofing 

B. XSS 

C. Fuzzing 

D. Pharming 

Answer:

Explanation: 

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. 

By validating user input and preventing special characters, we can prevent the injection of client-side scripting code. 

Q6. Which of the following technical controls helps to prevent Smartphones from connecting to a corporate network? 

A. Application white listing 

B. Remote wiping 

C. Acceptable use policy 

D. Mobile device management 

Answer:

Explanation: 

Mobile device management (MDM) is allows for managing the mobile devices that employees use to access company resources. MDM is intended to improve security, provide monitoring, enable remote management, and support troubleshooting. It can be used to push or remove applications, manage data, and enforce configuration settings on these devices. 

Q7. The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity? 

A. Application hardening 

B. Application firewall review 

C. Application change management 

D. Application patch management 

Answer:

Explanation: 

Change management is the structured approach that is followed to secure a company’s assets. 

Promoting code to application on a SMZ web server would be change management. 

Q8. The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action? 

A. Create a single, shared user account for every system that is audited and logged based upon time of use. 

B. Implement a single sign-on application on equipment with sensitive data and high-profile shares. 

C. Enact a policy that employees must use their vacation time in a staggered schedule. 

D. Separate employees into teams led by a person who acts as a single point of contact for observation purposes. 

Answer:

Explanation: 

A policy that states employees should use their vacation time in a staggered schedule is a way of employing mandatory vacations. A mandatory vacation policy requires all users to take time away from work while others step in and do the work of that employee on vacation. This will afford the CSO the opportunity to see who is using the company assets responsibly and who is abusing it. 

Q9. Which of the following is a requirement when implementing PKI if data loss is unacceptable? 

A. Web of trust 

B. Non-repudiation 

C. Key escrow 

D. Certificate revocation list 

Answer:

Explanation: 

Key escrow is a database of stored keys that later can be retrieved. Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of key escrow, the keys needed to encrypt/decrypt data are held in an escrow account (think of the term as it relates to home mortgages) and made available if that third party requests them. The third party in question is generally the government, but it could also be an employer if an employee’s private messages have been called into question. 

Q10. An organization must implement controls to protect the confidentiality of its most sensitive data. The company is currently using a central storage system and group based access control for its sensitive information. Which of the following controls can further secure the data in the central storage system? 

A. Data encryption 

B. Patching the system 

C. Digital signatures 

D. File hashing 

Answer:

Explanation: