[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 381-390

Ensurepass.com : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 381 – (Topic 2)

A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data.

Which of the following types of interoperability agreement is this?

  1. ISA

  2. MOU

  3. SLA

  4. BPA

Answer: A Explanation:

ISA/ Interconnection Security Agreement is an agreement between two organizations that have connected systems. The agreement documents the technical requirements of the connected systems.

Question No: 382 – (Topic 2)

A security administrator wants to deploy a physical security control to limit an individual’s access into a sensitive area. Which of the following should be implemented?

  1. Guards

  2. CCTV

  3. Bollards

  4. Spike strip

Answer: A Explanation:

A guard can be intimidating and respond to a situation and in a case where you want to limit an individual’s access to a sensitive area a guard would be the most effective.

Question No: 383 – (Topic 2)

The security manager received a report that an employee was involved in illegal activity and has saved data to a workstation’s hard drive. During the investigation, local law enforcement’s criminal division confiscates the hard drive as evidence. Which of the following forensic procedures is involved?

  1. Chain of custody

  2. System image

  3. Take hashes

  4. Order of volatility

Answer: A Explanation:

Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been.

Question No: 384 – (Topic 2)

Encryption of data at rest is important for sensitive information because of which of the following?

  1. Facilitates tier 2 support, by preventing users from changing the OS

  2. Renders the recovery of data harder in the event of user password loss

  3. Allows the remote removal of data following eDiscovery requests

  4. Prevents data from being accessed following theft of physical equipment

Answer: D Explanation:

Data encryption allows data that has been stolen to remain out of the eyes of the intruders who took it as long as they do not have the proper passwords.

Question No: 385 – (Topic 2)

A security technician wishes to gather and analyze all Web traffic during a particular time period.

Which of the following represents the BEST approach to gathering the required data?

  1. Configure a VPN concentrator to log all traffic destined for ports 80 and 443.

  2. Configure a proxy server to log all traffic destined for ports 80 and 443.

  3. Configure a switch to log all traffic destined for ports 80 and 443.

  4. Configure a NIDS to log all traffic destined for ports 80 and 443.

Answer: B Explanation:

A proxy server is in essence a device that acts on behalf of others and in security terms all internal user interaction with the Internet should be controlled through a proxy server. This makes a proxy server the best tool to gather the required data.

Question No: 386 – (Topic 2)

Acme Corp has selectively outsourced proprietary business processes to ABC Services.

Due to some technical issues, ABC services wants to send some of Acme Corp’s debug data to a third party vendor for problem resolution. Which of the following MUST be considered prior to sending data to a third party?

  1. The data should be encrypted prior to transport

  2. This would not constitute unauthorized data sharing

  3. This may violate data ownership and non-disclosure agreements

  4. Acme Corp should send the data to ABC Services’ vendor instead

Answer: C Explanation:

With sending your data to a third party is already a risk since the third party may have a different policy than yours. Data ownership and non-disclosure is already a risk that you will have to accept since the data will be sent for debugging /troubleshooting purposes which will result in definite disclosure of the data.

Question No: 387 – (Topic 2)

A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal?

  1. Require different account passwords through a policy

  2. Require shorter password expiration for non-privileged accounts

  3. Require shorter password expiration for privileged accounts

  4. Require a greater password length for privileged accounts

Answer: A Explanation:

A password policy aka account policy enforcement can be configured in such a way so as to make sure that system administrators make use of different passwords for different accounts.

Question No: 388 – (Topic 2)

The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST

course of action?

  1. Create a single, shared user account for every system that is audited and logged based upon time of use.

  2. Implement a single sign-on application on equipment with sensitive data and high-profile shares.

  3. Enact a policy that employees must use their vacation time in a staggered schedule.

  4. Separate employees into teams led by a person who acts as a single point of contact for observation purposes.

Answer: C Explanation:

A policy that states employees should use their vacation time in a staggered schedule is a way of employing mandatory vacations. A mandatory vacation policy requires all users to take time away from work while others step in and do the work of that employee on vacation. This will afford the CSO the opportunity to see who is using the company assets responsibly and who is abusing it.

Question No: 389 – (Topic 2)

Which of the following risks could IT management be mitigating by removing an all-in-one device?

  1. Continuity of operations

  2. Input validation

  3. Single point of failure

  4. Single sign on

Answer: C Explanation:

The major disadvantage of combining everything into one, although you do this to save costs, is to include a potential single point of failure and the reliance/dependence on a single vendor.

Question No: 390 – (Topic 2)

Which of the following concepts are included on the three sides of the quot;security trianglequot;? (Select THREE).

  1. Confidentiality

  2. Availability

  3. Integrity

  4. Authorization

  5. Authentication

  6. Continuity

Answer: A,B,C Explanation:

Confidentiality, integrity, and availability are the three most important concepts in security. Thus they form the security triangle.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.