[Free] 2018(Mar) EnsurePass Testinsides CompTIA SY0-401 Dumps with VCE and PDF 251-260

Ensurepass.com : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 251 – (Topic 2)

Which of the following defines a business goal for system restoration and acceptable data loss?

  1. MTTR

  2. MTBF

  3. RPO

  4. Warm site

Answer: C Explanation:

The recovery point objective (RPO) defines the point at which the system needs to be

restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). This is an essential business goal insofar as system restoration and acceptable data loss is concerned.

Question No: 252 – (Topic 2)

Identifying residual risk is MOST important to which of the following concepts?

  1. Risk deterrence

  2. Risk acceptance

  3. Risk mitigation

  4. Risk avoidance

Answer: B Explanation:

Risk acceptance is often the choice you must make when the cost of implementing any of the other four choices exceeds the value of the harm that would occur if the risk came to fruition. To truly qualify as acceptance, it cannot be a risk where the administrator or manager is unaware of its existence; it has to be an identified risk for which those involved understand the potential cost or damage and agree to accept it. Residual risk is always present and will remain a risk thus it should be accepted (risk acceptance)

Question No: 253 – (Topic 2)

Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?

  1. Water base sprinkler system

  2. Electrical

  3. HVAC

  4. Video surveillance

Answer: C Explanation:

HVAC refers to heating, ventilation and air-conditioning to allow for a zone-based environmental control measure. The fire-alarm system should ideally also be hooked up to the HVAC so that the HVAC can monitor the changes in heating and ventilation.

Question No: 254 – (Topic 2)

The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed?

  1. Hot and cold aisles

  2. Humidity control

  3. HVAC system

  4. EMI shielding

Answer: A Explanation:

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation.

Infrared cameras are heat detection measures thus it is hot and cold aisle design elements.

Question No: 255 – (Topic 2)

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

  1. Conduct surveys and rank the results.

  2. Perform routine user permission reviews.

  3. Implement periodic vulnerability scanning.

  4. Disable user accounts that have not been used within the last two weeks.

Answer: B Explanation:

Risk mitigation is accomplished any time you take steps to reduce risk. This category includes installing antivirus software, educating users about possible threats, monitoring network traffic, adding a firewall, and so on. User permissions may be the most basic aspect of security and is best coupled with a principle of least privilege. And related to permissions is the concept of the access control list (ACL). An ACL is literally a list of who can access what resource and at what level. Thus the best risk mitigation steps insofar as access control rights are concerned, is the regular/routine review of user permissions.

Question No: 256 – (Topic 2)

Which of the following provides data the best fault tolerance at the LOWEST cost?

  1. Load balancing

  2. Clustering

  3. Server virtualization

  4. RAID 6

Answer: D Explanation:

RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can achieve fault tolerance using software which can be done using the existing hardware and software thus representing the lowest cost option.

Question No: 257 – (Topic 2)

Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).

  1. Acceptable use policy

  2. Risk acceptance policy

  3. Privacy policy

  4. Email policy

  5. Security policy

Answer: A,C Explanation:

Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement.

Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.

Question No: 258 – (Topic 2)

A small business needs to incorporate fault tolerance into their infrastructure to increase data availability. Which of the following options would be the BEST solution at a minimal cost?

  1. Clustering

  2. Mirrored server

  3. RAID

  4. Tape backup

Answer: C Explanation:

RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can achieve fault tolerance using software which can be done using the existing hardware and software.

Question No: 259 – (Topic 2)

Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed.

Which of the following would be the BEST control to implement?

  1. File encryption

  2. Printer hardening

  3. Clean desk policies

  4. Data loss prevention

Answer: D Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. This would address the concerns of the auditors.

Question No: 260 – (Topic 2)

Separation of duties is often implemented between developers and administrators in order to separate which of the following?

  1. More experienced employees from less experienced employees

  2. Changes to program code and the ability to deploy to production

  3. Upper level management users from standard development employees

  4. The network access layer from the application access layer

Answer: B Explanation:

Separation of duties means that there is differentiation between users, employees and duties per se which form part of best practices.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com