[Free] 2018(Jan) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 341-350

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 341 – (Topic 2)

Ann, the system administrator, is installing an extremely critical system that can support ZERO downtime. Which of the following BEST describes the type of system Ann is installing?

  1. High availability

  2. Clustered

  3. RAID

  4. Load balanced

Answer: A Explanation:

High Availability is he term used to refer to a system that has been secured and set up/configured in such a way so as to be online, active and able to respond and thus have zero downtime as a result.

Question No: 342 – (Topic 2)

Which of the following helps to establish an accurate timeline for a network intrusion?

  1. Hashing images of compromised systems

  2. Reviewing the date of the antivirus definition files

  3. Analyzing network traffic and device logs

  4. Enforcing DLP controls at the perimeter

Answer: C Explanation:

Network activity as well as intrusion can be viewed on device logs and by analyzing the network traffic that passed through your network. Thus to establish an accurate timeline for a network intrusion you can look at and analyze the device logs and network traffic to yield the appropriate information.

Question No: 343 – (Topic 2)

Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?

  1. Clustering

  2. RAID

  3. Backup Redundancy

  4. Cold site

Answer: A Explanation:

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs).

Clustering is done whenever you connect multiple computers to work and act together as a single server. It is meant to utilize parallel processing and can also add to redundancy.

Question No: 344 – (Topic 2)

Which of the following is the BEST concept to maintain required but non-critical server availability?

  1. SaaS site

  2. Cold site

  3. Hot site

  4. Warm site

Answer: D Explanation:

Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. Another term for a warm site/reciprocal site is active/active model.

Question No: 345 – (Topic 2)

An employee recently lost a USB drive containing confidential customer data. Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?

  1. DLP

  2. Asset tracking

  3. HSM

  4. Access control

Answer: A Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data.

Question No: 346 – (Topic 2)

The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture.

Which of the following risk mitigation strategies is MOST important to the security manager?

  1. User permissions

  2. Policy enforcement

  3. Routine audits

  4. Change management

Answer: C Explanation:

After you have implemented security controls based on risk, you must perform routine audits. These audits should include reviews of user rights and permissions as well as specific events. You should pay particular attention to false positives and negatives.

Question No: 347 – (Topic 2)

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?

  1. Succession plan

  2. Continuity of operation plan

  3. Disaster recovery plan

  4. Business impact analysis

Answer: D Explanation:

Business impact analysis (BIA) is the process of evaluating all of the critical systems in an organization to define impact and recovery plans. BIA isn’t concerned with external threats or vulnerabilities; the analysis focuses on the impact a loss would have on the organization. A BIA comprises the following: identifying critical functions, prioritizing critical business functions, calculating a timeframe for critical systems loss, and estimating the tangible impact on the organization.

Question No: 348 – (Topic 2)

Which of the following provides the BEST application availability and is easily expanded as demand grows?

  1. Server virtualization

  2. Load balancing

  3. Active-Passive Cluster

  4. RAID 6

Answer: B Explanation:

Load balancing is a way of providing high availability by splitting the workload across multiple computers.

Question No: 349 – (Topic 2)

A security team has established a security awareness program. Which of the following would BEST prove the success of the program?

  1. Policies

  2. Procedures

  3. Metrics

  4. Standards

Answer: C Explanation:

All types of training should be followed up- be tested to see if it worked and how much was learned in the training process. You must follow up and gather training metrics to validate compliance and security posture. By training metrics, we mean some quantifiable method for determining the efficacy of training.

Question No: 350 DRAG DROP – (Topic 2)

A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first. Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is gone. Naturally, in an investigation you want to collect everything, but some data will exist longer than others, and you cannot possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts.

Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses, and track total man-hours and expenses associated with the investigation.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 453

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com