Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Validated SY0-401 questions are available on Google Drive, GET MORE: https://drive.google.com/open?id=1siHiDBDsDihbfL-IfduKM7eRtxwHmXbW
New Questions 10
During a company-wide initiative to harden network security, it is discovered that end users who have laptops cannot be removed from the local administrator group. Which of the following could be used to help mitigate the risk of these machines becoming compromised?
A. Security log auditing
B. Firewalls
C. HIPS
D. IDS
Answer: B
New Questions 11
The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center. Which of the following uses of deduplication could be implemented to reduce the backup window?
A. Implement deduplication at the network level between the two locations
B. Implement deduplication on the storage array to reduce the amount of drive space needed
C. Implement deduplication on the server storage to reduce the data backed up
D. Implement deduplication on both the local and remote servers
Answer: B
New Questions 12
Which of the following is considered the MOST effective practice when securing printers or scanners in an enterprise environment?
A. Routine vulnerability scanning of peripherals
B. Install in a hardened network segment
C. Turn off the power to the peripherals at night
D. Enable print sharing only from workstations
Answer: A
New Questions 13
An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application the security updates
are released as often as twice a week. Which of the following would be the BEST method of updating this application?
A. Configure testing and automate patch management for the application
B. Configure security control testing for the application
C. Manually apply updates for application when they are released
D. Configure a sandbox for testing patches before the scheduled monthly update
Answer: C
New Questions 14
A network technician at a company, Joe is working on a network device. He creates a rule to prevent users from connecting to a toy website during the holiday shopping season. This website is blacklisted and is known to have SQL injections and malware. Which of the following has been implemented?
A. Mandatory access
B. Network separation
C. Firewall rules
D. Implicit Deny
Answer: D
New Questions 15
Joe an end user has received a virus detection warning. Which of the following is the first course of action that should be taken?
A. Recovery
B. Reporting
C. Remediation
D. Identification
Answer: B
New Questions 16
A company has had their web application become unavailable several times in the past few months due to increased demand. Which of the following should the company perform to increase availability?
A. Implement a web application firewall to prevent DDoS attacksu2021
B. Configure the firewall to work with the IPS to rate limit customer requests
C. Implement a load balancer to distribute traffic based on back end server utilization
D. Configure the web server to detect race conditions and automatically restart the web services
Answer: C
New Questions 17
A BYOD policy in which employees are able to access the wireless guest network is in effect in an organization. Some users however are using the Ethernet port in personal laptops to the wired network. Which of the following could an administrator use to ensure that unauthorized devices are not allowed to access the wired network?
A. VLAN access rules configured to reject packets originating from unauthorized devices
B. Router access lists configured to block the IP addresses of unauthorized devices
C. Firewall rules configured to block the MAC addresses of unauthorized devices
D. Port security configured shut down the port when unauthorized devices connect
Answer: D
New Questions 18
A company is deploying a new VoIP phone system. They require 99.999% uptime for their phone service and are concerned about their existing data network interfering with the VoIP phone system. The core switches in the existing data network are almost fully saturated. Which of the following options will pro-vide the best performance and availability for both the VoIP traffic, as well as the traffic on the existing data network?
A. Put the VoIP network into a different VLAN than the existing data network.
B. Upgrade the edge switches from 10/100/1000 to improve network speed
C. Physically separate the VoIP phones from the data network
D. Implement flood guards on the data network
Answer: A
New Questions 19
Which of the following attacks is generally initiated from a botnet?
A. Cross site scripting attack
B. HTTP header injection
C. Distributed denial of service
D. A war driving attack
Answer: C
100% Avant-garde CompTIA SY0-401 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/SY0-401-dumps.html (New 1781 Q&As)