QUESTION 111
Human Resources suspects an employee is accessing the employee salary database. The administrator is asked to find out who it is. In order to complete this task, which of the following is a security control that should be in place?
A. Shared accounts should be prohibited.
B. Account lockout should be enabled
C. Privileges should be assigned to groups rather than individuals
D. Time of day restrictions should be in use
Answer: A
QUESTION 112
An administrator finds that non-production servers are being frequently compromised, production servers are rebooting at unplanned times and kernel versions are several releases behind the version with all current security fixes. Which of the following should the administrator implement?
A. Snapshots
B. Sandboxing
C. Patch management
D. Intrusion detection system
Answer: C
QUESTION 113
An auditor’s report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors’ accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding?
A. Disable unnecessary contractor accounts and inform the auditor of the update.
B. Reset contractor accounts and inform the auditor of the update.
C. Inform the auditor that the accounts belong to the contractors.
D. Delete contractor accounts and inform the auditor of the update.
Answer: A
QUESTION 114
Ann, the security administrator, wishes to implement multifactor security. Which of the following should be implemented in order to compliment password usage and smart cards?
A. Hard tokens
B. Fingerprint readers
C. Swipe badge readers
D. Passphrases
Answer: B
QUESTION 115
Customers’ credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?
A. Application firewalls
B. Manual updates
C. Firmware version control
D. Encrypted TCP wrappers
Answer: D
QUESTION 116
A new intern was assigned to the system engineering department, which consists of the system architect and system software developer’s teams. These two teams have separate privileges. The intern requires privileges to view the system architectural drawings and comment on some software development projects. Which of the following methods should the system administrator implement?
A. Group based privileges
B. Generic account prohibition
C. User access review
D. Credential management
Answer: A
QUESTION 117
One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?
A. Mandatory access
B. Rule-based access control
C. Least privilege
D. Job rotation
Answer: C
QUESTION 118
A small business needs to incorporate fault tolerance into their infrastructure to increase data availability. Which of the following options would be the BEST solution at a minimal cost?
A. Clustering
B. Mirrored server
C. RAID
D. Tape backup
Answer: C
QUESTION 119
A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees.
Which of the following is the BEST approach for implementation of the new application on the virtual server?
A. Take a snapshot of the virtual server after installing the new application and store the snapshot in
a secure location.
B. Generate a baseline report detailing all installed applications on the virtualized server after installing
the new application.
C. Take a snapshot of the virtual server before installing the new application and store the snapshot in
a secure location.
D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing
the new application.
Answer: C
QUESTION 120
Ann wants to send a file to Joe using PKI. Which of the following should Ann use in order to sign the file?
A. Joe’s public key
B. Joe’s private key
C. Ann’s public key
D. Ann’s private key
Answer: D
If you want to pass CompTIA SY0-401 successfully, donot missing to read latest lead2pass CompTIA SY0-401 practice tests.
If you can master all lead2pass questions you will able to pass 100% guaranteed.