Want to Pass SY0-401 Exam In Next HOURS? Get it now →
April 19, 2017

A Review Of Practical SY0-401 discount pack

2017 Apr SY0-401 download


For each of the given items, select the appropriate authentication category from the dropdown choices. 

Instructions: When you have completed the simu-lation, please select the Done button to submit. 


Q572. FTP/S uses which of the following TCP ports by default? 

A. 20 and 21 

B. 139 and 445 

C. 443 and 22 

D. 989 and 990 


Explanation: FTPS uses ports 989 and 990. 

Q573. A security administrator must implement a wireless encryption system to secure mobile devices’ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented? 

A. RC4 


C. MD5 




RC4 is popular with wireless and WEP/WPA encryption. It is a streaming cipher that works with key sizes between 40 and 2048 bits, and it is used in SSL and TLS. 

Q574. An advantage of virtualizing servers, databases, and office applications is: 

A. Centralized management. 

B. Providing greater resources to users. 

C. Stronger access control. 

D. Decentralized management. 



Virtualization consists of allowing one set of hardware to host multiple virtual Machines and in the case of software and applications; one host is all that is required. This makes centralized management a better prospect. 

Q575. Which of the following is the LEAST volatile when performing incident response procedures? 

A. Registers 

B. RAID cache 


D. Hard drive 



An example of OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts. Of the options stated in the question the hard drive would be the least volatile. 

Q576. Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO). 






Answer: B,C 


ALE (Annual Loss Expectancy) is equal to the SLE (Single Loss Expectancy) times the annualized rate of occurrence. SLE (Single Loss Expectancy) is equal to asset value (AV) times exposure factor (EF). 

Q577. A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing? 

A. Systems should be restored within six hours and no later than two days after the incident. 

B. Systems should be restored within two days and should remain operational for at least six hours. 

C. Systems should be restored within six hours with a minimum of two days worth of data. 

D. Systems should be restored within two days with a minimum of six hours worth of data. 



The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during the business impact analysis (BIA) creation. 

The recovery point objective (RPO) is similar to RTO, but it defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). As a general rule, the closer the RPO matches the item of the crash, the more expensive it is to obtain. 

Q578. Which of the following network design elements allows for many internal devices to share one public IP address? 







Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses. 

Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address. 

Q579. An attacker used an undocumented and unknown application exploit to gain access to a file server. Which of the following BEST describes this type of attack? 

A. Integer overflow 

B. Cross-site scripting 

C. Zero-day 

D. Session hijacking 

E. XML injection 



The vulnerability is undocumented and unknown. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 

Q580. After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO). 

A. To allow load balancing for cloud support 

B. To allow for business continuity if one provider goes out of business 

C. To eliminate a single point of failure 

D. To allow for a hot site in case of disaster 

E. To improve intranet communication speeds 

Answer: B,C 


A high-speed internet connection to a second data provider could be used to keep an up-to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site. Note: Recovery Time Objective The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation. 

see more free SY0-401 exam dumps