[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (201-225)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

CompTIA 220-901 exam is very popular in CompTIA field, many CompTIA candidates choose this exam to add their credentials. There are many resource online to offering CompTIA 220-901 exam questions, through many good feedbacks, we conclude that Lead2pass can help you pass your test easily with CompTIA 220-901 exam questions. Choose Lead2pass to get your CompTIA 220-901 certification.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 201
Which of the following is an example of a Class C TCP/IP address?

A.    23.54.35.225
B.    127.0.0.0
C.    131.55.30.210
D.    197.27.37.57

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (176-200)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Your worries about 220-901 exam completely no more exist, because Lead2pass is here to serves as a guide to help you pass the exam. Lead2pass offers the latest 220-901 PDF and VCE dumps with the new version VCE player for free download. All the 220-901 exam questions and answers are the latest and cover every aspect of 220-901 exam. It 100% ensures you pass the exam without any doubt.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 176
Which of the following is an advantage of an IPv6 network?

A.    Virtually unlimited number of network addresses
B.    Backwards compatible with all network devices and operating systems
C.    Less security concerns
D.    Higher available speed

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (126-150)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

You can prepare for CompTIA 220-901 exam with little effort because Lead2pass is now at your service to act as a guide to pass CompTIA 220-901 exam. Our CompTIA 220-901 braindumps are rich in variety. We offer CompTIA 220-901 PDF dumps and CompTIA 220-901 VCE. Both are the newest version.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 126
Which of the following helps law enforcement show accountability for evidence as it was gathered?

A.    Drive hashing
B.    Chain of custody
C.    Drive image creation
D.    Court subpoena

Answer: B

QUESTION 127
A SOHO environment utilizes network hardware address filtering to minimize unauthorized use of its network infrastructure. A technician has been asked to install a shared network printer in the environment. Which of the following MUST the technician know in order to add the printer to the environment?

A.    IP address of the printer
B.    MAC address of the printer
C.    Subnet mask of the network
D.    Firmware version of the printer

Answer: B

QUESTION 128
A technician has been asked to install a printer on a Windows XP machine. Through which of the following Control Panel utilities will the technician install the printer?

A.    Printers and Devices
B.    Devices and Printers
C.    Printers and Faxes
D.    Devices

Answer: C
Explanation:
http://wiki.answers.com/Q/In_Windows_XP_how_do_you_open_the_Printers_and_Faxes_window

QUESTION 129
A technician has been asked to install a printer on a Windows 7 machine. Through which of the
following Control Panel utilities will the technician install the printer?

A.    Printers and Devices
B.    Printers
C.    Devices and Printers
D.    Printers and Faxes

Answer: C

QUESTION 130
A technician has been asked to share a laser printer amongst the users in an HR workgroup. The printer will need to be accessed from distances up to 200 feet through no more than one to two, hollow, dry board walls. Which of the following methods should be used?

A.    802.11x
B.    PAN
C.    USB
D.    Infrared (IR)

Answer: A

QUESTION 131
A technician has been asked to identify the unknown network addresses from a series of printers attached to the network via external hardware printer servers. Which of the following will provide the technician with the necessary information?

A.    Performing a device self test print page from each printer
B.    Performing a device print page from each print server
C.    Performing a device factory reset on each print server
D.    Performing a PING of each device address without the FQDN

Answer: B

QUESTION 132
RAID 5 requires a minimum of how many hard drives?

A.    1
B.    2
C.    3
D.    4

Answer: C

QUESTION 133
When installing a floppy drive data cable, it is important for a technician to ensure which of the following? (Select TWO).

A.    Availability of compatible power connectors
B.    Adequate hard drive capacity
C.    Correct CPU clock speeds
D.    Correct Master/Slave jumper settings
E.    Proper orientation of the data cable

Answer: AE

QUESTION 134
A laser multi-function device in an office is able to scan documents, but users are reporting that when they try to make copies they receive an error. Which of the following troubleshooting steps should a technician try FIRST?

A.    Apply a new preventative maintenance kit.
B.    Ensure the MFD is connected and on the network.
C.    Replace all empty ink cartridges in the MFD.
D.    Check the toner level to see if it is low.

Answer: D

QUESTION 135
When installing a laptop at a desk that will be using stationary dual monitors, which of the following ports should be used? (Select TWO).

A.    VGA
B.    IEEE 1394
C.    PCIe
D.    PCMCIA
E.    ExpressPort
F.    HDMI

Answer: AF

QUESTION 136
Which of the following is the maximum throughput of a USB 3.0 connection?

A.    800 Mbps
B.    3 Gbps
C.    4.8 Gbps
D.    10 Gbps

Answer: C

QUESTION 137
Which of the following types of connectors can use a maximum of 8 strands of wires?

A.    RJ-11
B.    RS-232
C.    RJ-45
D.    BNC

Answer: C

QUESTION 138
A system board has six slots for memory chips, aligned in two banks. Which of the following is the optimal memory configuration this board supports?

A.    Multi Mode
B.    Dual Channel
C.    Triple Channel
D.    Single Channel

Answer: C

QUESTION 139
A technician is trying to install a full-size PCI card into a slim line desktop PC. Which of the following would MOST likely be required to facilitate installation?

A.    RAID card
B.    CNR card
C.    Riser card
D.    MCA card

Answer: C

QUESTION 140
Which of the following network cable types has the longest range?

A.    CAT5e
B.    Single-mode fiber
C.    Multi-mode fiber
D.    CAT6

Answer: B

QUESTION 141
A technician is asked to repair a broken Ethernet jack in a conference room. Which of the following tools would the technician use when repairing the wall jack?

A.    Crimper
B.    Toner probe
C.    Punchdown tool
D.    Multimeter

Answer: C

QUESTION 142
A user with a USB printer would like to print from more than one computer. Which of the following features should be used?

A.    File and printer sharing
B.    Internet connection sharing
C.    Enable printer duplexing
D.    USB hub

Answer: A

QUESTION 143
Which of the following is the MAXIMUM number of 10Mb audio files that a user can store on a CD- RW?

A.    50
B.    70
C.    100
D.    120

Answer: B

QUESTION 144
Which of the following connectors provides the capability to pass both analog and digital signals?

A.    VGA
B.    BNC
C.    DVI-I
D.    USB 3.0

Answer: C

QUESTION 145
A service call was opened for a thermal printer that has poor print quality. Which of the following should the technician do FIRST?

A.    Replace the print head with OEM replacement.
B.    Use a cotton swab and alcohol to clean the print head.
C.    Use the printer manufacturer’s cleaning kit to clean the print head.
D.    Use an industry approved cleaning kit to clean the print rollers.
E.    Use the printer manufacturer’s cleaning kit to clean the print rollers.

Answer: C

QUESTION 146
A technician needs to attach a network cable to a wall jack in the conference room. After running the cable through the conduit to the conference room, which of the following tools would BEST be used to connect the cable to the wall jack?

A.    Punchdown
B.    Loopback plug
C.    Multimeter
D.    Crimper

Answer: A

QUESTION 147
Which of the following devices uses MAC tables to allow multiple computers to access a single network connection?

A.    Hub
B.    Firewall
C.    VoIP
D.    Switch

Answer: D

QUESTION 148
Which of the following laser printer components will flip the paper to allow for printing on both sides?

A.    Paper registration assembly
B.    Paper pickup assembly
C.    Duplex assembly
D.    Image transfer belt

Answer: C

QUESTION 149
A printer technician is sent to work on a fuser in a laser printer that is not adhering toner properly to the paper. While onsite Joe, an end user, reports that he has been having frequent paper jams as well. Which of the following would be the BEST course of action to repair the printer?

A.    Install a manufacturer recommended maintenance kit
B.    Install the fuser, replace the toner cartridge, and replace the pickup and separation rollers
C.    Install the fuser and also replace the high voltage power supply
D.    Install the fuser as the paper jams were probably also caused by the defective fuser

Answer: A

QUESTION 150
Which of the following is used to provide secure file storage to network users only?

A.    NAS
B.    IMAP
C.    SAN
D.    SSH

Answer: A
Explanation:
http://searchstorage.techtarget.com/definition/network-attached-storage

More free Lead2pass 220-901 exam new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDb0M0dHJiMS1ZZXM

CompTIA Certification 220-901 certificate are those engaged in IT industry’s dream. You need to choose the professional training by Lead2pass CompTIA 220-901 dumps. Lead2pass will be with you, and to ensure the success wherever you may increase pursuit your career. Let Lead2pass take all your heart, let the dream to reality!

2017 CompTIA 220-901 (All 1346 Q&As) exam dumps (PDF&VCE) from Lead2pass:

https://www.lead2pass.com/220-901.html [100% Exam Pass Guaranteed]

Continue Reading

[Lead2pass New] Lead2pass 220-901 Dumps PDF Free Download (126-150)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Although the Cisco 220-901 dumps are very popular, Lead2pass offers a wide range of Cisco 220-901 exam dumps and will continue to release new study guide to meet the rapidly increasing demand of the IT industry.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 126
Which of the following helps law enforcement show accountability for evidence as it was gathered?

A.    Drive hashing
B.    Chain of custody
C.    Drive image creation
D.    Court subpoena

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (101-125)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Lead2pass has updated the latest version of Cisco 220-901 exam, which is a hot exam of Cisco certification. It is Lead2pass Cisco 220-901 exam dumps that give you confidence to pass this certification exam in first attempt and with maximized score.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 101
Which of the following devices is used to convert initially audible signals into digital signals to provide communication between two endpoints?

A.    Bridge
B.    Fax machine
C.    Repeater
D.    Modem

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (76-100)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

How to 100% pass 220-901 exam? Lead2pass 220-901 dump is unparalleled in quality and is 100% guaranteed to make you pass 220-901 exam. All the 220-901 exam questions are the latest. Here are some free share of Cisco 220-901 dumps.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 76
Which of the following would be the BEST means of securing access to a user’s corporate laptop?

A.    Kensington lock
B.    Enable Trusted Platform Module
C.    Enable SMART in the BIOS
D.    Biometrics

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (51-75)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

The 220-901 braindumps are the latest, authenticated by expert and covering each and every aspect of 220-901 exam. Comparing with others, our exam questions are rich in variety. We offer PDF dumps and 220-901 VCE dumps. Welcome to choose.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 51
A user is trying to print pictures from their camera to a PAN printer. When the user tries to print, the camera states there is no printer paired with the camera. Which of the following is the MOST likely cause?

A.    The camera’s Bluetooth option is not set for discoverable.
B.    Ink needs to be replaced in the printer.
C.    Bluetooth is turned off on the printer.
D.    The camera does not have the printer drivers installed.

Continue Reading

[Lead2pass New] Lead2pass CompTIA 220-901 Exam Dumps Free Download (26-50)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

How to 100% pass 220-901 exam? Lead2pass provides the guaranteed 220-901 exam dumps to boost up your confidence in 220-901 exam. Successful candidates have provided their reviews about our 220-901 dumps. Now Lead2pass supplying the new version of 220-901 VCE and PDF dumps. We ensure our 220-901 exam questions are the most complete and authoritative compared with others’, which will ensure your 220-901 exam pass.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 26
A technician installs a new high-end gaming card into a computer but is not seeing any video. Which of the following power connectors did the technician MOST likely forget to install?

A.    4/8-pin 12v
B.    6/8-pin Molex
C.    20-pin main
D.    24-pin main

Continue Reading

[Lead2pass New] Lead2pass 220-901 Dumps PDF Free Download (1-25)

Lead2pass 2017 August New CompTIA 220-901 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Test your preparation for CompTIA 220-901 with these actual 220-901 new questions below. Exam questions are a sure method to validate one’s preparation for actual certification exam.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/220-901.html

QUESTION 1
Which of the following would likely be the MOST cost-effective media to use for storing 8GB of data?

A.    DVD RW
B.    CD-ROM
C.    Tape backup
D.    DVD+R DL

Continue Reading

[2017 New] Free Share SY0-401 PDF Dumps With Lead2pass Updated Exam Questions (301-325)

2017 August CompTIA Official New Released SY0-401 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

I have already passed CompTIA SY0-401 certification exam today! Scored 989/1000 in Australia. SO MANY new added exam questions which made me headache….. Anyway, I finally passed SY0-401 exam with the help of Lead2pass! 

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/sy0-401.html

QUESTION 301
A company recently experienced data loss when a server crashed due to a midday power outage.
Which of the following should be used to prevent this from occurring again?

A.    Recovery procedures
B.    EMI shielding
C.    Environmental monitoring
D.    Redundancy

Answer: D
Explanation:
Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored.

QUESTION 302
Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?

A.    Hardware load balancing
B.    RAID
C.    A cold site
D.    A host standby

Answer: B
Explanation:
Fault tolerance is the ability of a system to sustain operations in the event of a component failure. Fault-tolerant systems can continue operation even though a critical component, such as a disk drive, has failed. This capability involves overengineering systems by adding redundant components and subsystems. RAID can achieve fault tolerance using software which can be done using the existing hardware and software.

QUESTION 303
After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?

A.    Host based firewall
B.    Initial baseline configurations
C.    Discretionary access control
D.    Patch management system

Answer: D
Explanation:
A patch is an update to a system. Sometimes a patch adds new functionality; in other cases, it corrects a bug in the software. Patch Management can thus be used to fix security problems discovered within the OS thus negating a known OS vulnerability.

QUESTION 304
A security manager requires fencing around the perimeter, and cipher locks on all entrances.
The manager is concerned with which of the following security controls?

A.    Integrity
B.    Availability
C.    Confidentiality
D.    Safety

Answer: D
Explanation:
Fencing is used to increase physical security and safety. Locks are used to keep those who are unauthorized out.

QUESTION 305
A cafe provides laptops for Internet access to their customers. The cafe is located in the center corridor of a busy shopping mall. The company has experienced several laptop thefts from the cafe during peak shopping hours of the day. Corporate has asked that the IT department provide a solution to eliminate laptop theft. Which of the following would provide the IT department with the BEST solution?

A.    Attach cable locks to each laptop
B.    Require each customer to sign an AUP
C.    Install a GPS tracking device onto each laptop
D.    Install security cameras within the perimeter of the caf?

Answer: A
Explanation:
All laptop cases include a built-in security slot in which a cable lock can be inserted to prevent it from easily being removed from the premises.

QUESTION 306
Which of the following malware types may require user interaction, does not hide itself, and is commonly identified by marketing pop-ups based on browsing habits?

A.    Botnet
B.    Rootkit
C.    Adware
D.    Virus

Answer: C
Explanation:
Adware is free software that is supported by advertisements. Common adware programs are toolbars, games and utilities. They are free to use, but require you to watch advertisements as long as the programs are open. Adware typically requires an active Internet connection to run.

QUESTION 307
A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone’s boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?

A.    Zero-day
B.    Trojan
C.    Virus
D.    Rootkit

Answer: C
Explanation:
A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are man-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

QUESTION 308
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?

A.    Backdoor
B.    Spyware
C.    Logic bomb
D.    DDoS
E.    Smurf

Answer: B
Explanation:
Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.

QUESTION 309
Which of the following malware types typically allows an attacker to monitor a user’s computer, is characterized by a drive-by download, and requires no user interaction?

A.    Virus
B.    Logic bomb
C.    Spyware
D.    Adware

Answer: C
Explanation:
Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity.

QUESTION 310
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?

A.    Logic bomb
B.    Worm
C.    Trojan
D.    Adware

Answer: C
Explanation:
In computers, a Trojan is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.

QUESTION 311
During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server?

A.    SPIM
B.    Backdoor
C.    Logic bomb
D.    Rootkit

Answer: D
Explanation:
A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a cracker installs a rootkit on a computer after first obtaining user- level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network.
A rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a “backdoor” into the system for the hacker’s use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. The presence of a rootkit on a network was first documented in the early 1990s. At that time, Sun and Linux operating systems were the primary targets for a hacker looking to install a rootkit. Today, rootkits are available for a number of operating systems, including Windows, and are increasingly difficult to detect on any network.

QUESTION 312
A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an:

A.    Logic bomb.
B.    Backdoor.
C.    Adware application.
D.    Rootkit.

Answer: B
Explanation:
There has been a security breach on a computer system. The security administrator should now check for the existence of a backdoor.
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit. A backdoor in a login system might take the form of a hard coded user and password combination which gives access to the system.
Although the number of backdoors in systems using proprietary software (software whose source code is not publicly available) is not widely credited, they are nevertheless frequently exposed. Programmers have even succeeded in secretly installing large amounts of benign code as Easter eggs in programs, although such cases may involve official forbearance, if not actual permission. Many computer worms, such as Sobig and Mydoom, install a backdoor on the affected computer (generally a PC on broadband running Microsoft Windows and Microsoft Outlook). Such backdoors appear to be installed so that spammers can send junk e-mail from the infected machines. Others, such as the Sony/BMG rootkit distributed silently on millions of music CDs through late 2005, are intended as DRM measures–and, in that case, as data gathering agents, since both surreptitious programs they installed routinely contacted central servers.

QUESTION 313
Two programmers write a new secure application for the human resources department to store personal identifiable information. The programmers make the application available to themselves using an uncommon port along with an ID and password only they know.
This is an example of which of the following?

A.    Root Kit
B.    Spyware
C.    Logic Bomb
D.    Backdoor

Answer: D
Explanation:
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit. A backdoor in a login system might take the form of a hard coded user and password combination which gives access to the system.
Although the number of backdoors in systems using proprietary software (software whose source code is not publicly available) is not widely credited, they are nevertheless frequently exposed. Programmers have even succeeded in secretly installing large amounts of benign code as Easter eggs in programs, although such cases may involve official forbearance, if not actual permission. Many computer worms, such as Sobig and Mydoom, install a backdoor on the affected computer (generally a PC on broadband running Microsoft Windows and Microsoft Outlook). Such backdoors appear to be installed so that spammers can send junk e-mail from the infected machines. Others, such as the Sony/BMG rootkit distributed silently on millions of music CDs through late 2005, are intended as DRM measures–and, in that case, as data gathering agents, since both surreptitious programs they installed routinely contacted central servers.

QUESTION 314
The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”.
The CIO suspects the message may be from a former disgruntled employee planning an attack.
Which of the following should the CIO be concerned with?

A.    Smurf Attack
B.    Trojan
C.    Logic bomb
D.    Virus

Answer: C
Explanation:
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool’s Day. Trojans that activate on certain dates are often called “time bombs”. To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software.
As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

QUESTION 315
Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example of? (Select TWO).

A.    Rootkit
B.    Logic Bomb
C.    Botnet
D.    Backdoor
E.    Spyware

Answer: BD
Explanation:
This is an example of both a logic bomb and a backdoor. The logic bomb is configured to `go off’ or activate one week after her account has been disabled. The reactivated account will provide a backdoor into the system.
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool’s Day. Trojans that activate on certain dates are often called “time bombs”. To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software.
As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit. A backdoor in a login system might take the form of a hard coded user and password combination which gives access to the system.

QUESTION 316
Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?

A.    Rootkit
B.    Logic bomb
C.    Worm
D.    Botnet

Answer: B
Explanation:
This is an example of a logic bomb. The logic bomb is configured to `go off’ or when Jane has left the company.
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool’s Day. Trojans that activate on certain dates are often called “time bombs”. To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

QUESTION 317
Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware?

A.    Viruses are a subset of botnets which are used as part of SYN attacks.
B.    Botnets are a subset of malware which are used as part of DDoS attacks.
C.    Viruses are a class of malware which create hidden openings within an OS.
D.    Botnets are used within DR to ensure network uptime and viruses are not.

Answer: B
Explanation:
A botnet is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks. This can be as mundane as keeping control of an Internet Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The word botnet is a combination of the words robot and network. The term is usually used with a negative or malicious connotation.
Computers can be co-opted into a botnet when they execute malicious software. This can be accomplished by luring users into making a drive-by download, exploiting web browser vulnerabilities, or by tricking the user into running a Trojan horse program, which may come from an email attachment. This malware will typically install modules that allow the computer to be commanded and controlled by the botnet’s operator. Many computer users are unaware that their computer is infected with bots. Depending on how it is written, a Trojan may then delete itself, or may remain present to update and maintain the modules.

QUESTION 318
A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted. Which of the following types of malware is on Ann’s workstation?

A.    Trojan
B.    Spyware
C.    Adware
D.    Ransomware

Answer: D
Explanation:
Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. Some forms of ransomware encrypt files on the system’s hard drive), while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan like a conventional computer worm, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program will then run a payload: such as one that will begin to encrypt personal files on the hard drive. More sophisticated ransomware may hybrid-encrypt the victim’s plaintext with a random symmetric key and a fixed public key. The malware author is the only party that knows the needed private decryption key. Some ransomware payloads do not use encryption. In these cases, the payload is simply an application designed to restrict interaction with the system, typically by setting the Windows Shell to itself, or even modifying the master boot record and/or partition table (which prevents the operating system from booting at all until it is repaired)
Ransomware payloads utilize elements of scareware to extort money from the system’s user. The payload may, for example, display notices purportedly issued by companies or law enforcement agencies which falsely claim that the system had been used for illegal activities, or contains illegal content such as pornography and pirated software or media. Some ransomware payloads imitate Windows’ product activation notices, falsely claiming that their computer’s Windows installation is counterfeit or requires re-activation. These tactics coax the user into paying the malware’s author to remove the ransomware, either by supplying a program which can decrypt the files, or by sending an unlock code that undoes the changes the payload has made.

QUESTION 319
Which of the following describes a type of malware which is difficult to reverse engineer in a virtual lab?

A.    Armored virus
B.    Polymorphic malware
C.    Logic bomb
D.    Rootkit

Answer: A
Explanation:
An armored virus is a type of virus that has been designed to thwart attempts by analysts from examining its code by using various methods to make tracing, disassembling and reverse engineering more difficult. An Armored Virus may also protect itself from antivirus programs, making it more difficult to trace. To do this, the Armored Virus attempts to trick the antivirus program into believing its location is somewhere other than where it really is on the system.

QUESTION 320
Hotspot Question
Select the appropriate attack from each drop down list to label the corresponding illustrated attack
Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:
http://searchsecurity.techtarget.com/definition/spear-phishing http://www.webopedia.com/TERM/V/vishing.html
http://www.webopedia.com/TERM/P/phishing.html
http://www.webopedia.com/TERM/P/pharming.html

QUESTION 321
Drag and Drop Question
Task: Determine the types of attacks below by selecting an option from the dropdown list.

Answer:

Explanation:
A: Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Phishing email will direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the user enters on the page.

B: Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as “reeling in a big fish,” applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats.

C: Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit.

D: SPIM is a term sometimes used to refer to spam over IM (Instant Messaging). It’s also called just spam, instant spam, or IM marketing. No matter what the name, it consists of unwanted messages transmitted through some form of instant messaging service, which can include Short Message Service (SMS).

E: Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter. A social engineer runs what used to be called a “con game.” For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network’s security. Social engineers often rely on the natural helpfulness of people as well as on their weaknesses. They might, for example, call the authorized employee with some kind of urgent problem that requires immediate network access. Appealing to vanity, appealing to authority, appealing to greed, and old-fashioned eavesdropping are other typical social engineering techniques.

http://www.webopedia.com/TERM/P/phishing.html
http://www.techopedia.com/definition/28643/whaling
http://www.webopedia.com/TERM/V/vishing.html
http://searchsecurity.techtarget.com/definition/social-engineering

QUESTION 322
A server with the IP address of 10.10.2.4 has been having intermittent connection issues.
The logs show repeated connection attempts from the following IPs:

10.10.3.16
10.10.3.23
212.178.24.26
217.24.94.83

These attempts are overloading the server to the point that it cannot respond to traffic.
Which of the following attacks is occurring?

A.    XSS
B.    DDoS
C.    DoS
D.    Xmas

Answer: B
Explanation:
A Distributed Denial of Service (DDoS) attack is an attack from several different computers targeting a single computer.
One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time.
Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.

QUESTION 323
A distributed denial of service attack can BEST be described as:

A.    Invalid characters being entered into a field in a database application.
B.    Users attempting to input random or invalid data into fields within a web browser application.
C.    Multiple computers attacking a single target in an organized attempt to deplete its resources.
D.    Multiple attackers attempting to gain elevated privileges on a target system.

Answer: C
Explanation:
A Distributed Denial of Service (DDoS) attack is an attack from several different computers targeting a single computer.
One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time.
Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.

QUESTION 324
An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

A.    it is being caused by the presence of a rogue access point.
B.    it is the beginning of a DDoS attack.
C.    the IDS has been compromised.
D.    the internal DNS tables have been poisoned.

Answer: B
Explanation:
A Distributed Denial of Service (DDoS) attack is an attack from several different computers targeting a single computer.
One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time.
Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.

QUESTION 325
A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches.
Which of the following will BEST mitigate the risk if implemented on the switches?

A.    Spanning tree
B.    Flood guards
C.    Access control lists
D.    Syn flood

Answer: A
Explanation:
Spanning Tree is designed to eliminate network `loops’ from incorrect cabling between switches. Imagine two switches named switch 1 and switch 2 with two network cables connecting the switches. This would cause a network loop. A network loop between two switches can cause a `broadcast storm’ where a broadcast packet is sent out of all ports on switch 1 which includes two links to switch 2. The broadcast packet is then sent out of all ports on switch 2 which includes links back to switch 1. The broadcast packet will be sent out of all ports on switch 1 again which includes two links to switch 2 and so on thus flooding the network with broadcast traffic. The Spanning-Tree Protocol (STP) was created to overcome the problems of transparent bridging in redundant networks. The purpose of STP is to avoid and eliminate loops in the network by negotiating a loop-free path through a root bridge. This is done by determining where there are loops in the network and blocking links that are redundant. Spanning-Tree Protocol executes an algorithm called the Spanning-Tree Algorithm (STA). In order to find redundant links, STA will choose a reference point called a Root Bridge, and then determines all the available paths to that reference point. If it finds a redundant path, it chooses for the best path to forward and for all other redundant paths to block. This effectively severs the redundant links within the network.
All switches participating in STP gather information on other switches in the network through an exchange of data messages. These messages are referred to as Bridge Protocol Data Units (BPDUs). The exchange of BPDUs in a switched environment will result in the election of a root switch for the stable spanning-tree network topology, election of designated switch for every switched segment, and the removal of loops in the switched network by placing redundant switch ports in a backup state.

Lead2pass SY0-401 PDF dumps is perfect! Totally! Thanks so much!

SY0-401 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDVzFZWExUbFM0YU0

2017 CompTIA SY0-401 exam dumps (All 1868 Q&As) from Lead2pass:

https://www.lead2pass.com/sy0-401.html [100% Exam Pass Guaranteed]

Continue Reading