Here you have the best CompTIA SY0-401 practice exam questions
Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?
Port Address Translation (PAT) is the correct configuration. PAT, also known as NAT Overload, allows multiple devices on a local network to be mapped to a single public IP address using different port numbers. This technique is used to conserve public IP addresses and is ideal for scenarios where many internal devices need to communicate with external networks using a single public IP address.
The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC companys security administrator is unable to determine the origin of the attack?
ABC company uses Port Address Translation (PAT), which allows multiple devices on a local network to be mapped to a single public IP address but with a different port number for each session. The log entries show the same IP address but different port numbers, implying PAT is in use. This makes it difficult for the security administrator to determine the exact origin of the attacks within the company's internal network, as the external logs only furnish the translated IP address and ports without revealing the specific internal devices involved.
Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?
IP tables are a user-space utility tool in Linux that enables system administrators to configure the IP packet filter rules of the Linux kernel firewall. Through IP tables, a Linux-based computer can inspect, filter, and modify network traffic, effectively functioning as a firewall. While sniffers and switches have different roles related to packet monitoring and network segment interconnection respectively, and routers manage traffic between separate networks, the primary purpose of IP tables is aligned with firewall functionality.
Which of the following is the best practice when securing a switch from physical access?
Disabling unused ports is a best practice when securing a switch from physical access because it prevents unauthorized devices from connecting to the network through an unused port. This limits the opportunity for unauthorized physical connections that could compromise network security. By ensuring that only active and necessary ports are enabled, you minimize the risk of unauthorized access through physical means.
Pete, the system administrator, wishes to monitor and limit users access to external websites.
Which of the following would BEST address this?
Installing a proxy server would best address the need to monitor and limit users' access to external websites. A proxy server can control and filter web traffic, ensuring that users only access permitted sites while blocking known malicious or restricted sites. Furthermore, proxy servers can provide logging and reporting features essential for monitoring user activity.