Get real exam questions for SY0-401 CompTIA Security+ Certification. 100% Free.
P.S. Refined SY0-401 braindumps are available on Google Drive, GET MORE: https://drive.google.com/open?id=1cWWp1M23MZ78HxR1-dlnysc_UeU-F4G1New CompTIA SY0-401 Exam Dumps Collection (Question 4 - Question 13)New Questions 4Which of the following protocols encapsulates an IP packet with an additional IP header?A. SFTPB. IPSecC. HTTPSD. SSLView AnswerAnswer: BExplanation:Authentication Header (AH) i
P.S. Pinpoint SY0-401 practice exam are available on Google Drive, GET MORE: https://drive.google.com/open?id=1-cGZus8ct-Srv-6oYT2mo7R9fIxOVla2New CompTIA SY0-401 Exam Dumps Collection (Question 11 - Question 20)Q1. During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?A. Conditional rules under which certa
Q1. A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating? A. Succession plan B. Continuity of operation plan C. Disaster recovery plan D. Business impact analysis View
Q1. Which of the following BEST describes a protective countermeasure for SQL injection? A. Eliminating cross-site scripting vulnerabilities B. Installing an IDS to monitor network traffic C. Validating user input in web applications D. Placing a firewall between the Internet and database servers View AnswerAnswer: C Explanation: By validating user input and preventing special characters,
Q1. An overseas branch office within a company has many more technical and non-technical security incidents than other parts of the company. Which of the following management controls should be introduced to the branch office to improve their state of security? A. Initial baseline configuration snapshots B. Firewall, IPS and network segmentation C. Event log analysis and incident response D.
Q1. Which of the following is the BEST approach to perform risk mitigation of user access control rights? A. Conduct surveys and rank the results. B. Perform routine user permission reviews. C. Implement periodic vulnerability scanning. D. Disable user accounts that have not been used within the last two weeks. View AnswerAnswer: B Explanation: Risk mitigation is accomplished any time you
Q1. A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers? A. Passive scanning B. Banner grabbing C. Protocol analysis D. Penetration testing View AnswerAnswer: B Ex
Q1. Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. Which of the following should Sara do to address the risk? A. Accept the risk saving $10,000. B. Igno
Q1. Which of the following risk concepts requires an organization to determine the number of failures per year? A. SLE B. ALE C. MTBF D. Quantitative analysis View AnswerAnswer: B Explanation: ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year. Q2. Ann, a security administrator, wishes to replace their RADIUS authentication wi
Q1. Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network? A. Cross-platform compatibility issues between personal devices and server-based applications B. Lack of controls in place to ensure that the devices have the latest system patches and signature files C. Non-corporate devices are more difficult to locat
Q1. Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise: A. user accounts may be inadvertently locked out. B. data on the USB drive could be corrupted. C. data on the hard drive will be vulnerable to log analysis. D. the security controls on the USB drive can be bypassed. View AnswerAnswer: D Explanation: A common access mechanism to data on encr
Q1. Which of the following solutions provides the most flexibility when testing new security controls prior to implementation? A. Trusted OS B. Host software baselining C. OS hardening D. Virtualization View AnswerAnswer: D Explanation: Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultan
Q1. A security administrator is tasked with ensuring that all devices have updated virus definition files before they are allowed to access network resources. Which of the following technologies would be used to accomplish this goal? A. NIDS B. NAC C. DLP D. DMZ E. Port Security View AnswerAnswer: B Explanation: Q2. An investigator recently discovered that an attacker placed a remotely
Q1. An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network? A. Configure each port on the switches to use the same VLAN other than the defau
Q1. When considering a vendor-specific vulnerability in critical industrial control systems which of the following techniques supports availability? A. Deploying identical application firewalls at the border B. Incorporating diversity into redundant design C. Enforcing application white lists on the support workstations D. Ensuring the systems’ anti-virus definitions are up-to-date View An
Q1. Which of the following must a user implement if they want to send a secret message to a coworker by embedding it within an image? A. Transport encryption B. Steganography C. Hashing D. Digital signature View AnswerAnswer: B Explanation: Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steg
Q1. A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend? A. CHAP B. TOTP C. HOTP D. PAP View AnswerAnswer: B Explanation: Time-based one-time password (TOTP) tokens are devices or application
Q1. Several bins are located throughout a building for secure disposal of sensitive information. Which of the following does this prevent? A. Dumpster diving B. War driving C. Tailgating D. War chalking View AnswerAnswer: A Explanation: The bins in this question will be secure bins designed to prevent someone accessing the ‘rubbish’ to learn sensitive information. Dumpster diving is
Q1. The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO). A. Fire- or water-proof safe. B. Department door locks. C. Proximity card. D. 24-hour security guard. E. Locking cabinets and drawers. View AnswerAnswer: A,E Explanation: Using a safe and locking cabinets to protect b
Q1. A company has just deployed a centralized event log storage system. Which of the following can be used to ensure the integrity of the logs after they are collected? A. Write-once drives B. Database encryption C. Continuous monitoring D. Role-based access controls View AnswerAnswer: A Explanation: Q2. A security administrator has just finished creating a hot site for the company. This