Want to Pass SY0-401 Exam In Next HOURS? Get it now →
May 9, 2018

Get Smart with comptia security+ sy0 401

We provide real sy0 401 practice exam exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA comptia security+ get certified get ahead sy0 401 study guide Exam quickly & easily. The sy0 401 study guide pdf PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA sy0 401 braindump dumps pdf and vce product and material, you can easily pass the sy0 401 practice test exam.

P.S. High value SY0-401 bundle are available on Google Drive, GET MORE: https://drive.google.com/open?id=1siHiDBDsDihbfL-IfduKM7eRtxwHmXbW


New CompTIA SY0-401 Exam Dumps Collection (Question 6 - Question 15)

Q6. Phishing emails frequently take advantage of high-profile catastrophes reported in the news. Which of the following principles BEST describes the weakness being exploited?

A. Intimidation

B. Scarcity

C. Authority

D. Social proof

Answer: D



Q7. An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server. Which of the following will most likely fix the uploading issue for the users?

A. Create an ACL to allow the FTP service write access to user directories

B. Set the Boolean selinux value to allow FTP home directory uploads

C. Reconfigure the ftp daemon to operate without utilizing the PSAV mode

D. Configure the FTP daemon to utilize PAM authentication pass through user permissions

Answer: A



Q8. A system requires administrators to be logged in as the u201crootu201d in order to make administrator changes. Which of the following controls BEST mitigates the risk associated with this scenario?

A. Require that all administrators keep a log book of times and justification for accessing root

B. Encrypt all users home directories using file-level encryption

C. Implement a more restrictive password rotation policy for the shared root account

D. Force administrator to log in with individual accounts and switch to root

E. Add the administrator to the local group

Answer: D



Q9. A security administrator is investigating a recent server breach. The breach occurred as a result of a zero-day attack against a user program running on the server. Which of the following logs should the administrator search for information regarding the breach?

A. Application log

B. Setup log

C. Authentication log

D. System log

Answer: A



Q10. An employee attempts to go to a well-known bank site using the company-standard web browser by correctly typing in the address of the site into the web browser. The employee is directed to a website that looks like the banku2019s site but is not the actual bank site. The employeeu2019s user name and password are subsequently stolen. This is an example of which of the following?

A. Watering hole attack

B. Cross-site scripting

C. DNS poisoning

D. Man-in-the-middle attack

Answer: C



Q11. An administrator would like users to authenticate to the network using only UDP protocols. Which of the following would meet this goal?

A. RADIUS

B. TACACS+

C. Kerberos

D. 802.1x

Answer: A



Q12. Which of the following may be used with a BNC connector?

A. 10GBaseT

B. 1000BaseSX

C. 100BaseFX

D. 10Base2

Answer: D



Q13. An administrator is configuring a new Linux web server where each user account is confined to a cheroot jail. Which of the following describes this type of control?

A. SysV

B. Sandbox

C. Zone

D. Segmentation

Answer: B



Q14. A security director has contracted an outside testing company to evaluate the security of a newly developed application. None of the parameters or internal workings of the application have been provided to the testing company prior to the start of testing. The testing company will be using:

A. Gray box testing

B. Active control testing

C. White box testing

D. Black box testing

Answer: D



Q15. A company is investigating a data compromise where data exfiltration occurred. Prior to the investigation, the supervisor terminates an employee as a result of the suspected data loss. During the investigation, the supervisor is absent for the interview, and little evidence can be provided form the role-based authentication system in use by the company. The situation can be identified for future mitigation as which of the following?

A. Job rotation

B. Log failure

C. Lack of training

D. Insider threat

Answer: B




see more http://www.ubraindumps.com/SY0-401-dumps/

P.S. Easily pass SY0-401 Exam with 2passeasy High value Dumps & pdf vce, Try Free: https://www.2passeasy.com/dumps/SY0-401/ (1781 New Questions)