Want to Pass SY0-401 Exam In Next HOURS? Get it now →
May 16, 2018

The Secret of sy0 401 practice test

Proper study guides for Up to the immediate present CompTIA CompTIA Security+ Certification certified begins with CompTIA sy0 401 practice test preparation products which designed to deliver the High quality security+ sy0 401 questions by making you pass the comptia sy0 401 test at your first time. Try the free sy0 401 pdf demo right now.

P.S. High quality SY0-401 tutorials are available on Google Drive, GET MORE: https://drive.google.com/open?id=1YcI_9LpcT9E9qoVydyPqx1o7WTiqZhAb

New CompTIA SY0-401 Exam Dumps Collection (Question 11 - Question 20)

Q1. The Chief Security Officer (CSO) for a datacenter in a hostile environment is concerned about protecting the facility from car bomb attacks. Which of the following BEST would protect the building from this threat? (Select two.)

A. Dogs

B. Fencing


D. Guards

E. Bollards

F. Lighting

Answer: B,E

Q2. A user tries to visit a web site with a revoked certificate. In the background a server from the certificate authority only sends the browser revocation information about the domain the user is visiting. Which of the following is being used by the certificate authority in this exchange?


B. Key escrow



Answer: D

Q3. A company needs to provide web-based access to shared data sets to mobile users, while maintaining a standardized set of security controls. Which of the following technologies is the MOST appropriate storage?

A. Encrypted external hard drives

B. Cloud storage

C. Encrypted mobile devices

D. Storage Area Network

Answer: B

Q4. Company XYZ has decided to make use of a cloud-based service that requires mutual, certificate-based authentication with its users. The company uses SSL-inspecting IDS at its network boundary and is concerned about the confidentiality of the mutual authentication. Which of the following model prevents the IDS from capturing credentials used to authenticate users to the new service or keys to decrypt that communication?

A. Use of OATH between the user and the service and attestation from the company domain

B. Use of active directory federation between the company and the cloud-based service

C. Use of smartcards that store x.509 keys, signed by a global CA

D. Use of a third-party, SAML-based authentication service for attestation

Answer: B

Q5. After a few users report problems with the wireless network, a system administrator notices that a new wireless access point has been powered up in the cafeteria. The access point has the same SSID as the corporate network and is set to the same channel as nearby access points. However, the AP has not been connected to the Ethernet network. Which of the following is the MOST likely cause of the useru2019s wireless problems?

A. AP channel bonding

B. An evil twin attack

C. Wireless interference

D. A rogue access point

Answer: B

Q6. Ann is traveling for business and is attempting to use the hotelu2019s wireless network to check for new messages. She selects the hotelu2019s wireless SSID from a list of networks and successfully connects. After opening her email client and waiting a few minutes, the connection times out. Which of the following should Ann do to retrieve her email messages?

A. Change the authentication method for her laptopu2019s wireless card from WEP to WPA2

B. Open a web browser and authenticate using the captive portal for the hotelu2019s wireless network

C. Contact the front desk and have the MAC address of her laptop added to the MAC filter on the hotelu2019s wireless network

D. Change the incoming email protocol from IMAP to POP3

Answer: B

Q7. Company XYZ has suffered leaks of internally distributed confidential documents. Ann the network security analyst has been tasked to track down the culprit. She has decided to embed a four letter string of characters in documents containing proprietary information. Which of the following initial steps should Ann implement before sending documents?

A. Store one of the documents in a honey pot

B. Start antivirus scan on all the suspected computers

C. Add a signature to the NIDS containing the four letter string

D. Ask employees to report suspicious behaviors

Answer: C

Q8. During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall. Which of the following will the audit team most l likely recommend during the audit out brief?

A. Discretionary access control for the firewall team

B. Separation of duties policy for the firewall team

C. Least privilege for the firewall team

D. Mandatory access control for the firewall team

Answer: B

Q9. A router was shut down as a result of a DoS attack. Upon review of the router logs, it was determined that the attacker was able to connect to the router using a console cable to complete the attack. Which of the following should have been implemented on the router to

prevent this attack? (Select two)

A. IP ACLs should have been enabled on the console port on the router

B. Console access to the router should have been disabled

C. Passwords should have been enabled on the virtual terminal interfaces on the router

D. Virtual terminal access to the router should have been disabled

E. Physical access to the router should have been restricted

Answer: B,E

Q10. Which of the following is a black box testing methodology?

A. Code, function, and statement coverage review

B. Architecture and design review

C. Application hardening

D. Penetration testing

Answer: A

see more http://www.ubraindumps.com/SY0-401-dumps/

P.S. Easily pass SY0-401 Exam with Examcollectionplus High quality Dumps & pdf vce, Try Free: https://www.examcollectionplus.net/vce-SY0-401/ (1781 New Questions)