SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 161:

    Which of the following should Joe, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from his company?

    A. Privacy Policy
    B. Least Privilege
    C. Acceptable Use
    D. Mandatory Vacations

  • Question 162:

    Which of the following types of trust models is used by a PKI?

    A. Transitive
    B. Open source
    C. Decentralized
    D. Centralized

  • Question 163:

    A security analyst must ensure that the company's web server will not negotiate weak ciphers with connecting web browsers. Which of the following supported list of ciphers MUST the security analyst disable? (Select THREE)

    A. SHA
    B. AES
    C. RIPMED
    D. NULL
    E. DES
    F. MD5
    G. TWOFISH

  • Question 164:

    A security administrator examines a network session to a compromised database server with a packet analyzer. Within the session there is a repeated series of the hex character 90 (x90).

    Which of the following attack types has occurred?

    A. Buffer overflow
    B. Cross-site scripting
    C. XML injection
    D. SQL injection

  • Question 165:

    An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application the security updates are released as often as twice a week. Which of the following would be the BEST method of updating this application?

    A. Configure testing and automate patch management for the application
    B. Configure security control testing for the application
    C. Manually apply updates for application when they are released
    D. Configure a sandbox for testing patches before the scheduled monthly update

  • Question 166:

    A security administrator wants to deploy a physical security control to limit an individual's access into a sensitive area. Which of the following should be implemented?

    A. Guards
    B. CCTV
    C. Bollards
    D. Spike strip

  • Question 167:

    Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).

    A. Disable the USB root hub within the OS.
    B. Install anti-virus software on the USB drives.
    C. Disable USB within the workstations BIOS.
    D. Apply the concept of least privilege to USB devices.
    E. Run spyware detection against all workstations.

  • Question 168:

    Which of the following security concepts can prevent a user from logging on from home during the weekends?

    A. Time of day restrictions
    B. Multifactor authentication
    C. Implicit deny
    D. Common access card

  • Question 169:

    Company XYZ has suffered leaks of internally distributed confidential documents. Ann the network security analyst has been tasked to track down the culprit. She has decided to embed a four letter string of characters in documents containing proprietary information. Which of the following initial steps should Ann implement before sending documents?

    A. Store one of the documents in a honey pot
    B. Start antivirus scan on all the suspected computers
    C. Add a signature to the NIDS containing the four letter string
    D. Ask employees to report suspicious behaviors

  • Question 170:

    Recently clients are stating they can no longer access a secure banking site's webpage. In reviewing the clients' web browser settings, the certificate chain is showing the following:

    Certificate Chain:

    X Digi Cert

    Digi Cert High assurance C3

    *

    banksite.com Certificate Store: Digi Cert ?Others Certificate Store Digi Cert High assurance C3 ?Others Certificate Store Based on the information provided, which of the following is the problem when connecting to the website?

    A. The certificate signature request was invalid
    B. Key escrow is failing for the certificate authority
    C. The certificate authority has revoked the certificate
    D. The clients do not trust the certificate authority

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.