SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 1721:

    Some customers have reported receiving an untrusted certificate warning when visiting the company's website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?

    A. The intermediate CA certificates were not installed on the server.
    B. The certificate is not the correct type for a virtual server.
    C. The encryption key used in the certificate is too short.
    D. The client's browser is trying to negotiate SSL instead of TLS.

  • Question 1722:

    Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?

    A. Bollards
    B. Video surveillance
    C. Proximity readers
    D. Fencing

  • Question 1723:

    An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?

    A. Integer overflow attack
    B. Smurf attack
    C. Replay attack
    D. Buffer overflow attack
    E. Cross-site scripting attack

  • Question 1724:

    Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?

    A. Network based firewall
    B. Anti-spam software
    C. Host based firewall
    D. Anti-spyware software

  • Question 1725:

    Which of the following BEST describes a SQL Injection attack?

    A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.
    B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.
    C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.
    D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.

  • Question 1726:

    An administrator uses a server with a trusted OS and is configuring an application to go into production tomorrow, In order to make a new application work properly, the administrator creates a new policy that labels the application and assigns it a security context within the trusted OS. Which of the following control methods is the administrator using by configuring this policy?

    A. Time based access control
    B. Mandatory access control
    C. Role based access control
    D. Rule based access control

  • Question 1727:

    Which of the following explains the difference between a public key and a private key?

    A. The public key is only used by the client while the private key is available to all. Both keys are mathematically related.
    B. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related.
    C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.
    D. The private key is only used by the client and kept secret while the public key is available to all.

  • Question 1728:

    A company is looking to improve their security posture by addressing risks uncovered by a recent penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day basis?

    A. Insufficient encryption methods
    B. Large scale natural disasters
    C. Corporate espionage
    D. Lack of antivirus software

  • Question 1729:

    Which of the following is the MOST likely cause of users being unable to verify a single user's email signature and that user being unable to decrypt sent messages?

    A. Unmatched key pairs
    B. Corrupt key escrow
    C. Weak public key
    D. Weak private key

  • Question 1730:

    Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time.

    Which of the following does this illustrate?

    A. System image capture
    B. Record time offset
    C. Order of volatility
    D. Chain of custody

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.