SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 1751:

    Which of the following is a best practice for error and exception handling?

    A. Log detailed exception but display generic error message
    B. Display detailed exception but log generic error message
    C. Log and display detailed error and exception messages
    D. Do not log or display error or exception messages

  • Question 1752:

    Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

    A. PAP, MSCHAPv2
    B. CHAP, PAP
    C. MSCHAPv2, NTLMv2
    D. NTLM, NTLMv2

  • Question 1753:

    In order to enter a high-security datacenter, users are required to speak the password into a voice recognition system. Ann a member if the sales department over hears the password and upon speaks it into the system. The system denies her entry and alerts the security team. Which of the following is the MOST likely reason for her failure to enter the data center?

    A. An authentication factor
    B. Discretionary access
    C. Time of day restrictions
    D. Least privilege restrictions

  • Question 1754:

    An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

    A. it is being caused by the presence of a rogue access point.
    B. it is the beginning of a DDoS attack.
    C. the IDS has been compromised.
    D. the internal DNS tables have been poisoned.

  • Question 1755:

    Joe, a network administrator, is able to manage the backup software console by using his network login credentials. Which of the following authentication services is the MOST likely using?

    A. SAML
    B. LDAP
    C. iSCSI
    D. Two-factor authentication

  • Question 1756:

    In order to prevent and detect fraud, which of the following should be implemented?

    A. Job rotation
    B. Risk analysis
    C. Incident management
    D. Employee evaluations

  • Question 1757:

    An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk?

    A. (Threats X vulnerability X asset value) x controls gap
    B. (Threats X vulnerability X profit) x asset value
    C. Threats X vulnerability X control gap
    D. Threats X vulnerability X asset value

  • Question 1758:

    A security administrator is tackling issues related to authenticating users at a remote site. There have been a large number of security incidents that resulted from either tailgating or impersonation of authorized users with valid credentials. The security administrator has been told to implement multifactor authentication in order to control facility access. To secure access to the remote facility, which of the following could be implemented without increasing the amount of space required at the entrance?

    A. MOTD challenge and PIN pad
    B. Retina scanner and fingerprint reader
    C. Voice recognition and one-time PIN token
    D. One-time PIN token and proximity reader

  • Question 1759:

    A company provides secure wireless Internet access for visitors and vendors working onsite. Some of the vendors using older technology report that they are unable to access the wireless network after entering the correct network information. Which of the following is the MOST likely reason for this issue?

    A. The SSID broadcast is disabled.
    B. The company is using the wrong antenna type.
    C. The MAC filtering is disabled on the access point.
    D. The company is not using strong enough encryption.

  • Question 1760:

    Upper management decides which risk to mitigate based on cost. This is an example of:

    A. Qualitative risk assessment
    B. Business impact analysis
    C. Risk management framework
    D. Quantitative risk assessment

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.