SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 1761:

    A security technician wants to implement stringent security controls over web traffic by restricting the client source TCP ports allowed through the corporate firewall. Which of the following should the technician implement?

    A. Deny port 80 and 443 but allow proxies
    B. Only allow port 80 and 443
    C. Only allow ports above 1024
    D. Deny ports 80 and allow port 443

  • Question 1762:

    Ann, a security administrator, has been tasked by the Chief information officer (CIO) to have the company's application servers tested using black box methodology. Which of the following BEST describes what Ann has been asked to do?

    A. Verify the server's patch level and attempt various known exploits that might be possible due to missing security updates.
    B. Simulate an external attack where the attackers have been provided with user access privileges on the server.
    C. Organize the application developers to attempt to compromise their servers by entering invalid data into their entry fields.
    D. Simulate an external attack where the attackers have no information regarding the software or systems in place.

  • Question 1763:

    A developer needs to utilize AES encryption in an application but requires the speed of encryption and decryption to be as fast as possible. The data that will be secured is not sensitive so speed is valued over encryption complexity. Which of the following would BEST satisfy these requirements?

    A. AES with output feedback
    B. AES with cipher feedback
    C. AES with cipher block chaining
    D. AES with counter mode

  • Question 1764:

    Which of the following is the summary of loss for a given year?

    A. MTBF
    B. ALE
    C. SLA
    D. ARO

  • Question 1765:

    The security team would like to gather intelligence about the types of attacks being launched against the organization. Which of the following would provide them with the MOST information?

    A. Implement a honeynet
    B. Perform a penetration test
    C. Examine firewall logs
    D. Deploy an IDS

  • Question 1766:

    A network engineer is configuring a VPN tunnel connecting a company's network to a business partner. Which of the following protocols should be used for key exchange?

    A. SHA-1
    B. RC4
    C. Blowfish
    D. Diffie-Hellman

  • Question 1767:

    An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

    A. Transitive trust
    B. Symmetric encryption
    C. Two-factor authentication
    D. Digital signatures
    E. One-time passwords

  • Question 1768:

    While performing surveillance activities an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the identified network security controls?

    A. MAC spoofing
    B. Pharming
    C. Xmas attack
    D. ARP poisoning

  • Question 1769:

    After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?

    A. Fencing
    B. Proximity readers
    C. Video surveillance
    D. Bollards

  • Question 1770:

    Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company's network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement?

    A. line vty 0 6 P@s5W0Rd password line vty 7 Qwer++!Y password
    B. line console 0 password password line vty 0 4 password P@s5W0Rd
    C. line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd
    D. line vty 0 3 password Qwer++!Y line console 0 password P@s5W0Rd

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.