SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 311:

    During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?

    A. Credential management
    B. Group policy management
    C. Acceptable use policy
    D. Account expiration policy

  • Question 312:

    Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?

    A. Penetration test
    B. Code review
    C. Vulnerability scan
    D. Brute Force scan

  • Question 313:

    While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as "unknown" and does not appear to be within the bounds of the organizations Acceptable Use Policy. Which of the following tool or technology would work BEST for obtaining more information on this traffic?

    A. Firewall logs
    B. IDS logs
    C. Increased spam filtering
    D. Protocol analyzer

  • Question 314:

    Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?

    A. WAF
    B. NIDS
    C. Routers
    D. Switches

  • Question 315:

    When viewing IPS logs the administrator see systems all over the world scanning the network for servers with port 22 open. The administrator concludes that this traffic is a(N):

    A. Risk
    B. Vulnerability
    C. Exploit
    D. Threat

  • Question 316:

    After an audit, it was discovered that the security group memberships were not properly adjusted for employees' accounts when they moved from one role to another. Which of the following has the organization failed to properly implement? (Select TWO).

    A. Mandatory access control enforcement.
    B. User rights and permission reviews.
    C. Technical controls over account management.
    D. Account termination procedures.
    E. Management controls over account management.
    F. Incident management and response plan.

  • Question 317:

    An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process?

    A. Employee is required to share their password with authorized staff prior to leaving the firm
    B. Passwords are stored in a reversible form so that they can be recovered when needed
    C. Authorized employees have the ability to reset passwords so that the data is accessible
    D. All employee data is exported and imported by the employee prior to them leaving the firm

  • Question 318:

    Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

    A. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.
    B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.
    C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.
    D. MOUs between two companies working together cannot be held to the same legal standards as SLAs.

  • Question 319:

    Which of the following access controls enforces permissions based on data labeling at specific levels?

    A. Mandatory access control
    B. Separation of duties access control
    C. Discretionary access control
    D. Role based access control

  • Question 320:

    An attacker unplugs the access point at a coffee shop. The attacker then runs software to make a laptop look like an access point and advertises the same network as the coffee shop normally does. Which of the following describes this type of attack?

    A. IV
    B. Xmas
    C. Packet sniffing
    D. Evil twin
    E. Rouge AP

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.