SY0-401 Exam Details

  • Exam Code
    :SY0-401
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1789 Q&As
  • Last Updated
    :Dec 14, 2021

CompTIA SY0-401 Online Questions & Answers

  • Question 61:

    When of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deplyment?

    A. Cloud Computing
    B. Virtualization
    C. Redundancy
    D. Application control

  • Question 62:

    Which of the following application attacks is used against a corporate directory service where there are unknown servers on the network?

    A. Rogue access point
    B. Zero day attack
    C. Packet sniffing
    D. LDAP injection

  • Question 63:

    A user has several random browser windows opening on their computer. Which of the following programs can be installed on his machine to help prevent this from happening?

    A. Antivirus
    B. Pop-up blocker
    C. Spyware blocker
    D. Anti-spam

  • Question 64:

    A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement?

    A. SaaS
    B. MaaS
    C. IaaS
    D. PaaS

  • Question 65:

    A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny remotely working staff access to company systems with a script. Which of the following security controls is the hacker exploiting?

    A. DoS
    B. Account lockout
    C. Password recovery
    D. Password complexity

  • Question 66:

    A major security risk with co-mingling of hosts with different security requirements is:

    A. Security policy violations.
    B. Zombie attacks.
    C. Password compromises.
    D. Privilege creep.

  • Question 67:

    Software developers at a company routinely make changes to production systems they maintain based on code deliveries that are only peer reviewed and are not rigorously tested by the test engineering group. These changes frequently result in a loss of service. Which of the following risk mitigation controls or strategies should be implemented to prevent these adhoc changes from accruing in the future?

    A. Threat modeling
    B. User rights reviews
    C. Change Management
    D. Trust modeling

  • Question 68:

    A security administrator has deployed all laptops with Self Encrypting Drives (SED) and enforces key encryption. Which of the following represents the greatest threat to maintaining data confidentiality with these devices?

    A. Full data access can be obtained by connecting the drive to a SATA or USB adapter bypassing the SED hardware.
    B. A malicious employee can gain the SED encryption keys through software extraction allowing access to other laptops.
    C. If the laptop does not use a Secure Boot BIOS, the SED hardware is not enabled allowing full data access.
    D. Laptops that are placed in a sleep mode allow full data access when powered back on.

  • Question 69:

    Jo an employee reports to the security manager that several files in a research and development folder that only JOE has access to have been improperly modified. The modified data on the files in recent and the modified by account is Joe's. The permissions on the folder have not been changed, and there is no evidence of malware on the server hosting the folder or on Joe's workstation. Several failed login attempts to Joe's account were discovered in the security log of the LDAP server. Given this scenario, which of the following should the security manager implement to prevent this in the future?

    A. Generic account prohibition
    B. Account lockout
    C. Password complexity
    D. User access reviews

  • Question 70:

    A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

    A. SNMP
    B. SNMPv3
    C. ICMP
    D. SSH

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-401 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.