[Up to the minute] security+ sy0-401


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.certleader.com/SY0-401-dumps.html


SY0-401 Product Description:
Exam Number/Code: SY0-401 vce
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA SY0-401 CompTIA Security+ Certification

SY0-401 examcollection

Pinpoint of SY0-401 exam topics materials and braindumps for CompTIA certification for IT candidates, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2016 May SY0-401 Study Guide Questions:

Q271. After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings? 

A. IV attack 

B. War dialing 

C. Rogue access points 

D. War chalking 

Answer: D 

Explanation: 

War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. 


Q272. Which of the following can be utilized in order to provide temporary IT support during a disaster, where the organization sets aside funds for contingencies, but does not necessarily have a dedicated site to restore those services? 

A. Hot site 

B. Warm site 

C. Cold site 

D. Mobile site 

Answer: D 

Explanation: 

Not having a dedicated site means that the mobile site can fill the role of either being a hot, warm or cold site as a disaster recovery measure. 


Q273. Which of the following offers the LEAST secure encryption capabilities? 

A. TwoFish 

B. PAP 

C. NTLM 

D. CHAP 

Answer: B 

Explanation: 

PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP. 


SY0-401  exam topics

Update comptia security+ certification practice exams second edition (exam sy0-401):

Q274. A financial company requires a new private network link with a business partner to cater for realtime and batched data flows. 

Which of the following activities should be performed by the IT security staff member prior to establishing the link? 

A. Baseline reporting 

B. Design review 

C. Code review 

D. SLA reporting 

Answer: B 

Explanation: 

This question is asking about a new private network link (a VPN) with a business partner. This will 

provide access to the local network from the business partner. 

When implementing a VPN, an important step is the design of the VPN. The VPN should be 

designed to ensure that the security of the network and local systems is not compromised. 

The design review assessment examines the ports and protocols used, the rules, segmentation, 

and access control in the systems or applications. A design review is basically a check to ensure 

that the design of the system meets the security requirements. 


Q275. A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download? 

A. Backdoor 

B. Spyware 

C. Logic bomb 

D. DDoS 

E. Smurf 

Answer: B 

Explanation: Explanation Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. 


Q276. Joe, the security administrator, has determined that one of his web servers is under attack. Which of the following can help determine where the attack originated from? 

A. Capture system image 

B. Record time offset 

C. Screenshots 

D. Network sniffing 

Answer: D 

Explanation: 

Network sniffing is the process of capturing and analyzing the packets sent between systems on 

the network. A network sniffer is also known as a Protocol Analyzer. 

A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. Capturing and analyzing the 

packets sent to the web server will help determine the source IP address of the system sending 

the packets. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 


certleader.com

Simulation comptia security+ pdf sy0-401:

Q277. The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture. 

Which of the following risk mitigation strategies is MOST important to the security manager? 

A. User permissions 

B. Policy enforcement 

C. Routine audits 

D. Change management 

Answer: C 

Explanation: 

After you have implemented security controls based on risk, you must perform routine audits. These audits should include reviews of user rights and permissions as well as specific events. You should pay particular attention to false positives and negatives. 


Q278. A security administrator wants to test the reliability of an application which accepts user provided parameters. The administrator is concerned with data integrity and availability. Which of the following should be implemented to accomplish this task? 

A. Secure coding 

B. Fuzzing 

C. Exception handling 

D. Input validation 

Answer: B 

Explanation: 

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. 


Q279. Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company? 

A. Privacy Policy 

B. Least Privilege 

C. Acceptable Use 

D. Mandatory Vacations 

Answer: D 

Explanation: 

A mandatory vacation policy requires all users to take time away from work to refresh. But not only does mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels as well as an opportunity to discover fraud. 


Q280. Which of the following tools will allow a technician to detect security-related TCP connection anomalies? 

A. Logical token 

B. Performance monitor 

C. Public key infrastructure 

D. Trusted platform module 

Answer: B 

Explanation: 

Performance Monitor in a Windows system can monitor many different ‘counters’. For TCP network connections, you can monitor specific TCP related counters including the following: Connection Failures Connections Active Connections Established Connections Passive Connections Reset Segments Received/sec Segments Retransmitted/sec Segments Sent/sec Total Segments/sec 

By monitoring the counters listed above, you will be able to detect security-related TCP connection anomalies. 



see more CompTIA Security+ Certification