Secrets to sy0 401 pdf

♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

SY0-401 Product Description:
Exam Number/Code: SY0-401 vce
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA SY0-401 CompTIA Security+ Certification

SY0-401 examcollection

we provide Free CompTIA sy0 401 pdf actual exam which are the best for clearing sy0 401 vce test, and to get certified by CompTIA CompTIA Security+ Certification. The comptia security+ get certified get ahead sy0 401 study guide Questions & Answers covers all the knowledge points of the real comptia sy0 401 exam. Crack your CompTIA security+ sy0 401 Exam with latest dumps, guaranteed!

P.S. Free SY0-401 dump are available on Google Drive, GET MORE:

New CompTIA SY0-401 Exam Dumps Collection (Question 2 - Question 11)

Q2. Which of the following can be used to control specific commands that can be executed on a network infrastructure device?


B. Kerberos



Answer: D

Q3. While troubleshooting a new wireless 802.11 ac network an administrator discovers that several of the older systems cannot connect. Upon investigation the administrator discovers that the older devices only support 802.11 and RC4. The administrator does not

want to affect the performance of the newer 802.11 ac devices on the network. Which of the following should the administrator do to accommodate all devices and provide the MOST security?

A. Disable channel bonding to allow the legacy devices and configure WEP fallback

B. Configure the AP in protected mode to utilize WPA2 with CCMP

C. Create a second SSID on the AP which utilizes WPA and TKIP

D. Configure the AP to utilize the 5Gh band only and enable WEP

Answer: B

Q4. A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability. In order to prevent similar situations in the future, the company should improve which of the following?

A. Change management procedures

B. Job rotation policies

C. Incident response management

D. Least privilege access controls

Answer: A

Q5. A security technician has been tasked with opening ports on a firewall to allow users to browse the internet. Which of the following ports should be opened on the firewall? (Select Three)

A. 22

B. 53

C. 80

D. 110

E. 443

F. 445

G. 8080

Answer: C,E,G

Q6. During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?

A. Credential management

B. Group policy management

C. Acceptable use policy

D. Account expiration policy

Answer: B

Q7. A switch is set up to allow only 2 simultaneous MAC addresses per switch port. An administrator is reviewing a log and determines that a switch ort has been deactivated in a conference room after it detected 3 or more MAC addresses on the same port. Which of the following reasons could have caused this port to be disabled?

A. A pc had a NIC replaced and reconnected to the switch

B. An ip telephone has been plugged in

C. A rouge access point was plugged in

D. An arp attack was launched from a pc on this port

Answer: D

Q8. If an organization wants to implement a BYOD policy, which of the following administrative control policy considerations MUST be addressed? (Select two)

A. Data archiving

B. Data ownership

C. Geo-tagging

D. Acceptable use

E. Remote wipe

Answer: B,C

Q9. Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?


B. MD5



Answer: D


HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key. The hashing function provides data integrity, while the symmetric key provides authenticity.

Q10. Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

A. Registration



D. Recovery agent

Answer: C


Certificates or keys for the terminated employee should be put in the CRL.

A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key.

By checking the CRL you can check if a particular certificate has been revoked.

Q11. Which of the following is synonymous with a serveru2019s certificate?

A. Public key


C. Private key

D. Recovery agent

Answer: A


A public key certificate (also known as a digital certificate or identity certificate) is an electronic document used to prove ownership of a public key.

Topic 7, Mixed Questions

1133.An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized for internal web applications. Finally access to terminal applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. This company is using Kerberos to achieve which of the following?

A. Trusted Operating System

B. Rule-based access control

C. Single sign on

D. Mandatory access control

To know more about the CompTIA Security+ Certification, click here.

100% Renovate CompTIA SY0-401 Questions & Answers shared by Examcollectionplus, Get HERE: (New 1781 Q&As)