vce sy0-401 (771 to 780)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

SY0-401 Product Description:
Exam Number/Code: SY0-401 vce
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA SY0-401 CompTIA Security+ Certification

SY0-401 examcollection

The SY0-401 software of Actualtests may verify the testee whether or not to master the CompTIA Security+ Certification understanding strongly and actual solutions. The Actualtests SY0-401 items are include numerous choose. Prospect can select different package items for your SY0-401 pdf or perhaps SY0-401 vce software in accordance with their particular understand from the SY0-401 scenario.

2021 Jun SY0-401 free exam

Q771. A company has just deployed a centralized event log storage system. Which of the following can be used to ensure the integrity of the logs after they are collected? 

A. Write-once drives 

B. Database encryption 

C. Continuous monitoring 

D. Role-based access controls 

Answer: A 


Q772. A system administrator needs to ensure that certain departments have more restrictive controls to their shared folders than other departments. Which of the following security controls would be implemented to restrict those departments? 

A. User assigned privileges 

B. Password disablement 

C. Multiple account creation 

D. Group based privileges 

Answer: D 


Group-based privileges assign privileges or access to a resource to all members of a group. Group-based access control grants every member of the group the same level of access to a specific object. 

Q773. Which of the following protocols allows for the LARGEST address space? 


B. IPv4 

C. IPv6 

D. Appletalk 

Answer: C 


The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. 

Q774. A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? 

A. Time of day restrictions 

B. Group based privileges 

C. User assigned privileges 

D. Domain admin restrictions 

Answer: B 


The question states that the sales department has a high employee turnover. You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). Then when a new employee starts, you simply add the new user account to the appropriate groups. The user then inherits all the permissions assigned to the groups. 

Q775. A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario? 

A. WPA2 


C. IPv6 

D. IPv4 

Answer: C 


IPSec security is built into IPv6. 

SY0-401  free practice exam

Renew sy0-401 voucher:

Q776. Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal? 

A. A host-based intrusion prevention system 

B. A host-based firewall 

C. Antivirus update system 

D. A network-based intrusion detection system 

Answer: B 


A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. 

Q777. Which of the following is true about the CRL? 

A. It should be kept public 

B. It signs other keys 

C. It must be kept secret 

D. It must be encrypted 

Answer: A 


The CRL must be public so that it can be known which keys and certificates have been revoked. In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted. 

Q778. Which of the following protocols is used by IPv6 for MAC address resolution? 





Answer: A 


The Neighbor Discovery Protocol (NDP) is a protocol in the Internet protocol suite used with Internet Protocol Version 6 (IPv6). 

Q779. Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff began to spread, the IDS alerted the network administrator that access to sensitive client files had risen far above normal. Which of the following kind of IDS is in use? 

A. Protocol based 

B. Heuristic based 

C. Signature based 

D. Anomaly based 

Answer: D 


Q780. It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control? 

A. Integrity 

B. Safety 

C. Availability 

D. Confidentiality 

Answer: A 


Integrity means that the messages/ data is not altered. PII is personally identifiable information that can be used to uniquely identify an individual. PII can be used to ensure the integrity of data/messages. 

see more CompTIA Security+ Certification