exam sy0-401 : May 2016 Edition


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.certleader.com/SY0-401-dumps.html


SY0-401 Product Description:
Exam Number/Code: SY0-401 vce
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA SY0-401 CompTIA Security+ Certification

SY0-401 examcollection

Virtual of SY0-401 practice exam materials and training materials for CompTIA certification for IT engineers, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2016 May SY0-401 Study Guide Questions:

Q761. Which of the following is a concern when encrypting wireless data with WEP? 

A. WEP displays the plain text entire key when wireless packet captures are reassembled 

B. WEP implements weak initialization vectors for key transmission 

C. WEP uses a very weak encryption algorithm 

D. WEP allows for only four pre-shared keys to be configured 

Answer: B 

Explanation: 

The initialization vector (IV) that WEP uses for encryption is 24-bit, which is quite weak and means that IVs are reused with the same key. By examining the repeating result, it was easy for attackers to crack the WEP secret key. This is known as an IV attack. 


Q762. Which of the following is BEST carried out immediately after a security breach is discovered? 

A. Risk transference 

B. Access control revalidation 

C. Change management 

D. Incident management 

Answer: D 

Explanation: 

Incident management is the steps followed when security incident occurs. 


Q763. An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication? 

A. The malicious user has access to the WPA2-TKIP key. 

B. The wireless access point is broadcasting the SSID. 

C. The malicious user is able to capture the wired communication. 

D. The meeting attendees are using unencrypted hard drives. 

Answer: C 

Explanation: 


SY0-401  practice exam

Replace security plus certification sy0-401:

Q764. A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff? 

A. Virtualization 

B. Subnetting 

C. IaaS 

D. SaaS 

Answer: A 

Explanation: 

Virtualization allows a single set of hardware to host multiple virtual machines. 


Q765. Using a heuristic system to detect an anomaly in a computer’s baseline, a system administrator was able to detect an attack even though the company signature based IDS and antivirus did not detect it. Further analysis revealed that the attacker had downloaded an executable file onto the company PC from the USB port, and executed it to trigger a privilege escalation flaw. 

Which of the following attacks has MOST likely occurred? 

A. Cookie stealing 

B. Zero-day 

C. Directory traversal 

D. XML injection 

Answer: B 

Explanation: 

The vulnerability was unknown in that the IDS and antivirus did not detect it. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 


Q766. Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days’ hashes. Which of the following security concepts is Sara using? 

A. Confidentiality 

B. Compliance 

C. Integrity 

D. Availability 

Answer: C 

Explanation: 

Integrity means the message can’t be altered without detection. 


certleader.com

Free security+ sy0-401:

Q767. While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO). 

A. 20 

B. 21 

C. 22 

D. 68 

E. 69 

Answer: A,B 

Explanation: 


Q768. Which of the following helps to apply the proper security controls to information? 

A. Data classification 

B. Deduplication 

C. Clean desk policy 

D. Encryption 

Answer: A 

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical. 


Q769. Which of the following functions provides an output which cannot be reversed and converts data into a string of characters? 

A. Hashing 

B. Stream ciphers 

C. Steganography 

D. Block ciphers 

Answer: A 

Explanation: 

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way – it is not reversible. 


Q770. A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. 

Which of the following should be implemented? 

A. WPA2-CCMP with 802.1X 

B. WPA2-PSK 

C. WPA2-CCMP 

D. WPA2-Enterprise 

Answer: D 

Explanation: 

D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security 

(e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts. 



see more CompTIA Security+ Certification