security+ sy0-401 practice test [May 2016]

♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

SY0-401 Product Description:
Exam Number/Code: SY0-401 vce
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA SY0-401 CompTIA Security+ Certification

SY0-401 examcollection

Exam Code: SY0-401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass SY0-401 Exam.

2016 May SY0-401 Study Guide Questions:

Q411. The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements? 

A. Software as a Service 

B. Infrastructure as a Service 

C. Platform as a Service 

D. Hosted virtualization service 

Answer: A 


Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet. 

Q412. Which of the following tools would a security administrator use in order to identify all running services throughout an organization? 

A. Architectural review 

B. Penetration test 

C. Port scanner 

D. Design review 

Answer: C 


Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server. A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine. 

Q413. Which of the following can be performed when an element of the company policy cannot be enforced by technical means? 

A. Develop a set of standards 

B. Separation of duties 

C. Develop a privacy policy 

D. User training 

Answer: D 


User training is an important aspect of maintaining safety and security. It helps improve users’ security awareness in terms of prevention, enforcement, and threats. It is of critical importance when element of the company policy cannot be enforced by technical means. 

SY0-401  pdf exam

Avant-garde pass4sure security+ sy0-401:

Q414. A network administrator is asked to send a large file containing PII to a business associate. 

Which of the following protocols is the BEST choice to use? 





Answer: B 


SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server. 

Q415. After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points: 

Corpnet Coffeeshop 


Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created? 

A. Infrastructure as a Service 

B. Load balancer 

C. Evil twin 

D. Virtualized network 

Answer: C 


In this question, the attacker has created another wireless network that is impersonating one of more of the three wireless networks listed in the question. This is known as an Evil Twin. An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique. For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name. In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits. 

Q416. A system administrator wants to enable WPA2 CCMP. Which of the following is the only encryption used? 

A. RC4 


C. 3DES 


Answer: D 


Cipher Block Chaining Message Authentication Code Protocol (CCMP) makes use of 128-bit AES encryption with a 48-bit initialization vector. 

SY0-401  pdf exam

Tested pdf sy0-401:

Q417. Which of the following techniques enables a highly secured organization to assess security weaknesses in real time? 

A. Access control lists 

B. Continuous monitoring 

C. Video surveillance 

D. Baseline reporting 

Answer: B 


Continuous monitoring point toward the never-ending review of what resources a user actually accesses, which is critical for preventing insider threats. Because the process is never-ending, assessments happen in real time. 

Topic 6, Cryptography 

Q418. Which of the following is true about the recovery agent? 

A. It can decrypt messages of users who lost their private key. 

B. It can recover both the private and public key of federated users. 

C. It can recover and provide users with their lost or private key. 

D. It can recover and provide users with their lost public key. 

Answer: A 


Explanation: A key recovery agent is an entity that has the ability to recover a private key, key components, or plaintext messages as needed. Using the recovered key the recovery agent can decrypt encrypted data. 

Q419. A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements? 

A. Trust model 

B. Key escrow 



Answer: A 


In this scenario we can put a CA in the local network and use an online CA as root CA in a hierarchical trust model. A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate. In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. This arrangement allows a high level of control at all levels of the hierarchical tree. 

Q420. The Quality Assurance team is testing a new third party developed application. The Quality team does not have any experience with the application. Which of the following is the team performing? 

A. Grey box testing 

B. Black box testing 

C. Penetration testing 

D. White box testing 

Answer: B 


Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well. Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place. 

see more CompTIA Security+ Certification