Skip to content

All About Tested SY0-401 exam question

Proper study guides for Up to date CompTIA CompTIA Security+ Certification certified begins with CompTIA sy0 401 vce preparation products which designed to deliver the Actual sy0 401 practice test questions by making you pass the comptia security+ get certified get ahead sy0 401 study guide test at your first time. Try the free sy0 401 pdf demo right now.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

P.S. Actual SY0-401 samples are available on Google Drive, GET MORE:

New CompTIA SY0-401 Exam Dumps Collection (Question 16 – Question 25)

Question No: 16

A company uses port security based on an approved MAC list to secure its wired network and WPA2 to secure its wireless network. Which of the following prevents an attacker from learning authorized MAC addresses?

A. Port security prevents access to any traffic that might provide an attacker with authorized MAC addresses

B. Port security uses certificates to authenticate devices and is not part of a wireless protocol

C. Port security relies in a MAC address length that is too short to be cryptographically secure over wireless networks

D. Port security encrypts data on the network preventing an attacker form reading authorized MAC addresses

Answer: A

Question No: 17

The Quality Assurance team is testing a third party application. They are primarily testing for defects and have some understanding of how the application works. Which of the following is the team performing?

A. Grey box testing

B. White box testing

C. Penetration testing

D. Black box testing

Answer: A

Question No: 18

A security administrator suspects that an employee in the IT department is utilizing a reverse proxy to bypass the companyu2019s content filter and browse unapproved and non-work related sites while at work. Which of the following tools could BEST be used to determine how the employee is connecting to the reverse proxy?

A. Port scanner

B. Vulnerability scanner

C. Honeypot

D. Protocol analyzer

Answer: C

Question No: 19

An organization is trying to decide which type of access control is most appropriate for the network. The current access control approach is too complex and requires significant overhead. Management would like to simplify the access control and provide user with the ability to determine what permissions should be applied to files, document, and directories. The access control method that BEST satisfies these objectives is:

A. Rule-based access control

B. Role-based access control

C. Mandatory access control

D. Discretionary access control

Answer: B

Question No: 20

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all companyu2019s clients. Which of the following is being used?

A. Gray box vulnerability testing

B. Passive scan

C. Credentialed scan

D. Bypassing security controls

Answer: A

Question No: 21

A software company sends their offsite backup tapes to a third party storage facility. TO meet confidentiality the tapes should be:

A. Labeled

B. Hashed

C. Encrypted

D. Duplicated

Answer: A

Question No: 22

Joe, the security administrator, sees this in a vulnerability scan report:

'The server 10.1..2.232 is running Apache 2.2.20 which may be vulnerabel to a mod_cgi exploit."

Joe verifies that mod_cgi module is not enabled on This message is an example of

A. a threat

B. a risk

C. a false negative

D. afalse positive

Answer: A

Question No: 23

A website administrator has received an alert from an application designed to check the integrity of the companyu2019s website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert. Which of the following methods has MOST likely been used?

A. Cryptography

B. Time of check/time of use

C. Man in the middle

D. Covert timing

E. Steganography

Answer: E

Question No: 24

A company has been attacked and their website has been altered to display false information. The security administrator disables the web server service before restoring the website from backup. An audit was performed on the server and no other data was altered. Which of the following should be performed after the server has been restored?

A. Monitor all logs for the attackeru2019s IP

B. Block port 443 on the web server

C. Install and configure SSL to be used on the web server

D. Configure the web server to be in VLAN 0 across the network

Answer: B

Question No: 25

A software development company needs to share information between two remote server, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithem libraries will provide strong encryption without being susceptible to attacks on other unknown protocols. Which of the following summarizes the BEST response to programmer's proposal?

A. The newly developed protocol will not be as the underlying cryptographic algorithms used.

B. New protocols often introduce unexpected vulnerabilites, even when developed with otherwise secure and tested algorithm libraries.

C. A programmer should have specialized training in protocol development before attempting to design a new encryption protocol.

D. The obscurity value of unproven protocols against attacks often outweighs the potential for new vulnerabilites.

Answer: D

P.S. Easily pass SY0-401 Exam with Dumpscollection Actual Dumps & pdf vce, Try Free: (1781 New Questions)