Skip to content

how many questions of SY0-401 pdf?

We provide real comptia sy0 401 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA sy0 401 pdf Exam quickly & easily. The comptia security+ sy0 401 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA sy0 401 pdf dumps pdf and vce product and material, you can easily pass the sy0 401 vce exam.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q171. TION NO: 174 

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point? 

A. Placement of antenna 

B. Disabling the SSID 

C. Implementing WPA2 

D. Enabling the MAC filtering 



You should try to avoid placing access points near metal (which includes appliances) or near the ground. Placing them in the center of the area to be served and high enough to get around most obstacles is recommended. On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided. 

Q172. After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being described? 

A. Trusted OS 

B. Mandatory access control 

C. Separation of duties 

D. Single sign-on 



Single sign-on means that once a user (or other subject) is authenticated into a realm, re-authentication is not required for access to resources on any realm entity. The question states that when Ann logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. This describes an SSO scenario. 

Q173. In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO). 

A. Take hashes 

B. Begin the chain of custody paperwork 

C. Take screen shots 

D. Capture the system image 

E. Decompile suspicious files 

Answer: A,D 


A: Take Hashes. NIST (the National Institute of Standards and Technology) maintains a National Software Reference Library (NSRL). One of the purposes of the NSRL is to collect “known, traceable software applications” through their hash values and store them in a Reference Data Set (RDS). The RDS can then be used by law enforcement, government agencies, and businesses to determine which fi les are important as evidence in criminal investigations. 

D: A system image is a snapshot of what exists. Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. 

Q174. A company hosts its public websites internally. The administrator would like to make some changes to the architecture. 

The three goals are: 


 reduce the number of public IP addresses in use by the web servers 


 drive all the web traffic through a central point of control 


 mitigate automated attacks that are based on IP address scanning 

Which of the following would meet all three goals? 

A. Firewall 

B. Load balancer 

C. URL filter 

D. Reverse proxy 



Q175. In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified? 

A. Security control frameworks 

B. Best practice 

C. Access control methodologies 

D. Compliance activity 



Best practices are based on what is known in the industry and those methods that have consistently shown superior results over those achieved by other means. Furthermore best practices are applied to all aspects in the work environment. 

Q176. Which of the following devices will help prevent a laptop from being removed from a certain location? 

A. Device encryption 

B. Cable locks 

C. GPS tracking 

D. Remote data wipes 



Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 

Q177. Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO). 

A. Spoofing 

B. Man-in-the-middle 

C. Dictionary 

D. Brute force 

E. Privilege escalation 

Answer: C,D 


Account lockout is a useful method for slowing down online password-guessing attacks. A dictionary attack performs password guessing by making use of a pre-existing list of likely passwords. A brute-force attack is intended to try every possible valid combination of characters to create possible passwords in the attempt to discover the specific passwords used by user accounts. 

Q178. An attacker used an undocumented and unknown application exploit to gain access to a file server. Which of the following BEST describes this type of attack? 

A. Integer overflow 

B. Cross-site scripting 

C. Zero-day 

D. Session hijacking 

E. XML injection 



The vulnerability is undocumented and unknown. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 

Q179. A security technician would like to obscure sensitive data within a file so that it can be transferred without causing suspicion. Which of the following technologies would BEST be suited to accomplish this? 

A. Transport Encryption 

B. Stream Encryption 

C. Digital Signature 

D. Steganography 



Q180. All of the following are valid cryptographic hash functions EXCEPT: 


B. RC4. 

C. SHA-512. 

D. MD4. 



RC4 is not a hash function. RC4 is popular with wireless and WEP/WPA encryption.