Jun 2016 updated: pass4sure security+ sy0-401

SY0-401 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

https://www.2passeasy.com/dumps/SY0-401/

The actual SY0-401 software regarding Actualtests can examine the testee whether to master the actual CompTIA Security+ Certification knowledge securely as well as real answers. The actual Actualtests SY0-401 goods are consist of multiple select. Prospect can select diverse package products for that SY0-401 pdf or SY0-401 vce software according to their very own grasp from the SY0-401 circumstance.

2016 Jun SY0-401 download

Q611. A security administrator wants to implement a solution which will allow some applications to run under the user's home directory and only have access to files stored within the same user's folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users? 

A. OS Virtualization 

B. Trusted OS 

C. Process sandboxing 

D. File permission 

Answer: C 

Explanation: 


Q612. Which of the following types of logs could provide clues that someone has been attempting to compromise the SQL Server database? 

A. Event 

B. SQL_LOG 

C. Security 

D. Access 

Answer: A 

Explanation: 

Event logs include Application logs, such as those where SQL Server would write entries. This is where you would see logs with details of someone trying to access a SQL database. 


Q613. The IT department has installed new wireless access points but discovers that the signal extends far into the parking lot. Which of the following actions should be taken to correct this? 

A. Disable the SSID broadcasting 

B. Configure the access points so that MAC filtering is not used 

C. Implement WEP encryption on the access points 

D. Lower the power for office coverage only 

Answer: D 

Explanation: 

On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided. 


Q614. Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address? 

A. Interference 

B. Man-in-the-middle 

C. ARP poisoning 

D. Rogue access point 

Answer: D 

Explanation: 

MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. 

In this question, a rogue access point would need to be able to connect to the network to provide access to network resources. If the MAC address of the rogue access point isn’t allowed to connect to the network port, then the rogue access point will not be able to connect to the network. 


Q615. The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO). 

A. Fire- or water-proof safe. 

B. Department door locks. 

C. Proximity card. 

D. 24-hour security guard. 

E. Locking cabinets and drawers. 

Answer: A,E 

Explanation: 

Using a safe and locking cabinets to protect backup media, documentation, and any other physical artifacts that could do harm if they fell into the wrong hands would form part of keeping employees desks clean as in a clean desk policy. 


2passeasy.com

Refresh security+ sy0-401 cheat sheet:

Q616. A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO). 

A. 22 

B. 135 

C. 137 

D. 143 

E. 443 

F. 3389 

Answer: A,F 

Explanation: 

A secure remote administration solution and Remote Desktop protocol is required. 

Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22. 

Remote Desktop Protocol (RDP) uses TCP port 3389. 


Q617. Which of the following BEST describes the weakness in WEP encryption? 

A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. 

Once enough packets are captured an XOR operation can be performed and the asymmetric keys 

can be derived. 

B. The WEP key is stored in plain text and split in portions across 224 packets of random data. 

Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain 

text key. 

C. The WEP key has a weak MD4 hashing algorithm used. 

A simple rainbow table can be used to generate key possibilities due to MD4 collisions. 

D. The WEP key is stored with a very small pool of random numbers to make the cipher text. 

As the random numbers are often reused it becomes easy to derive the remaining WEP key. 

Answer: D 

Explanation: 

WEP is based on RC4, but due to errors in design and implementation, WEP is weak in a number of areas, two of which are the use of a static common key and poor implementation of initiation vectors (IVs). When the WEP key is discovered, the attacker can join the network and then listen in on all other wireless client communications. 


Q618. An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here? 

A. NIDS 

B. NIPS 

C. HIPS 

D. HIDS 

Answer: B 

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it 


Q619. Which of the following protocols operates at the HIGHEST level of the OSI model? 

A. ICMP 

B. IPSec 

C. SCP 

D. TCP 

Answer: C 

Explanation: 

SCP (Secure Copy) uses SSH (Secure Shell). SSH runs in the application layer (layer 7) of the OSI model. 


Q620. Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together? 

A. Least privilege access 

B. Separation of duties 

C. Mandatory access control 

D. Mandatory vacations 

Answer: D 

Explanation: 

A mandatory vacation policy requires all users to take time away from work to refresh. Mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels. Mandatory vacations also provide an opportunity to discover fraud. In this case mandatory vacations can prevent the two members from colluding to steal the information that they have access to. 



see more CompTIA Security+ Certification