Want to know Testking SY0-401 Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Highest Quality CompTIA SY0-401 answers to Regenerate SY0-401 questions at Testking. Gat a success with an absolute guarantee to pass CompTIA SY0-401 (CompTIA Security+ Certification) test on your first attempt.
2016 Jun sy0-401 exam:
Q411. An administrator is instructed to disable IP-directed broadcasts on all routers in an organization. Which of the following attacks does this prevent?
Q412. The security consultant is assigned to test a client’s new software for security, after logs show targeted attacks from the Internet. To determine the weaknesses, the consultant has no access to the application program interfaces, code, or data structures. This is an example of which of the following types of testing?
A. Black box
C. Gray box
D. White box
Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well. Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place.
Q413. Which of the following devices is MOST likely being used when processing the following?
1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY
C. Load balancer
D. URL filter
Firewalls, routers, and even switches can use ACLs as a method of security management. An access control list has a deny ip any any implicitly at the end of any access control list. ACLs deny by default and allow by exception.
Q414. Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).
Explanation: NetBIOS provides four distinct services:
Name service for name registration and resolution (port: 137/udp)
Name service for name registration and resolution (port: 137/tcp)
Datagram distribution service for connectionless communication (port: 138/udp)
Session service for connection-oriented communication (port: 139/tcp)
Q415. Pete, an employee, needs a certificate to encrypt data. Which of the following would issue Pete a certificate?
A. Certification authority
B. Key escrow
C. Certificate revocation list
D. Registration authority
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates.
Up to date comptia security+ sy0-401 exam cram:
Q416. The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?
A. The risks associated with the large capacity of USB drives and their concealable nature
B. The security costs associated with securing the USB drives over time
C. The cost associated with distributing a large volume of the USB pens
D. The security risks associated with combining USB drives and cell phones on a network
USB drive and other USB devices represent a security risk as they can be used to either bring malicious code into a secure system or to copy and remove sensitive data out of the system.
Q417. A security administrator wants to deploy security controls to mitigate the threat of company employees’ personal information being captured online. Which of the following would BEST serve this purpose?
C. Host-based firewall
D. Web content filter
Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.
Q418. Which of the following can be performed when an element of the company policy cannot be enforced by technical means?
A. Develop a set of standards
B. Separation of duties
D. User training
User training is an important aspect of maintaining safety and security. It helps improve users’ security awareness in terms of prevention, enforcement, and threats. It is of critical importance when element of the company policy cannot be enforced by technical means.
Q419. In which of the following steps of incident response does a team analyse the incident and determine steps to prevent a future occurrence?
D. Lessons learned
Incident response procedures involves in chronological order: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Thus lessons are only learned after the mitigation occurred. For only then can you ‘step back’ and analyze the incident to prevent the same occurrence in future.
Q420. Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete’s focus is on equipment recovery. Which of the following BEST addresses his concerns?
A. Enforce device passwords.
B. Use remote sanitation.
C. Enable GPS tracking.
D. Encrypt stored data.
Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information.
see more CompTIA Security+ Certification