10 tips on sy0-401 practice exam

SY0-401 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!


The actual [productsort] computer software regarding Exambible can examine a testee whether to master the actual CompTIA Security+ Certification understanding securely and also genuine responses. The actual Exambible [productsort] goods are include several select. Candidate can pick different bundle goods for that [productsort] pdf or even [productsort] vce computer software according to their very own understanding of the [productsort] circumstance.

2016 Aug sy0-301 or sy0-401:

Q521. A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices? 

A. Privacy Policy 

B. Security Policy 

C. Consent to Monitoring Policy 

D. Acceptable Use Policy 

Answer: D 


Q522. Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company’s password policy. Which of the following should Pete do NEXT? 

A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant. 

B. Tell the application development manager to code the application to adhere to the company’s password policy. 

C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented. 

D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded. 

Answer: B 


Since the application is violating the security policy it should be coded differently to comply with the password policy. 

Q523. After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO). 

A. To allow load balancing for cloud support 

B. To allow for business continuity if one provider goes out of business 

C. To eliminate a single point of failure 

D. To allow for a hot site in case of disaster 

E. To improve intranet communication speeds 

Answer: B,C 


A high-speed internet connection to a second data provider could be used to keep an up-to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site. Note: Recovery Time Objective The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation. 

Q524. Three of the primary security control types that can be implemented are. 

A. Supervisory, subordinate, and peer. 

B. Personal, procedural, and legal. 

C. Operational, technical, and management. 

D. Mandatory, discretionary, and permanent. 

Answer: C 


The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical. 

Q525. Which of the following tools will allow a technician to detect security-related TCP connection anomalies? 

A. Logical token 

B. Performance monitor 

C. Public key infrastructure 

D. Trusted platform module 

Answer: B 


Performance Monitor in a Windows system can monitor many different ‘counters’. For TCP network connections, you can monitor specific TCP related counters including the following: Connection Failures Connections Active Connections Established Connections Passive Connections Reset Segments Received/sec Segments Retransmitted/sec Segments Sent/sec Total Segments/sec 

By monitoring the counters listed above, you will be able to detect security-related TCP connection anomalies. 

SY0-401  exam cost

Replace sy0-401 pdf:

Q526. A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host: 

Old `hosts’ file: localhost 

New `hosts’ file: localhost www.comptia.com 

Which of the following attacks has taken place? 

A. Spear phishing 

B. Pharming 

C. Phishing 

D. Vishing 

Answer: B 


We can see in this question that a fraudulent entry has been added to the user’s hosts file. This will point the URL: www.comptia.com to instead of the correct IP address. Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming 'poisons' a DNS server (or hosts file) by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser, however will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing. 

Q527. A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies? 

A. User rights and permissions review 

B. Change management 

C. Data loss prevention 

D. Implement procedures to prevent data theft 

Answer: A 


Terminal Access Controller Access-Control System (TACACS, and variations like XTACACS and TACACS+) is a client/server-oriented environment, and it operates in a manner similar to RADIUS. Furthermore TACACS+ allows for credential to be accepted from multiple methods. Thus you can perform user rights and permission reviews with TACACS+. 

Q528. A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system’s services to the list of standard services on the company’s system image. This review process depends on: 

A. MAC filtering. 

B. System hardening. 

C. Rogue machine detection. 

D. Baselining. 

Answer: D 


Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained. 

Q529. An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application? 

A. Time of day restrictions 

B. Create user accounts for the auditors and assign read-only access 

C. Mandatory access control 

D. Role-based access with read-only 

Answer: D 


Q530. Which of the following protocols is used to authenticate the client and server’s digital certificate? 





Answer: C 


Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key. 

see more http://www.2passeasy.com/dumps/SY0-401 /