SY0-401 Braindumps

1. CompTIA SY0-401 - CompTIA Security+ Certification Pass CompTIA SY0-401 - CompTIA Security+Certification exam injust 24 HOURS With 100%Guarantee Top 100% REAL EXAM QUESTIONSANSWERS Get All PDF With Complete Questions Answers Filefrom http://www.testinsideusa.com/SY0-401-practice-test.html 100% Exam Passing Guarantee & Money BackAssurance

2. SampleQuestions Question:1 A corporate wireless guest network uses an open SSID with a captive portal to authenticate guest users. Guests can obtain their portal password at the service desk. A security consultant alerts the administrator that the captive portal is easily bypassed, as long as one other wireless guest user is on the network. Which of the following attacks did the security consultantuse? ARPpoisoning DNS cachepoisoning MACspoofing Rouge DHCPserver Answer:C Question:2 The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in development. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many customers have disabled the host based firewall. After examining the system the administrator sees several ports that are open for database and application servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the administrator totake? A. Allow ports used by the application through the networkfirewall

3. Allow ports used externally through the hostfirewall Follow the vendor recommendations and disable the hostfirewall Allow ports used locally through the hostfirewall Answer:D Question:3 A chief information officer (CIO) is concerned about PII contained in the organization's various data warehouse platforms. Since not all of the PII transferred to the organization is required for proper operation of the data warehouse application, the CIO requests the in needed PII data be parsed and securely discarded. Which of the following controls would be MOST appropriate in thisscenario? Execution of PII data identificationassessments Implementation of data sanitizationroutines Encryption ofdata-at-rest Introduction of education programs and awarenesstraining Creation of policies andprocedures Answer: E Question:4 An employee finds an usb drive in the employee lunch room and plugs the drive into a shared workstation to determine who owns the drive. When the drive is inserted, a command prompt opens and a script begins to run. The employee notifies a technician who determines that data ona server have been compromised. This is an exampleof: Deviceremoval Datadisclosure Incidentidentification Mitigationsteps Answer: C Question:5 Employees are reporting that they have been receiving a large number of emails advertising products and services. Links in the email direct the users' browsers to the websites for the items being offered. No reports of increased virus activity have been observed. A security administrator suspects that the users are the targetsof: A. A watering holeattack

4. Spearphishing A spoofingattack A spamcampaign Answer: D Question:6 Requirements for the confidentiality of its data on organization decides to allow BYOD, but requires participate agree to the following specific device end user devices. The that users wishing to configurations; camera disablement, password enforcement, and application white listing. The organization must be able to support a device portfolio of differing mobile operating systems. Which of the following represents the MOST relevant technical security criteria for theMDM? Breadth of support for device manufacturers' security configurationAPIS Ability to extend the enterprise password polices to the chosenMDM Features to support the backup and recovery of the stored corporatedata Capability to require the users to accept an AUP prior to device onboarding Answer: B Question:7 Joe has hired several new security administrators and have been explaining the4 design of the company's network. He has described the position and descriptions of the company's firewalls, IDS sensors, antivirus server, DMZs, and HIPS. Which of the following best describes the incorporation of theseelements? Loadbalancers Defense indepth Networksegmentation UTM securityappliance Answer: B Question:8 A company is deploying an new video conferencing system to be used by the executive team for board meetings. The security engineer has been asked to choose the strongest available asymmetric cipher to be used for encryption of board papers, and chose the strongest available stream cipher to be configured for video streaming. Which of the following ciphers should be chosen? (Select two)

5. RSA • RC4 • 3DES • HMAC • SJA-256 • Answer: A,B Question:9 • In performing an authorized penetration test of an organization's system security, a penetration tester collects information pertaining to the application versions that reside on a server. Which of the following is the best way to collect this type ofinformation? • Protocolanalyzer • Bannergrabbing • Portscanning • Codereview • Answer:B • Question:10 • Client computers login at specified times to check and update antivirus definitions using a dedicated account configured by the administrator. One day the clients are unable to login with the account, but the server still responds to ping requests. The administrator has not made any changed. Which of the following most likelyhappened? • Group policy is blocking the connectionattempts • The administrator account has beendisabled • The switch port for the server hasdied • The password on the account hasexpired • Answer:D • Buy Complete Questions Answers Filefrom • 100% Exam Passing Guarantee & Money BackAssurance • PDF Version + Test Engine SoftwareVersion • 60 Days Free UpdatesService • Valid for AllCountries

6. http://www.testinsideusa.com/SY0-401-practice-test.html