CompTIA Security + SY0-401 Pass4sureusa
Welcome TO Pass4sureusa Pass4sureusa providing the top quality real certified pdf dumps of all IT certification exams. Now passing any CopmpTIA certification exam is not a hard task. Just buy your pdf dump of SY0-401 from us to get successful marks in you final security + exam.
SY0-401 Sample Questions 1 Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure? A. PAT B. NAP C. DNAT D. NAC Correct Answer: A
SY0-401 Sample Questions 2 Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80 2 DENY IP ANY ANY A. Firewall B. NIPS C. Load balancer D. URL filter Correct Answer: A Explanation: Firewalls, routers, and even switches can use ACLs as a method of security management. An access control list has a deny ip any any implicitly at the end of any access control list. ACLs deny by default and allow by exception.
SY0-401 Sample Questions 3 The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 184.108.40.206:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 220.127.116.11:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 18.104.22.168:80, ALERT, Port scan The external party is reporting attacks coming from abc- company.com. Which of the following is the reason the ABC company's security administrator is unable to determine the origin of the attack? A. A NIDS was used in place of a NIPS. B. The log is not in UTC. C. The external party uses a firewall. D. ABC company uses PAT. Correct Answer: D Correct Answer: D
SY0-401 Sample Questions 4 Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? A. Packet Filter Firewall B. Stateful Firewall C. Proxy Firewall D. Application Firewall Correct Answer: B Correct Answer: B Explanation: Explanation: Stateful inspections occur at all levels of the network.
SY0-401 Sample Questions 5 unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO's requirements? A. Sniffers B. NIDS C. Firewalls D. Web proxies E. Layer 2 switches Correct Answer: C Explanation: The basic purpose of a firewall is to isolate one network from another.
SY0-401 Sample Questions 6 Which of the following network design elements allows for many internal devices to share one public IP address? A. DNAT B. PAT C. DNS D. DMZ Correct Answer: B Correct Answer: B Explanation: Explanation: Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses. Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.
SY0-401 Sample Questions 7 Which of the following is a best practice when securing a switch from physical access? A. Disable unnecessary accounts B. Print baseline configuration C. Enable access lists D. Disable unused ports Correct Answer: D Explanation: Disabling unused switch ports a simple method many network administrators use to help secure their network from unauthorized access. All ports not in use should be disabled. Otherwise, they present an open door for an attacker to enter.
SY0-401 Sample Questions 8 Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website? A. Protocol analyzer B. Load balancer C. VPN concentrator D. Web security gateway Correct Answer: B Correct Answer: B Explanation: Explanation: Load balancing refers to shifting a load from one device to another. A load balancer can be implemented as a software or hardware solution, and it is usually associated with a device--a router, a firewall, NAT appliance, and so on. In its most common implementation, a load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available.
SY0-401 Sample Questions 9 Pete, the system administrator, wishes to monitor and limit users' access to external websites. Which of the following would BEST address this? A. Block all traffic on port 80. B. Implement NIDS. C. Use server load balancers. D. Install a proxy server. Correct Answer: D Explanation: A proxy is a device that acts on behalf of other(s). In the interest of security, all internal user interaction with the Internet should be controlled through a proxy server. The proxy server should automatically block known malicious sites. The proxy server should cache often-accessed sites to improve performance.
SY0-401 Sample Questions 10 Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal? A. Firewall B. Switch C. URL content filter D. Spam filter Correct Answer: C Explanation: URL filtering, also known as web filtering, is the act of blocking access to a site based on all or part of the URL used to request access. URL filtering can focus on all or part of a fully qualified domain name (FQDN), specific path names, specific filenames, specific fi le extensions, or entire specific URLs. Many URL-filtering tools can obtain updated master URL block lists from vendors as well as allow administrators to add or remove URLs from a custom list.
SY0-401 Verified Exam Questions Pass4saureusa
Full Exam Passing guarantee
Providing valid PDF dumps to students is our first priority www.pass4sureusa.com