CompTIA SY0-401 Exam Preparation Questions – Pass With Guarantee

By | January 31, 2018

CompTIA Security+ SY0-401 exam preparation is now reachable without spending huge amount of money and time because the most authenticated comprehensive CompTIA SY0-401 exam dumps materials are available on 25% discounted price for ensured success. CompTIA Security+ SY0-401 exam Practice test software enables you to practice for CompTIA SY0-401 exam with real exam scenarios to boost your confidence and to enable you attempt the CompTIA exam with full confidence to pass.

♥♥ 2018 NEW RECOMMEND SY0-401 Exam Questions ♥♥

SY0-401 exam questions, SY0-401 PDF dumps; SY0-401 exam dumps:: (1781 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest and Most Accurate CompTIA SY0-401 Dumps Exam Questions and Answers:

Version: 39.0
Question: 21

Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).

A. Virtual switch
C. System partitioning
D. Access-list
E. Disable spanning tree

Answer: A, F

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question.
Incorrect Answers:
B: NAT converts the IP addresses of internal systems found in the header of network packets into public IP addresses.
C: System partitioning has to do with separating data on a physical hard disk.
D: The purpose of an access list is to identify specifically who can enter a facility.
E: STP creates a spanning tree within a network of connected layer-2 bridges (typically Ethernet switches), and disables those links that are not part of the spanning tree. Disabling it will not solve the problem
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 23, 39

Question: 22

A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example?

A. Explicit deny
B. Port security
C. Access control lists
D. Implicit deny

Answer: C

Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the router. New statements are added to the end of the list. The router continues to look until it has a match. If no matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted.
Incorrect Answers:
A: An explicit deny would block the application until it is added to the ACL.
B: Port security in IT can mean several things:
The physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no unauthorized users or unauthorized devices can attempt to connect into an open port.
The management of TCP and User Datagram Protocol (UDP) ports. If a service is active and assigned to a port, then that port is open. All the other 65,535 ports (of TCP or UDP) are closed if a service isn’t actively using them.
Port knocking is a security system in which all ports on a system appear closed. However, if the client sends packets to a specific set of ports in a certain order, a bit like a secret knock, then the desired service port becomes open and allows the client software to connect to the service.
C: Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 24, 26

Question: 23

The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC, DST, ALERT, Directory traversal
10:45:02 EST, SRC, DST, ALERT, Account brute force
10:45:03 EST, SRC, DST, ALERT, Port scan
The external party is reporting attacks coming from Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?

A. A NIDS was used in place of a NIPS.
B. The log is not in UTC.
C. The external party uses a firewall.
D. ABC company uses PAT.

Answer: D

PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source.
Incorrect Answers:
A: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks. This will not have any bearing on the security administrator at ABC Company finding the root of the attack.
B: UTC is the abbreviation for Coordinated Universal Time, which is the primary time standard by which the world regulates clocks and time. The time in the log is not the issue in this case.
C: Whether the external party uses a firewall or not will not have any bearing on the security administrator at ABC Company finding the root of the attack.

Question: 24

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer
B. Router
C. Firewall
D. Switch

Answer: C

Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.
Incorrect Answers:
A: A sniffer is a tool used in the process of monitoring the data that is transmitted across a network.
B, D: A router is connected to two or more data lines from different networks, whereas a network switch is connected to data lines from one single network. These may include a firewall, but not by default.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 342

Question: 25

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall

Answer: B

Stateful inspections occur at all levels of the network.
Incorrect Answers:
A: Packet-filtering firewalls operate at the Network layer (Layer 3) and the Transport layer (Layer 4) of the Open Systems Interconnect (OSI) model.
C: The proxy function can occur at either the application level or the circuit level.
D: Application Firewalls operates at the Application layer (Layer7) of the OSI model.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 98-100
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 6

Question: 26

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Sniffers
C. Firewalls
D. Web proxies
E. Layer 2 switches

Answer: C

New Updated SY0-401 Exam Questions SY0-401 PDF dumps SY0-401 practice exam dumps: