We provide real security+ sy0 401 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA comptia security+ get certified get ahead sy0 401 study guide Exam quickly & easily. The comptia security+ study guide sy0 401 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA sy0 401 braindump dumps pdf and vce product and material, you can easily pass the comptia security+ get certified get ahead sy0 401 study guide exam.

Q171. Ann, a security administrator, has concerns regarding her company’s wireless network. The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be. 

Which of the following would BEST alleviate Ann’s concerns with minimum disturbance of current functionality for clients? 

A. Enable MAC filtering on the wireless access point. 

B. Configure WPA2 encryption on the wireless access point. 

C. Lower the antenna’s broadcasting power. 

D. Disable SSID broadcasting. 

Answer:

Explanation: 

Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far. 


Q172. Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use? 

A. Email scanning 

B. Content discovery 

C. Database fingerprinting 

D. Endpoint protection 

Answer:

Explanation: 

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. DLP systems share commonality with network intrusion prevention systems. Endpoint protection provides security and management over both physical and virtual environments. 


Q173. A company’s business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model? 

A. Software as a Service 

B. DMZ 

C. Remote access support 

D. Infrastructure as a Service 

Answer:

Explanation: 

Software as a Service (SaaS) allows for on-demand online access to specific software applications or suites without having to install it locally. This will allow the data center to continue providing network and security services. 


Q174. A company is looking to improve their security posture by addressing risks uncovered by a recent penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day basis? 

A. Insufficient encryption methods 

B. Large scale natural disasters 

C. Corporate espionage 

D. Lack of antivirus software 

Answer:

Explanation: 

The most common threat to computers is computer viruses. A computer can become infected with a virus through day-to-day activities such as browsing web sites or emails. As browsing and opening emails are the most common activities performed by all users, computer viruses represent the most likely risk to a business. 


Q175. An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application? 

A. Time of day restrictions 

B. Create user accounts for the auditors and assign read-only access 

C. Mandatory access control 

D. Role-based access with read-only 

Answer:

Explanation: 


Q176. Using a heuristic system to detect an anomaly in a computer’s baseline, a system administrator was able to detect an attack even though the company signature based IDS and antivirus did not detect it. Further analysis revealed that the attacker had downloaded an executable file onto the company PC from the USB port, and executed it to trigger a privilege escalation flaw. 

Which of the following attacks has MOST likely occurred? 

A. Cookie stealing 

B. Zero-day 

C. Directory traversal 

D. XML injection 

Answer:

Explanation: 

The vulnerability was unknown in that the IDS and antivirus did not detect it. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 


Q177. At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing. Which of the following does this describe? 

A. Shoulder surfing 

B. Tailgating 

C. Whaling 

D. Impersonation 

Answer:

Explanation: 

Although Ann is an employee and therefore authorized to enter the building, she does not have her badge and therefore strictly she should not be allowed to enter the building. Just as a driver can tailgate another driver’s car by following too closely, in the security sense, tailgating means to compromise physical security by following somebody through a door meant to keep out intruders. Tailgating is actually a form of social engineering, whereby someone who is not authorized to enter a particular area does so by following closely behind someone who is authorized. 


Q178. Employee badges are encoded with a private encryption key and specific personal information. 

The encoding is then used to provide access to the network. Which of the following describes this access control type? 

A. Smartcard 

B. Token 

C. Discretionary access control 

D. Mandatory access control 

Answer:

Explanation: 

Smart cards are credit-card-sized IDs, badges, or security passes with an embedded integrated circuit chip that can include data regarding the authorized bearer. This data can then be used for identification and/or authentication purposes. 


Q179. A security engineer, Joe, has been asked to create a secure connection between his mail server and the mail server of a business partner. Which of the following protocol would be MOST appropriate? 

A. HTTPS 

B. SSH 

C. FTP 

D. TLS 

Answer:

Explanation: Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key. The TLS protocol allows client-server applications to communicate across a network in a way designed to prevent eavesdropping and tampering. 


Q180. Which of the following would provide the STRONGEST encryption? 

A. Random one-time pad 

B. DES with a 56-bit key 

C. AES with a 256-bit key 

D. RSA with a 1024-bit key 

Answer:

Explanation: 

One-time pads are the only truly completely secure cryptographic implementations. 

They are so secure for two reasons. First, they use a key that is as long as a plaintext message. 

That means there is no pattern in the key application for an attacker to use. Also, one-time pad 

keys are used only once and then discarded. So even if you could break a one-time pad cipher, 

that same key would never be used again, so knowledge of the key would be useless.