Proper study guides for Improve CompTIA CompTIA Security+ Certification certified begins with CompTIA sy0 401 braindump preparation products which designed to deliver the Download sy0 401 practice exam questions by making you pass the sy0 401 practice exam test at your first time. Try the free comptia security+ study guide sy0 401 demo right now.

Q9. An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here? 

A. NIDS 

B. NIPS 

C. HIPS 

D. HIDS 

Answer:

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it 


Q10. Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed? 

A. 3DES 

B. Blowfish 

C. Serpent 

D. AES256 

Answer:

Explanation: 

Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. Blowfish is a fast, except when changing keys. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits). 


Q11. Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. 

Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. 

Which of the following should Sara do to address the risk? 

A. Accept the risk saving $10,000. 

B. Ignore the risk saving $5,000. 

C. Mitigate the risk saving $10,000. 

D. Transfer the risk saving $5,000. 

Answer:

Explanation: 

Risk transference involves sharing some of the risk burden with someone else, such as an insurance company. The cost of the security breach over a period of 5 years would amount to $30,000 and it is better to save $5,000. 


Q12. Which of the following types of technologies is used by security and research personnel for identification and analysis of new security threats in a networked environment by using false data/hosts for information collection? 

A. Honeynet 

B. Vulnerability scanner 

C. Port scanner 

D. Protocol analyzer 

Answer:

Explanation: 


Q13. Which of the following offers the LEAST amount of protection against data theft by USB drives? 

A. DLP 

B. Database encryption 

C. TPM 

D. Cloud computing 

Answer:

Explanation: 

Cloud computing refers to performing data processing and storage elsewhere, over a network connection, rather than locally. Because users have access to the data, it can easily be copied to a USB device. 


Q14. A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following? 

A. Availability 

B. Integrity 

C. Confidentiality 

D. Fire suppression 

Answer:

Explanation: 

Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC. 


Q15. Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise: 

A. user accounts may be inadvertently locked out. 

B. data on the USB drive could be corrupted. 

C. data on the hard drive will be vulnerable to log analysis. 

D. the security controls on the USB drive can be bypassed. 

Answer:

Explanation: 

A common access mechanism to data on encrypted USB hard drives is a password. If a weak password is used, someone could guess the password and bypass the security controls on the USB drive to access the data. 


Q16. Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption? 

A. USB 

B. HSM 

C. RAID 

D. TPM 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.