Act now and download your CompTIA SY0-401 test today! Do not waste time for the worthless CompTIA SY0-401 tutorials. Download Renovate CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA SY0-401 with a classic professional.

2021 Nov SY0-401 free practice questions

Q311. Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes? 

A. User rights and permissions review 

B. Configuration management 

C. Incident management 

D. Implement security controls on Layer 3 devices 

Answer:

Explanation: 

Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions. Also reviewing user rights and permissions will afford the security analyst the opportunity to put the principle of least privilege in practice as well as update the security policy 


Q312. Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data? 

A. Social networking use training 

B. Personally owned device policy training 

C. Tailgating awareness policy training 

D. Information classification training 

Answer:

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing these categories and how to handle data according to its category is essential in protecting the confidentiality of the data. 


Q313. A security manager must remain aware of the security posture of each system. Which of the following supports this requirement? 

A. Training staff on security policies 

B. Establishing baseline reporting 

C. Installing anti-malware software 

D. Disabling unnecessary accounts/services 

Answer:

Explanation: 

The IT baseline protection approach is a methodology to identify and implement computer security 

measures in an organization. The aim is the achievement of an adequate and appropriate level of 

security for IT systems. This is known as a baseline. 

A baseline report compares the current status of network systems in terms of security updates, 

performance or other metrics to a predefined set of standards (the baseline). 


Q314. The act of magnetically erasing all of the data on a disk is known as: 

A. Wiping 

B. Dissolution 

C. Scrubbing 

D. Degaussing 

Answer:

Explanation: 

Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium. 


Q315. A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff? 

A. Virtualization 

B. Subnetting 

C. IaaS 

D. SaaS 

Answer:

Explanation: 

Virtualization allows a single set of hardware to host multiple virtual machines. 


Up to the immediate present SY0-401 download:

Q316. A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080? 

A. Create a dynamic PAT from port 80 on the outside interface to the internal interface on port 8080 

B. Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port 80 

C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080 

D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80 

Answer:

Explanation: 


Q317. Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? 

A. Connect the WAP to a different switch. 

B. Create a voice VLAN. 

C. Create a DMZ. 

D. Set the switch ports to 802.1q mode. 

Answer:

Explanation: 

It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic over the data. 


Q318. Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO). 

A. Spoofing 

B. Man-in-the-middle 

C. Dictionary 

D. Brute force 

E. Privilege escalation 

Answer: C,D 

Explanation: 

Account lockout is a useful method for slowing down online password-guessing attacks. A dictionary attack performs password guessing by making use of a pre-existing list of likely passwords. A brute-force attack is intended to try every possible valid combination of characters to create possible passwords in the attempt to discover the specific passwords used by user accounts. 


Q319. A server is configured to communicate on both VLAN 1 and VLAN 12. VLAN 1 communication works fine, but VLAN 12 does not. Which of the following MUST happen before the server can communicate on VLAN 12? 

A. The server's network switch port must be enabled for 802.11x on VLAN 12. 

B. The server's network switch port must use VLAN Q-in-Q for VLAN 12. 

C. The server's network switch port must be 802.1q untagged for VLAN 12. 

D. The server's network switch port must be 802.1q tagged for VLAN 12. 

Answer:

Explanation: 


Q320. A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of the following attacks? 

A. Replay 

B. DDoS 

C. Smurf 

D. Ping of Death 

Answer:

Explanation: 

A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). 

For example: Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, Eve (posing as Alice) connects to Bob; when asked for a proof of identity, Eve sends Alice's password (or hash) read from the last session, which Bob accepts thus granting access to Eve. 

Countermeasures: A way to avoid replay attacks is by using session tokens: Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Eve has captured this value and tries to use it on another session; Bob sends a different session token, and when Eve replies with the captured value it will be different from Bob's computation. Session tokens should be chosen by a (pseudo-) random process. Otherwise Eve may be able to pose as Bob, presenting some predicted future token, and convince Alice to use that token in her transformation. Eve can then replay her reply at a later time (when the previously predicted token is actually presented by Bob), and Bob will accept the authentication. One-time passwords are similar to session tokens in that the password expires after it has been used or after a very short amount of time. They can be used to authenticate individual transactions in addition to sessions. The technique has been widely implemented in personal online banking systems. Bob can also send nonces but should then include a message authentication code (MAC), which Alice should check. Timestamping is another way of preventing a replay attack. Synchronization should be achieved using a secure protocol. For example Bob periodically broadcasts the time on his clock together with a MAC. When Alice wants to send Bob a message, she includes her best estimate of the time on his clock in her message, which is also authenticated. Bob only accepts messages for which the timestamp is within a reasonable tolerance. The advantage of this scheme is that Bob does not need to generate (pseudo-) random numbers, with the trade-off being that replay attacks, if they are performed quickly enough i.e. within that 'reasonable' limit, could succeed.