ITCertKey's providing training material is very close to the content of the formal examination. Through our short-term special training You can quickly grasp IT professional knowledge, and then have a good preparation for your exam. We promise that we will do our best to help you pass the CompTIA certification SY0-401 exam cost.
Exam Code: SY0-401Exam Name: CompTIA Security+ Certification
One year free update, No help, Full refund!
SY0-401 Test Answers Total Q&A: 1750 Questions and Answers
Last Update: 12-29,2015
SY0-401 Bootcamp Detail: SY0-401 Test Answers
NO.1 An administrator receives a security alert that appears to be from one
of the company's
vendors. The email contains information and instructions for
patching a serious flaw that has not
been publicly announced. Which of the
following can an employee use to validate the authenticity if
the
email?
A. Digital signature
B. Ephemeral Key
C. Private key
D.
Hashing algorithm
E. SSL certificate chain
Answer: D
NO.2 A company
wants to prevent unauthorized access to its secure data center. Which of
the
following security controls would be MOST appropriate?
A. Motion
detector
B. Alarm to local police
C. Security guard
D.
Camera
Answer: C
SY0-401 Latest Dumps
NO.3
An administrator is configuring a new Linux web server where each user account
is confined to
a cheroot jail. Which of the following describes this type of
control?
A. SysV
B. Sandbox
C. Segmentation
D. Zone
Answer:
B
NO.4 Matt, a security consultant, has been tasked with increasing
server fault tolerance and has been
given no budget to accomplish his task.
Which of the following can Matt implement to ensure servers
will withstand
hardware failure?
A. Hardware load balancing
B. A host standby
C.
RAID
D. A cold site
Answer: C
SY0-401 Study
Materials
Explanation:
Fault tolerance is the ability of a system
to sustain operations in the event of a component failure.
Fault-tolerant
systems can continue operation even though a critical component, such as a disk
drive,
has failed. This capability involves overengineering systems by adding
redundant components and
subsystems. RAID can achieve fault tolerance using
software which can be done using the existing
hardware and
software.
NO.5 Which statement is TRUE about the operation of a packet
sniffer?
A. The Ethernet card must be placed in promiscuous mode.
B. It
must be placed on a single virtual LAN interface.
C. They are required for
firewall operation and stateful inspection.
D. It can only have one interface
on a management network.
Answer: A
SY0-401
Braindumps SY0-401 Training
online
Explanation:
A sniffer (packet sniffer) is a tool that
intercepts data flowing in a network. If computers are
connected to a local
area network that is not filtered or switched, the traffic can be broadcast to
all
computers contained in the same segment. This doesn't generally occur,
since computers are
generally told to ignore all the comings and goings of
traffic from other computers. However, in the
case of a sniffer, all traffic
is shared when the sniffer software commands the Network Interface Card
(NIC)
to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads
communications
between computers within a particular segment. This allows the
sniffer to seize everything that is
flowing in the network, which can lead to
the unauthorized access of sensitive data. A packet sniffer
can take the form
of either a hardware or software solution. A sniffer is also known as a
packet
analyzer.
NO.6 Which of the following BEST describes a SQL
Injection attack?
A. The attacker overwhelms a system or application, causing
it to crash, and then redirects the
memory address to read from a location
holding the payload.
B. The attacker overwhelms a system or application,
causing it to crash and bring the server down to
cause an outage.
C. The
attacker attempts to have the receiving server pass information to a back-end
database from
which it can compromise the stored information.
D. The
attacker attempts to have the receiving server run a payload using programming
commonly
found on web servers.
Answer: C
SY0-401
pdf SY0-401 Exam Tests
Explanation:
SQL
injection is a code injection technique, used to attack data-driven
applications, in which
malicious SQL statements are inserted into an entry
field for execution (e.g. to dump the database
contents to the attacker). SQL
injection must exploit a security vulnerability in an application's
software,
for example, when user input is either incorrectly filtered for string literal
escape characters
embedded in SQL statements or user input is not strongly
typed and unexpectedly executed. SQL
injection is mostly known as an attack
vector for websites but can be used to attack any type of
SQL
database.
NO.7 Which of the following provides data the best fault
tolerance at the LOWEST cost?
A. RAID 6
B. Server virtualization
C.
Clustering
D. Load balancing
Answer: A
SY0-401 Exam
Cost
Explanation:
RAID, or redundant array of independent
disks (RAID). RAID allows your existing servers to have more
than one hard
drive so that if the main hard drive fails, the system keeps functioning. RAID
can
achieve fault tolerance using software which can be done using the
existing hardware and software
thus representing the lowest cost
option.
NO.8 DRAG DROP
A forensic analyst is asked to respond to an
ongoing network attack on a server. Place the items in
the list below in the
correct order in which the forensic analyst should preserve
them.
Answer:
Explanation:
When dealing with multiple issues, address
them in order of volatility (OOV); always deal with the
most volatile first.
Volatility can be thought of as the amount of time that you have to collect
certain
data before a window of opportunity is gone. Naturally, in an
investigation you want to collect
everything, but some data will exist longer
than others, and you cannot possibly collect all of it
once. As an example,
the OOV in an investigation may be RAM, hard drive data, CDs/DVDs,
and
printouts.
Order of volatility: Capture system images as a snapshot of
what exists, look at network traffic and
logs, capture any relevant
video/screenshots/hashes, record time offset on the systems, talk
to
witnesses, and track total man-hours and expenses associated with the
investigation.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA
Security+ Study Guide, 6th Edition, Sybex,
Indianapolis, 2014, p.
453
ITCertKey offer the latest HP0-Y52 exam material and high-quality JK0-802 pdf questions & answers. Our 640-864 VCE testing engine and C_TADM51_731 study guide can help you pass the real exam. High-quality 300-206 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.