SY0-401 free demo, SY0-401 practice questions

By blog Admin | Posted Wed, 30 Dec 2015 14:09:11 GMT

ITCertKey's SY0-401 test questions is more accurate and easier to understand, more authoritative than other SY0-401 test questions provided by any other website. After choose ITCertKey, you won't regret. If you are still worried, you can first try SY0-401 test questions and answers on probation. After you buy ITCertKey's SY0-401 test questions, we guarantee you will pass SY0-401 test questions with 100%.

SY0-401 Exam DumpsExam Code: SY0-401
Exam Name: CompTIA Security+ Certification
One year free update, No help, Full refund!
SY0-401 Braindumps Total Q&A: 1750 Questions and Answers
Last Update: 12-29,2015

SY0-401 Exam Questions Detail: SY0-401 Braindumps

NO.1 Recently clients are stating they can no longer access a secure banking site's webpage. In
reviewing the clients' web browser settings, the certificate chain is showing the following:
Certificate Chain:
X Digi Cert Digi Cert High assurance C3
* banksite.com
Certificate Store:
Digi Cert - Others Certificate Store
Digi Cert High assurance C3 - Others Certificate Store
Based on the information provided, which of the following is the problem when connecting to the
website?
A. The certificate authority has revoked the certificate
B. Key escrow is failing for the certificate authority
C. The certificate signature request was invalid
D. The clients do not trust the certificate authority
Answer: A

SY0-401 practice test

NO.2 Which statement is TRUE about the operation of a packet sniffer?
A. They are required for firewall operation and stateful inspection.
B. It can only have one interface on a management network.
C. The Ethernet card must be placed in promiscuous mode.
D. It must be placed on a single virtual LAN interface.
Answer: C

SY0-401 Actual Test
Explanation:
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are
connected to a local area network that is not filtered or switched, the traffic can be broadcast to all
computers contained in the same segment. This doesn't generally occur, since computers are
generally told to ignore all the comings and goings of traffic from other computers. However, in the
case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card
(NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads communications
between computers within a particular segment. This allows the sniffer to seize everything that is
flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer
can take the form of either a hardware or software solution. A sniffer is also known as a packet
analyzer.

NO.3 Ann has taken over as the new head of the IT department. One of her first assignments was to
implement AAA in preparation for the company's new telecommuting policy. When she takes
inventory of the organizations existing network infrastructure, she makes note that it is a mix of
several different vendors. Ann knows she needs a method of secure centralized access to the
company's network resources. Which of the following is the BEST service for Ann to implement?
A. TACACS+
B. SAML
C. LDAP
D. RADIUS
Answer: D

SY0-401 Exam 
Explanation:
The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized
Authentication, Authorization, and Accounting (AAA) management for users who make use of a
network service.

NO.4 Matt, the Chief Information Security Officer (CISO), tells the network administrator that a
security company has been hired to perform a penetration test against his network. The security
company asks Matt which type of testing would be most beneficial for him. Which of the following
BEST describes what the security company might do during a black box test?
A. The security company is provided with no information about the corporate network or physical
locations.
B. The security company is provided with all network ranges, security devices in place, and logical
maps of the network.
C. The security company is provided with limited information on the network, including all network
diagrams.
D. The security company is provided with limited information on the network, including some subnet
ranges and logical network diagrams.
Answer: A
Explanation:
The term black box testing is generally associated with application testing. However, in this question
the term is used for network testing. Black box testing means testing something when you have no
knowledge of the inner workings.
Black-box testing is a method of software testing that examines the functionality of an application
without peering into its internal structures or workings. This method of test can be applied to
virtually every level of software testing: unit, integration, system and acceptance. It typically
comprises most if not all higher level testing, but can also dominate unit testing as well. Specific
knowledge of the application's code/internal structure and programming knowledge in general is not
required. The tester is aware of what the software is supposed to do but is not aware of how it does
it. For instance, the tester is aware that a particular input returns a certain, invariable output but is
not aware of how the software produces the output in the first place.

NO.5 Which of the following would a security administrator implement in order to discover
comprehensive security threats on a network?
A. Vulnerability scan
B. Baseline reporting
C. Code review
D. Design reviews
Answer: A

SY0-401 Real Questions
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and
vulnerabilities. Vulnerabilities include computer systems that do not have the latest security patches
installed. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary
actions taken to resolve and vulnerabilities. A vulnerability scan is the automated process of
proactively identifying security vulnerabilities of computing systems in a network in order to
determine if and where a system can be exploited and/or threatened. While public servers are
important for communication and data transfer over the Internet, they open the door to potential
security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs
software that seeks out security flaws based on a database of known flaws, testing systems for the
occurrence of these flaws and generating a report of the findings that an individual or an enterprise
can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of
systems that are connected to the Internet but can also refer to system audits on internal networks
that are not connected to the Internet in order to assess the threat of rogue software or malicious
employees in an enterprise.

NO.6 A server is configured to communicate on both VLAN 1 and VLAN 12. VLAN 1 communication
works fine, but VLAN 12 does not. Which of the following MUST happen before the server can
communicate on VLAN 12?
A. The server's network switch port must use VLAN Q-in-Q for VLAN 12.
B. The server's network switch port must be enabled for 802.11x on VLAN 12.
C. The server's network switch port must be 802.1q untagged for VLAN 12.
D. The server's network switch port must be 802.1q tagged for VLAN 12.
Answer: D

SY0-401 Training online SY0-401 Test Answers
Explanation:
802.1q is a standard that defines a system of VLAN tagging for Ethernet frames. The purpose of a
tagged port is to pass traffic for multiple VLAN's.
Incorrect Options:
A: 802.11x provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
B: VLAN Q-in-Q allows multiple VLAN tags to be inserted into a single frame.
C: The purpose an untagged port is to accept traffic for a single VLAN only.
Reference:
https://en.wikipedia.org/wiki/IEEE_802.1Q
https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Fundame
ntals_of_802.1Q_VLAN_Tagging
https://en.wikipedia.org/wiki/IEEE_802.1X
https://en.wikipedia.org/wiki/IEEE_802.1ad

NO.7 Ann, a security administrator at a call center, has been experiencing problems with users
intentionally installing unapproved and occasionally malicious software on their computers. Due to
the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST
alleviate her concerns?
A. Create an approved application list and block anything not on it.
B. Enable the pop-up blockers on the users' browsers to prevent malware.
C. Deploy a HIDS suite on the users' computers to prevent application installation.
D. Maintain the baseline posture at the highest OS patch level.
Answer: A

SY0-401 Real Questions SY0-401 Test Questions
Explanation:
You can use Software Restriction Policy or its successor AppLocker to prevent unauthorized
applications from running or being installed on computers.
Software Restriction Policies (SRP) is Group Policy-based feature that identifies software
programs running on computers in a domain, and controls the ability of those programs to run.
Software restriction policies are part of the Microsoft security and management strategy to assist
enterprises in increasing the reliability, integrity, and manageability of their computers.
You can use AppLocker as part of your overall security strategy for the following scenarios:
Help prevent malicious software (malware) and unsupported applications from affecting computers
in your environment.
Prevent users from installing and using unauthorized applications.
Implement application control policy to satisfy portions of your security policy or compliance
requirements in your organization.

NO.8 DRAG DROP
A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in
the list below in the correct order in which the forensic analyst should preserve them.
Answer:
Explanation:
When dealing with multiple issues, address them in order of volatility (OOV); always deal with the
most volatile first. Volatility can be thought of as the amount of time that you have to collect certain
data before a window of opportunity is gone. Naturally, in an investigation you want to collect
everything, but some data will exist longer than others, and you cannot possibly collect all of it
once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and
printouts.
Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and
logs, capture any relevant video/screenshots/hashes, record time offset on the systems, talk to
witnesses, and track total man-hours and expenses associated with the investigation.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex,
Indianapolis, 2014, p. 453

ITCertKey offer the latest 640-554 exam material and high-quality ITSM20F pdf questions & answers. Our 74-335 VCE testing engine and 1z1-448 study guide can help you pass the real exam. High-quality 200-120 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple. 

Posted 2015/12/30 14:09:11  |  Category: CompTIA  |  Tag: SY0-401CompTIACompTIA Security+ CertificationSY0-401 practice test
← EMC E20-597 braindumps 350-018 Training Materials, 350-018v4 Training online →
Recent Posts
CCA-500 Reliable Test Question And Answer & CCA-500 Certified Questions
AND-401 Valid Exam Questions Answers - Best Quality AND-401
CTP Valid Exam Collection Sheet - New CTP Test Objectives
New C_TPLM30_66 Test Sample & C_TPLM22_64 Latest Study Guide Free Download
C_TBW55_73 Examcollection Questions Answers & Download Free Dumps For C_TCRM20_72 & C-TADM51-74 Valid Visual Cert Exam
C-TAW12-740 Reliable Test Simulator Fee & P_ADMSEC_731 Valid Test Fee - C_TFIN52_66 Latest Exam Price
C-HANAIMP-11 Valid Exam Review - C-THR86-1608 Valid Exam Discount - C-THR86-1502 Reliable Exam Sample Questions
C-TBI30-74 Reliable Test Sims - C-EWM-91 Braindumps Pdf - C_TAW12_731 Certification Exam
C-THR12-67 Latest Exam Duration - C_TADM51_731 Valid Test Dumps Free & C_HANAIMP_12 Valid Soft Simulations
New C_TADM51_74 Exam Registration - C-SM100-718 Reliable Test Bootcamp
Archives
June 2017
May 2017
April 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
December 2015
Categories
AACE International
ACAMS
ACSM
Adobe
AFP
Amazon
Android
API
Aruba
ASQ
Avaya
BCS
BICSI
CA
CCIE
CheckPoint
Cisco
Citrix
Cloudera
CompTIA
CWNA
CWNP
EC-COUNCIL
EMC
Exam dumps of DumpKiller
EXIN
FileMaker
Fortinet
GAQM
GARP
Tags
1Z0-060 1z0-883 1z1-329 98-367 Adobe AFP Amazon API Aruba Avaya BICSI braindumps CheckPoint Cisco Cloudera CompTIA dumps Fortinet Free demo free download GAQM HP IBM IIA ISC ISM ISQI Juniper Linux Foundation Lpi MB6-703 Microsoft Network Appliance Novell Oracle PDF VCE Pegasystems RedHat SAP SASInstitute SNIA study guide SY0-401 Veritas VMware
Copyright © 2026. ITCertKey All rights reserved.