Exam Code: security+ sy0 401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass sy0 401 braindump Exam.
Q681. Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Joe search for in the log files?
A. Failed authentication attempts
B. Network ping sweeps
C. Host port scans
D. Connections to port 22
Answer: D
Explanation:
Log analysis is the art and science of reviewing audit trails, log files, or other forms of computer-
generated records for evidence of policy violations, malicious events, downtimes, bottlenecks, or
other issues of concern.
SSH uses TCP port 22. All protocols encrypted by SSH also use TCP port 22, such as SFTP,
SHTTP, SCP, SExec, and slogin.
Q682. A security administrator is notified that users attached to a particular switch are having intermittent connectivity issues. Upon further research, the administrator finds evidence of an ARP spoofing attack. Which of the following could be utilized to provide protection from this type of attack?
A. Configure MAC filtering on the switch.
B. Configure loop protection on the switch.
C. Configure flood guards on the switch.
D. Configure 802.1x authentication on the switch.
Answer: C
Explanation:
Q683. Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?
A. PAT
B. NAP
C. DNAT
D. NAC
Answer: A
Explanation:
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.
Q684. Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).
A. Virtual switch
B. NAT
C. System partitioning
D. Access-list
E. Disable spanning tree
F. VLAN
Answer: A,F
Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question.
Q685. The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).
A. Permit redirection to Internet-facing web URLs.
B. Ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”.
C. Validate and filter input on the server side and client side.
D. Use a web proxy to pass website requests between the user and the application.
E. Restrict and sanitize use of special characters in input and URLs.
Answer: C,E
Explanation:
XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application’s trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user’s knowledge. XSRF can be prevented by adding a randomization string (called a nonce) to each URL request and session establishment and checking the client HTTP request header referrer for spoofing.
Q686. An administrator implements SELinux on a production web server. After implementing this, the web server no longer serves up files from users' home directories. To rectify this, the administrator creates a new policy as the root user. This is an example of which of the following? (Select TWO).
A. Enforcing SELinux in the OS kernel is role-based access control
B. Enforcing SELinux in the OS kernel is rule-based access control
C. The policy added by the root user is mandatory access control
D. Enforcing SELinux in the OS kernel is mandatory access control
E. The policy added by the root user is role-based access control
F. The policy added by the root user is rule-based access control
Answer: D,F
Explanation:
Q687. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
A. NAT
B. Virtualization
C. NAC
D. Subnetting
Answer: D
Explanation:
Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.
Q688. Which of the following is a management control?
A. Logon banners
B. Written security policy
C. SYN attack prevention
D. Access Control List (ACL)
Answer: B
Explanation:
Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment; and written security policy falls in this category.
Q689. Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?
A. Fuzzing
B. Patch management
C. Error handling
D. Strong passwords
Answer: C
Explanation:
Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture errors and exceptions so that they could be handled by the application.