we provide Approved CompTIA sy0 401 study guide pdf testing engine which are the best for clearing comptia security+ sy0 401 test, and to get certified by CompTIA CompTIA Security+ Certification. The sy0 401 vce Questions & Answers covers all the knowledge points of the real sy0 401 practice exam exam. Crack your CompTIA sy0 401 practice test Exam with latest dumps, guaranteed!
Q101. Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?
A. Proxies
B. Load balancers
C. Protocol analyzer
D. VPN concentrator
Answer: A
Explanation:
Q102. Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?
A. Passive scan
B. Active scan
C. False positive
D. False negative
Answer: D
Explanation:
Q103. A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO).
A. Detect security incidents
B. Reduce attack surface of systems
C. Implement monitoring controls
D. Hardening network devices
E. Prevent unauthorized access
Answer: A,C
Explanation:
By monitoring security logs, installing security cameras and analyzing trend reports, the security analyst is implementing monitoring controls. With the monitoring controls in place, by monitoring the security logs, reviewing the footage from the security cameras and analyzing trend reports, the security analyst is able to detect security incidents.
Q104. Matt, an administrator, is concerned about the wireless network being discovered by war driving.
Which of the following can be done to mitigate this?
A. Enforce a policy for all users to authentic through a biometric device.
B. Disable all SSID broadcasting.
C. Ensure all access points are running the latest firmware.
D. Move all access points into public access areas.
Answer: B
Explanation:
B: War driving is the act of using a detection tool to look for wireless networking signals. The setting making a wireless network closed (or at least hidden) is the disabling of service set identifier (SSID) broadcasting. Thus by disabling all SSID broadcasting you can mitigate the risk of war driving.
Q105. Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?
A. Network based firewall
B. Anti-spam software
C. Host based firewall
D. Anti-spyware software
Answer: D
Explanation:
Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.
Q106. Joe, the systems administrator, is setting up a wireless network for his team’s laptops only and needs to prevent other employees from accessing it. Which of the following would BEST address this?
A. Disable default SSID broadcasting.
B. Use WPA instead of WEP encryption.
C. Lower the access point’s power settings.
D. Implement MAC filtering on the access point.
Answer: D
Explanation:
If MAC filtering is turned off, any wireless client that knows the values looked for (MAC addresses) can join the network. When MAC filtering is used, the administrator compiles a list of the MAC addresses associated with users’ computers and enters those addresses. When a client attempts to connect and other values have been correctly entered, an additional check of the MAC address is done. If the address appears in the list, the client is allowed to join; otherwise, it is forbidden from doing so.
Q107. Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?
A. Host-based firewalls
B. Network firewalls
C. Network proxy
D. Host intrusion prevention
Answer: A
Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system.
Q108. NO: 93
Multi-tenancy is a concept found in which of the following?
A. Full disk encryption
B. Removable media
C. Cloud computing
D. Data loss prevention
Answer: C
Explanation:
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.
Q109. Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).
A. Acceptable use policy
B. Risk acceptance policy
C. Privacy policy
D. Email policy
E. Security policy
Answer: A,C
Explanation:
Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Q110. Visitors entering a building are required to close the back door before the front door of the same entry room is open. Which of the following is being described?
A. Tailgating
B. Fencing
C. Screening
D. Mantrap
Answer: D
Explanation:
Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open; exactly what is required in this scenario.