We provide real sy0 401 practice test exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA comptia sy0 401 Exam quickly & easily. The comptia sy0 401 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA sy0 401 braindump dumps pdf and vce product and material, you can easily pass the comptia security+ study guide sy0 401 exam.

Q641. The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? 

A. Cloud computing 

B. Full disk encryption 

C. Data Loss Prevention 

D. HSM 

Answer:

Explanation: 

Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline. 


Q642. A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario? 

A. Content filtering 

B. IDS 

C. Audit logs 

D. DLP 

Answer:

Explanation: 

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer. 


Q643. Which of the following must a user implement if they want to send a secret message to a coworker by embedding it within an image? 

A. Transport encryption 

B. Steganography 

C. Hashing 

D. Digital signature 

Answer:

Explanation: 

Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message. 


Q644. Joe, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Joe with detecting this activity? 

A. Place a full-time guard at the entrance to confirm user identity. 

B. Install a camera and DVR at the entrance to monitor access. 

C. Revoke all proximity badge access to make users justify access. 

D. Install a motion detector near the entrance. 

Answer:

Explanation: 

Tailgating is a favorite method of gaining entry to electronically locked systems by following someone through the door they just unlocked. With a limited budget installing a camera and DVR at the entrance to monitor access to the restricted areas is the most feasible solution. The benefit of a camera (also known as closed-circuit television, or CCTV) is that it is always running and can record everything it sees, creating evidence that can be admissible in court if necessary. 


Q645. Which of the following assets is MOST likely considered for DLP? 

A. Application server content 

B. USB mass storage devices 

C. Reverse proxy 

D. Print server 

Answer:

Explanation: 

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. A USB presents the most likely device to be used to steal data because of its physical size. 


Q646. Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains? 

Server 1: 192.168.100.6 

Server 2: 192.168.100.9 

Server 3: 192.169.100.20 

A. /24 

B. /27 

C. /28 

D. /29 

E. /30 

Answer:

Explanation: 

Using this option will result in all three servers using host addresses on different broadcast domains. 


Q647. Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following? 

A. Acceptable Use Policy 

B. Physical security controls 

C. Technical controls 

D. Security awareness training 

Answer:

Explanation: 

Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. A good security awareness training program for the entire organization should cover the following areas: Importance of security; Responsibilities of people in the organization; Policies and procedures; Usage policies; Account and password-selection criteria as well as Social engineering prevention. 


Q648. Which of the following BEST describes a protective countermeasure for SQL injection? 

A. Eliminating cross-site scripting vulnerabilities 

B. Installing an IDS to monitor network traffic 

C. Validating user input in web applications 

D. Placing a firewall between the Internet and database servers 

Answer:

Explanation: 

By validating user input and preventing special characters, we can prevent the injection of client-side scripting code. SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. 


Q649. TION NO: 74 

Which of the following can be used as an equipment theft deterrent? 

A. Screen locks 

B. GPS tracking 

C. Cable locks 

D. Whole disk encryption 

Answer:

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 


Q650. Which of the following describes how Sara, an attacker, can send unwanted advertisements to a mobile device? 

A. Man-in-the-middle 

B. Bluejacking 

C. Bluesnarfing 

D. Packet sniffing 

Answer:

Explanation: 

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.