Exam Code: SY0-401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass SY0-401 Exam.

2021 Nov SY0-401 test preparation

Q81. An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue? 

A. Ethernet cable is damaged 

B. The host firewall is set to disallow outbound connections 

C. Network Access Control 

D. The switch port is administratively shutdown 

Answer: C 

Explanation: 

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control. 

Q82. A security administrator wants to implement a solution which will allow some applications to run under the user's home directory and only have access to files stored within the same user's folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users? 

A. OS Virtualization 

B. Trusted OS 

C. Process sandboxing 

D. File permission 

Answer: C 

Explanation: 

Q83. A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? 

A. WPA2 CCMP 

B. WPA 

C. WPA with MAC filtering 

D. WPA2 TKIP 

Answer: A 

Explanation: 

CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services: Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user Access control in conjunction with layer management 

Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation. 

Q84. Which of the following can use RC4 for encryption? (Select TWO). 

A. CHAP 

B. SSL 

C. WEP 

D. AES 

E. 3DES 

Answer: B,C 

Explanation: B: In cryptography, RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4) is the most widely used software stream cipher and is used in popular Internet protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). 

C: WEP also uses RC4, however WEP is still unsecure. 

Q85. After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future? 

A. Fencing 

B. Proximity readers 

C. Video surveillance 

D. Bollards 

Answer: D 

Explanation: 

To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures. Bollards are physical barriers that are strong enough to withstand impact with a vehicle. 

Abreast of the times SY0-401 practice test:

Q86. A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing? 

A. Systems should be restored within six hours and no later than two days after the incident. 

B. Systems should be restored within two days and should remain operational for at least six hours. 

C. Systems should be restored within six hours with a minimum of two days worth of data. 

D. Systems should be restored within two days with a minimum of six hours worth of data. 

Answer: C 

Explanation: 

The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during the business impact analysis (BIA) creation. 

The recovery point objective (RPO) is similar to RTO, but it defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). As a general rule, the closer the RPO matches the item of the crash, the more expensive it is to obtain. 

Q87. Digital certificates can be used to ensure which of the following? (Select TWO). 

A. Availability 

B. Confidentiality 

C. Verification 

D. Authorization 

E. Non-repudiation 

Answer: B,E 

Explanation: 

Digital Signatures is used to validate the integrity of the message and the sender. Digital certificates refer to cryptography which is mainly concerned with Confidentiality, Integrity, Authentication, Nonrepudiation and Access Control. Nonrepudiation prevents one party from denying actions they carried out. 

Q88. The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following? 

A. Rainbow tables attacks 

B. Brute force attacks 

C. Birthday attacks 

D. Cognitive passwords attacks 

Answer: D 

Explanation: 

Social Networking Dangers are ‘amplified’ in that social media networks are designed to mass distribute personal messages. If an employee reveals too much personal information it would be easy for miscreants to use the messages containing the personal information to work out possible passwords. 

Q89. A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner? 

A. Kill all system processes 

B. Enable the firewall 

C. Boot from CD/USB 

D. Disable the network connection 

Answer: C 

Explanation: 

Q90. HOTSPOT 

The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication. 

1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks. 

2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port 

3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port. 

Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit. 

Answer: