Cause all that matters here is passing the CompTIA SY0-401 exam. Cause all that you need is a high score of SY0-401 CompTIA Security+ Certification exam. The only one thing you need to do is downloading Actualtests SY0-401 exam study guides now. We will not let you down with our money-back guarantee.

2021 Dec SY0-401 exam

Q31. Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic? 

A. Sniffer 

B. Router 

C. Firewall 

D. Switch 

Answer:

Explanation: 

Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. 


Q32. Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO). 

A. Virtual switch 

B. NAT 

C. System partitioning 

D. Access-list 

E. Disable spanning tree 

F. VLAN 

Answer: A,F 

Explanation: 

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question. 


Q33. A new client application developer wants to ensure that the encrypted passwords that are stored in their database are secure from cracking attempts. To implement this, the developer implements a function on the client application that hashes passwords thousands of times prior to being sent to the database. Which of the following did the developer MOST likely implement? 

A. RIPEMD 

B. PBKDF2 

C. HMAC 

D. ECDHE 

Answer:

Explanation: 


Q34. A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up. 

Which of the following BEST allows the analyst to restrict user access to approved devices? 

A. Antenna placement 

B. Power level adjustment 

C. Disable SSID broadcasting 

D. MAC filtering 

Answer:

Explanation: 

A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. 


Q35. An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used? 

A. Routing 

B. DMZ 

C. VLAN 

D. NAT 

Answer:

Explanation: 

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function. 


Up to the immediate present SY0-401 practice exam:

Q36. A password history value of three means which of the following? 

A. Three different passwords are used before one can be reused. 

B. A password cannot be reused once changed for three years. 

C. After three hours a password must be re-entered to continue. 

D. The server stores passwords in the database for three days. 

Answer:

Explanation: 

Password History defines the number of unique new passwords a user must use before an old password can be reused. 


Q37. After reviewing the firewall logs of her organization’s wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue? 

A. Reduce the power level of the AP on the network segment 

B. Implement MAC filtering on the AP of the affected segment 

C. Perform a site survey to see what has changed on the segment 

D. Change the WPA2 encryption key of the AP in the affected segment 

Answer:

Explanation: 

Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far. 


Q38. Visible security cameras are considered to be which of the following types of security controls? 

A. Technical 

B. Compensating 

C. Deterrent 

D. Administrative 

Answer:

Explanation: 


Q39. A bank has recently deployed mobile tablets to all loan officers for use at customer sites. Which of the following would BEST prevent the disclosure of customer data in the event that a tablet is lost or stolen? 

A. Application control 

B. Remote wiping 

C. GPS 

D. Screen-locks 

Answer:

Explanation: 

Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people. 


Q40. Which of the following would be used when a higher level of security is desired for encryption key storage? 

A. TACACS+ 

B. L2TP 

C. LDAP 

D. TPM 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.