comptia security+ review guide exam sy0-401 (601 to 610)

SY0-401 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

Product Description:
Exam Number/Code: SY0-401
Exam name: CompTIA Security+ Certification
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Free Certification Real IT SY0-401 Exam pdf Collection

Free of SY0-401 testing engine materials and guidance for CompTIA certification for customers, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2016 May SY0-401 Study Guide Questions:

Q601. Which of the following can be implemented if a security administrator wants only certain devices connecting to the wireless network? 

A. Disable SSID broadcast 

B. Install a RADIUS server 

C. Enable MAC filtering 

D. Lowering power levels on the AP 

Answer: C 


MAC filtering is commonly used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network. 

Q602. An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication? 

A. The malicious user has access to the WPA2-TKIP key. 

B. The wireless access point is broadcasting the SSID. 

C. The malicious user is able to capture the wired communication. 

D. The meeting attendees are using unencrypted hard drives. 

Answer: C 


Q603. An administrator notices that former temporary employees’ accounts are still active on a domain. 

Which of the following can be implemented to increase security and prevent this from happening? 

A. Implement a password expiration policy. 

B. Implement an account expiration date for permanent employees. 

C. Implement time of day restrictions for all temporary employees. 

D. Run a last logon script to look for inactive accounts. 

Answer: D 


You can run a script to return a list of all accounts that haven’t been used for a number of days, for example 30 days. If an account hasn’t been logged into for 30 days, it’s a safe bet that the user the account belonged to is no longer with the company. You can then disable all the accounts that the script returns. A disabled account cannot be used to log in to a system. This is a good security measure. As soon as an employee leaves the company, the employees account should always be disabled. 


Renew sy0-401 pdf:

Q604. Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days’ hashes. Which of the following security concepts is Sara using? 

A. Confidentiality 

B. Compliance 

C. Integrity 

D. Availability 

Answer: C 


Integrity means the message can’t be altered without detection. 


Select the appropriate attack from each drop down list to label the corresponding illustrated attack 

Instructions: Attacks may only be used once, and will disappear from drop down list if selected. 

When you have completed the simulation, please select the Done button to submit. 




Q606. The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? 

A. Cloud computing 

B. Full disk encryption 

C. Data Loss Prevention 


Answer: A 


Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline. 


Certified sy0-401 simulations:

Q607. Which of the following is a BEST practice when dealing with user accounts that will only need to be active for a limited time period? 

A. When creating the account, set the account to not remember password history. 

B. When creating the account, set an expiration date on the account. 

C. When creating the account, set a password expiration date on the account. 

D. When creating the account, set the account to have time of day restrictions. 

Answer: B 


Disablement is a secure feature to employ on user accounts for temporary workers, interns, or consultants. It automatically disables a user account or causes the account to expire at a specific time and on a specific day. 

Q608. An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future? 

A. Business continuity planning 

B. Quantitative assessment 

C. Data classification 

D. Qualitative assessment 

Answer: C 


Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing how to apply these categories and matching it up with the appropriate data handling will address the situation of the data ‘unknown sensitivity’ 

Q609. A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application? 

A. Avoid the risk to the user base allowing them to re-enable their own accounts 

B. Mitigate the risk by patching the application to increase security and saving money 

C. Transfer the risk replacing the application now instead of in five years 

D. Accept the risk and continue to enable the accounts each month saving money 

Answer: D 


This is a risk acceptance measure that has to be implemented since the cost of patching would be too high compared to the cost to keep the system going as is. Risk acceptance is often the choice you must make when the cost of implementing any of the other four choices (i.e. risk deterrence, mitigation, transference or avoidance) exceeds the value of the harm that would occur if the risk came to fruition. 

Q610. Which of the following BEST allows Pete, a security administrator, to determine the type, source, and flags of the packet traversing a network for troubleshooting purposes? 

A. Switches 

B. Protocol analyzers 

C. Routers 

D. Web security gateways 

Answer: B 


A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. By capturing and analyzing the 

packets, Pete will be able to determine the type, source, and flags of the packets traversing a 

network for troubleshooting purposes. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 

see more