Advanced Guide: security+ + sy0-401 practice test

It is impossible to pass CompTIA SY0-401 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA SY0-401 practice questions. You will get a surprising result by our Latest CompTIA Security+ Certification practice guides.

2016 Jun security+ sy0-401:

Q351. Which of the following common access control models is commonly used on systems to ensure a "need to know" based on classification levels? 

A. Role Based Access Controls 

B. Mandatory Access Controls 

C. Discretionary Access Controls 

D. Access Control List 

Answer: B 

Explanation: 

Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security restriction where some objects are restricted unless the subject has a need to know them. 


Q352. To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following? 

A. Full disk encryption 

B. Application isolation 

C. Digital rights management 

D. Data execution prevention 

Answer: A 

Explanation: 

Full-disk encryption encrypts the data on the hard drive of the device or on a removable drive. This feature ensures that the data on the device or removable drive cannot be accessed in a useable form should it be stolen. 


Q353. Which of the following solutions provides the most flexibility when testing new security controls prior to implementation? 

A. Trusted OS 

B. Host software baselining 

C. OS hardening 

D. Virtualization 

Answer: D 

Explanation: 


Q354. Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has been tasked to identify the issue and report any findings. Which of the following is the FIRST step of action recommended in this scenario? 

A. Baseline Reporting 

B. Capability Maturity Model 

C. Code Review 

D. Quality Assurance and Testing 

Answer: C 

Explanation: 


Q355. A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this? 

A. Command shell restrictions 

B. Restricted interface 

C. Warning banners 

D. Session output pipe to /dev/null 

Answer: C 

Explanation: 

Within Microsoft Windows, you have the ability to put signs (in the form of onscreen pop-up banners) that appear before the login telling similar information—authorized access only, violators will be prosecuted, and so forth. Such banners convey warnings or regulatory information to the user that they must “accept” in order to use the machine or network. You need to make staff aware that they may legally be prosecuted and a message is best given via a banner so that all staff using workstation will get notification. 


SY0-401 brain dumps

Most recent jk0-022 vs sy0-401:

Q356. A user was reissued a smart card after the previous smart card had expired. The user is able to log into the domain but is now unable to send digitally signed or encrypted email. Which of the following would the user need to perform? 

A. Remove all previous smart card certificates from the local certificate store. 

B. Publish the new certificates to the global address list. 

C. Make the certificates available to the operating system. 

D. Recover the previous smart card certificates. 

Answer: B 

Explanation: 

CAs can be either private or public, with VeriSign being one of the best known of the public variety. Many operating system providers allow their systems to be configured as CA systems. 

These CA systems can be used to generate internal certificates that are used within a business or in large external settings. The process provides certificates to the users. Since the user in question has been re-issued a smart card, the user must receive a new certificate by the CA to allow the user to send digitally signed email. This is achieved by publishing the new certificates to the global address list. 


Q357. Which of the following will help prevent smurf attacks? 

A. Allowing necessary UDP packets in and out of the network 

B. Disabling directed broadcast on border routers 

C. Disabling unused services on the gateway firewall 

D. Flash the BIOS with the latest firmware 

Answer: B 

Explanation: 


Q358. An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause? 

A. Spyware 

B. Trojan 

C. Privilege escalation 

D. DoS 

Answer: D 

Explanation: 

A Distributed Denial of Service (DDoS) attack is a DoS attack from multiple computers whereas a DoS attack is from a single computer. In terms of the actual method of attack, DDoS and DoS attacks are the same. One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time. Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack. 


Q359. Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement? 

A. RADIUS 

B. LDAP 

C. SAML 

D. TACACS+ 

Answer: A 

Explanation: 

The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized Authentication, Authorization, and Accounting (AAA) management for users who make use of a network service. 


Q360. A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following? 

A. Availability 

B. Integrity 

C. Confidentiality 

D. Fire suppression 

Answer: A 

Explanation: 

Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC. 



see more SY0-401 dumps