sy0-401 test questions : May 2021 Edition

Exam Code: SY0-401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass SY0-401 Exam.

2021 May SY0-401 Study Guide Questions:

Q191. Three of the primary security control types that can be implemented are. 

A. Supervisory, subordinate, and peer. 

B. Personal, procedural, and legal. 

C. Operational, technical, and management. 

D. Mandatory, discretionary, and permanent. 

Answer: C 


The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical. 

Q192. Which of the following technologies can store multi-tenant data with different security requirements? 

A. Data loss prevention 

B. Trusted platform module 

C. Hard drive encryption 

D. Cloud computing 

Answer: D 


One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security. 

Q193. Which of the following data security techniques will allow Matt, an IT security technician, to encrypt a system with speed as its primary consideration? 

A. Hard drive encryption 

B. Infrastructure as a service 

C. Software based encryption 

D. Data loss prevention 

Answer: A 


Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. It should be implemented using a hardware-based solution for greater speed. 

SY0-401  exam answers

Renewal security plus sy0-401 practice test:

Q194. Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes? 

A. User rights and permissions review 

B. Configuration management 

C. Incident management 

D. Implement security controls on Layer 3 devices 

Answer: A 


Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions. Also reviewing user rights and permissions will afford the security analyst the opportunity to put the principle of least privilege in practice as well as update the security policy 

Q195. The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is: 

A. Security awareness training. 

B. BYOD security training. 

C. Role-based security training. 

D. Legal compliance training. 

Answer: A 


Security awareness and training are critical to the success of a security effort. They include explaining policies, procedures, and current threats to both users and management. 

Q196. Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect. 

Which of the following is MOST likely the reason? 

A. The company wireless is using a MAC filter. 

B. The company wireless has SSID broadcast disabled. 

C. The company wireless is using WEP. 

D. The company wireless is using WPA2. 

Answer: A 


MAC filtering allows you to include or exclude computers and devices based on their MAC address. 

SY0-401  exam answers

Real sy0-401 voucher:

Q197. When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability. 

Which of the following is the type of vulnerability described? 

A. Network based 


C. Signature based 

D. Host based 

Answer: C 


A signature-based monitoring or detection method relies on a database of signatures or patterns of known malicious or unwanted activity. The strength of a signature-based system is that it can quickly and accurately detect any event from its database of signatures. 


Drag the items on the left to show the different types of security for the shown devices. Not all fields need to be filled. Not all items need to be used. 



Mobile Device Security GPS tracking Remote wipe 

Device Encryption 

Strong password 

Server in Data Center Security 



Proximity Badges 


For mobile devices, at bare minimum you should have the following security measures in place: 

Screen lock, Strong password, Device encryption, Remote wipe/Sanitation, voice encryption, GPS tracking, Application control, Storage segmentation, Asset tracking as well as Device Access control. 

For servers in a data center your security should include: Fire extinguishers such as FM200 as part of fire suppression; Biometric, proximity badges, mantraps, HVAC, cable locks; these can all be physical security measures to control access to the server. 


Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, 

Indianapolis, 2014, p 418 

Q199. Joe a company’s new security specialist is assigned a role to conduct monthly vulnerability scans across the network. He notices that the scanner is returning a large amount of false positives or failed audits. Which of the following should Joe recommend to remediate these issues? 

A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company’s servers 

B. Ensure the vulnerability scanner is configured to authenticate with a privileged account 

C. Ensure the vulnerability scanner is attempting to exploit the weaknesses it discovers 

D. Ensure the vulnerability scanner is conducting antivirus scanning 

Answer: A 


The vulnerability scanner is returning false positives because it is trying to scan servers that it 

doesn’t have access to; for example, servers on the Internet. 

We need to ensure that the local network servers only are scanned. We can do this by locating the 

vulnerability scanner in a segmented VLAN that has access to the company’s servers. 

A false positive is an error in some evaluation process in which a condition tested for is mistakenly 

found to have been detected. 

In spam filters, for example, a false positive is a legitimate message mistakenly marked as UBE --unsolicited bulk email, as junk email is more formally known. Messages that are determined to be 

spam -- whether correctly or incorrectly -- may be rejected by a server or client-side spam filter 

and returned to the sender as bounce e-mail. 

One problem with many spam filtering tools is that if they are configured stringently enough to be 

effective, there is a fairly high chance of getting false positives. The risk of accidentally blocking an 

important message has been enough to deter many companies from implementing any anti-spam 

measures at all. 

False positives are also common in security systems. A host intrusion prevention system (HIPS), 

for example, looks for anomalies, such as deviations in bandwidth, protocols and ports. When 

activity varies outside of an acceptable range – for example, a remote application attempting to 

open a normally closed port -- an intrusion may be in progress. However, an anomaly, such as a 

sudden spike in bandwidth use, does not guarantee an actual attack, so this approach amounts to 

an educated guess and the chance for false positives can be high. 

False positives contrast with false negatives, which are results indicating mistakenly that some 

condition tested for is absent. 

Q200. A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date. 

Which of the following BEST describes this system type? 





Answer: C 


Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control. 

see more SY0-401 dumps