[Sep 2021] security+ sy0-401 study guide pdf

Act now and download your CompTIA SY0-401 test today! Do not waste time for the worthless CompTIA SY0-401 tutorials. Download Updated CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA SY0-401 with a classic professional.

2021 Sep comptia security+ review guide exam sy0-401:

Q771. Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO). 

A. Tethering 

B. Screen lock PIN 

C. Remote wipe 

D. Email password 

E. GPS tracking 

F. Device encryption 

Answer: C,F 


C: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people. 

F: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 

Q772. A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080? 

A. Create a dynamic PAT from port 80 on the outside interface to the internal interface on port 8080 

B. Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port 80 

C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080 

D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80 

Answer: C 


Q773. Allowing unauthorized removable devices to connect to computers increases the risk of which of the following? 

A. Data leakage prevention 

B. Data exfiltration 

C. Data classification 

D. Data deduplication 

Answer: B 

Explanation: Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system. 

Q774. The security team would like to gather intelligence about the types of attacks being launched against the organization. Which of the following would provide them with the MOST information? 

A. Implement a honeynet 

B. Perform a penetration test 

C. Examine firewall logs 

D. Deploy an IDS 

Answer: A 


A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. Although the primary purpose of a honeynet is to gather information about attackers' methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn't actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as "Finances" or "Human Services" to make them sound appealing to the attacker. 

A virtual honeynet is one that, while appearing to be an entire network, resides on a single server. 

Q775. The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? 

A. Cloud computing 

B. Full disk encryption 

C. Data Loss Prevention 


Answer: A 


Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline. 

SY0-401 simulations

Refresh comptia security+ study guide sy0-401 pdf:

Q776. A periodic update that corrects problems in one version of a product is called a A. Hotfix 

B. Overhaul 

C. Service pack 

D. Security update 

Answer: C 


A service pack is a collection of updates and hotfixes that address a number of software issues, as well as new software features. It is released periodically by the vendor. 

Q777. When employees that use certificates leave the company they should be added to which of the following? 


B. CA 



Answer: C 


The certificates of the leaving employees must be made unusable. This is done by revoking them. 

The revoke certificates end up in the CRL. 

Note: The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers 

paired with digital certificate status. The list enumerates revoked certificates along with the 

reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also 

included. In addition, each list contains a proposed date for the next release. 

Q778. What is the term for the process of luring someone in (usually done by an enforcement officer or a government agent)? 

A. Enticement 

B. Entrapment 

C. Deceit 

D. Sting 

Answer: A 


Enticement is the process of luring someone into your plan or trap. 

Q779. A new network administrator is setting up a new file server for the company. Which of the following would be the BEST way to manage folder security? 

A. Assign users manually and perform regular user access reviews 

B. Allow read only access to all folders and require users to request permission 

C. Assign data owners to each folder and allow them to add individual users to each folder 

D. Create security groups for each folder and assign appropriate users to each group 

Answer: D 


Creating a security group for each folder and assigning necessary users to each group would only allow users belonging to the folder’s security group access to the folder. It will make assigning folder privileges much easier, while also being more secure. 

Q780. Which of the following attacks would cause all mobile devices to lose their association with corporate access points while the attack is underway? 

A. Wireless jamming 

B. Evil twin 

C. Rogue AP 

D. Packet sniffing 

Answer: A 


When most people think of frequency jamming, what comes to mind are radio, radar and cell phone jamming. However, any communication that uses radio frequencies can be jammed by a strong radio signal in the same frequency. In this manner, Wi-Fi may be attacked with a network jamming attack, reducing signal quality until it becomes unusable or disconnects occur. With very similar methods, a focused and aimed signal can actually break access point hardware, as with equipment destruction attacks. 

see more SY0-401 dumps