[Down to date] passed sy0-401

Actualtests is the best choice to suit your needs to take the CompTIA CompTIA SY0-401 certification test. CompTIA SY0-401 research guide will help you make entire use of our SY0-401 online brain dumps. You can require a CompTIA sample test just before you purchase it and have an instantaneous access to free downloadable CompTIA CompTIA SY0-401 certification practice dumps soon after purchase! Begin right currently by while using the SY0-401 test serp to take a look at whether or even not youve got full knowing of CompTIA CompTIA certification exam and can create right choice. You may make entire preparation for the CompTIA SY0-401 exam through taking benefit of our newest CompTIA CompTIA SY0-401 certification exam.

2021 Oct security+ + sy0-401 practice test:

Q1. According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this? 






Explanation: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. 

Q2. Which of the following is a hardware based encryption device? 


B. TrueCrypt 





Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 

Q3. Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability? 

A. Twofish 

B. Diffie-Hellman 





Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size. 

Q4. When a new network drop was installed, the cable was run across several fluorescent lights. The users of the new network drop experience intermittent connectivity. Which of the following environmental controls was MOST likely overlooked during installation? 

A. Humidity sensors 

B. EMI shielding 

C. Channel interference 

D. Cable kinking 



Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. In this case you are experiencing intermittent connectivity since Electro Magnetic Interference (EMI) was not taken into account when running the cables over fluorescent lighting. 

Q5. After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service? 

A. Succession planning 

B. Disaster recovery plan 

C. Information security plan 

D. Business impact analysis 



A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses. 

Up to the minute comptia security+ review guide exam sy0-401:

Q6. Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card? 


B. MAC filtering 

C. Disabled SSID broadcast 




MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network. While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a valid MAC (via airodumping) and then spoofing one's own MAC into a validated one. 

Q7. Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place? 

A. Code review 

B. Penetration test 

C. Protocol analyzer 

D. Vulnerability scan 



Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 

Q8. On a train, an individual is watching a proprietary video on Joe's laptop without his knowledge. Which of the following does this describe? 

A. Tailgating 

B. Shoulder surfing 

C. Interference 

D. Illegal downloading 



Q9. Which of the following algorithms has well documented collisions? (Select TWO). 


B. MD5 


D. SHA-256 


Answer: B,C 


B: MD5 biggest weakness is that it does not have strong collision resistance, and thus it is no longer recommended for use. 

C: SHA-1 (also known as SHA) is being retired from most government uses; the U.S. National Institute of Standards and Technology said, "Federal agencies should stop using SHA-1 for...applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010", though that was later relaxed. Note: The hashing algorithm must have few or no collisions. This means that hashing two different inputs does not give the same output. Cryptographic hash functions are usually designed to be collision resistant. But many hash functions that were once thought to be collision resistant were later broken. MD5 and SHA-1 in particular both have published techniques more efficient than brute force for finding collisions. 

Q10. In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time? 

A. Import the recipient’s public key 

B. Import the recipient’s private key 

C. Export the sender’s private key 

D. Export the sender’s public key 



See step 4 below. 


 When a user encrypts plaintext with PGP, PGP first compresses the plaintext. 


 PGP then creates a session key, which is a one-time-only secret key. 


 This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. 


 Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. 

see more SY0-401 dumps