how to use sy0 401 practice test

Pass4sure offers free demo for comptia security+ study guide sy0 401 exam. "CompTIA Security+ Certification", also known as sy0 401 study guide pdf exam, is a CompTIA Certification. This set of posts, Passing the CompTIA sy0 401 pdf exam, will help you answer those questions. The security+ sy0 401 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA sy0 401 practice test exams and revised by experts!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q611. Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination? 

A. Proxies 

B. Load balancers 

C. Protocol analyzer 

D. VPN concentrator 

Answer:

Explanation: 


Q612. A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. 

Which of the following replies has the administrator received? 

A. The loopback address 

B. The local MAC address 

C. IPv4 address 

D. IPv6 address 

Answer:

Explanation: 

IPv6 addresses are 128-bits in length. An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). The hexadecimal digits are case-insensitive, but IETF recommendations suggest the use of lower case letters. The full representation of eight 4-digit groups may be simplified by several techniques, eliminating parts of the representation. 


Q613. Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts? 

A. Two factor authentication 

B. Identification and authorization 

C. Single sign-on 

D. Single factor authentication 

Answer:

Explanation: 

Two-factor authentication is when two different authentication factors are provided for 

authentication purposes. 

Speaking (Voice) – something they are. 

Passphrase – something they know. 


Q614. While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO). 

A. 20 

B. 21 

C. 22 

D. 68 

E. 69 

Answer: A,B 

Explanation: 


Q615. Several users report to the administrator that they are having issues downloading files from the file server. Which of the following assessment tools can be used to determine if there is an issue with the file server? 

A. MAC filter list 

B. Recovery agent 

C. Baselines 

D. Access list 

Answer:

Explanation: 

The standard configuration on a server is known as the baseline. In this question, we can see if 

anything has changed on the file server by comparing its current configuration with the baseline. 

The IT baseline protection approach is a methodology to identify and implement computer security 

measures in an organization. The aim is the achievement of an adequate and appropriate level of 

security for IT systems. This is known as a baseline. 

A baseline report compares the current status of network systems in terms of security updates, 

performance or other metrics to a predefined set of standards (the baseline). 


Q616. Layer 7 devices used to prevent specific types of html tags are called: 

A. Firewalls 

B. Content filters 

C. Routers 

D. NIDS 

Answer:

Explanation: 

A content filter is a is a type of software designed to restrict or control the content a reader is authorised to access, particularly when used to limit material delivered over the Internet via the Web, e-mail, or other means. Because the user and the OSI layer interact directly with the content filter, it operates at Layer 7 of the OSI model. 


Q617. A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list? 

A. File encryption 

B. Password hashing 

C. USB encryption 

D. Full disk encryption 

Answer:

Explanation: 

File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key on the encrypted file. 


Q618. When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength? 

A. SHA 

B. AES 

C. DES 

D. RSA 

Answer:

Explanation: 

RSA (an asymmetric algorithm) uses keys of a minimum length of 2048 bits. 


Q619. Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network? 

A. NIPS 

B. HIDS 

C. HIPS 

D. NIDS 

Answer:

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it 


Q620. Why would a technician use a password cracker? 

A. To look for weak passwords on the network 

B. To change a user’s passwords when they leave the company 

C. To enforce password complexity requirements 

D. To change users passwords if they have forgotten them 

Answer:

Explanation: 

A password cracker will be able to expose weak passwords on a network.