sy0-401 test questions : May 2016 Edition

Exam Code: SY0-401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass SY0-401 Exam.

2016 May SY0-401 Study Guide Questions:

Q21. A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. 

Which of the following would accomplish this task? 

A. Deny TCP port 68 

B. Deny TCP port 69 

C. Deny UDP port 68 

D. Deny UDP port 69 

Answer: D 

Explanation: 

Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69. 


Q22. Which of the following can only be mitigated through the use of technical controls rather that user security training? 

A. Shoulder surfing 

B. Zero-day 

C. Vishing 

D. Trojans 

Answer: B 

Explanation: 

A zero day vulnerability is an unknown vulnerability in a software application. This cannot be prevented by user security training. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 


Q23. A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? 

A. VLAN 

B. Subnet 

C. VPN 

D. DMZ 

Answer: D 

Explanation: 

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted. 


SY0-401  exam answers

Renewal security plus sy0-401 practice test:

Q24. Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls? 

A. Implement TKIP encryption 

B. Consider antenna placement 

C. Disable the SSID broadcast 

D. Disable WPA 

Answer: B 

Explanation: Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical. 


Q25. A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password? 

A. Ann’s user account has administrator privileges. 

B. Joe’s user account was not added to the group policy. 

C. Ann’s user account was not added to the group policy. 

D. Joe’s user account was inadvertently disabled and must be re-created. 

Answer: C 

Explanation: 

Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number of settings related to credentials, which includes password expiration. Because Anne was not prompted to change her password, it could only mean that her user account was not added to the group policy. 


Q26. HOTSPOT 

The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication. 

1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks. 

2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port 

3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port. 

Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit. 

Answer: 


SY0-401  exam answers

Real sy0-401 voucher:

Q27. Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? 

A. Create a VLAN for the SCADA 

B. Enable PKI for the MainFrame 

C. Implement patch management 

D. Implement stronger WPA2 Wireless 

Answer: A 

Explanation: 

VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so. 


Q28. Which of the following is a common coding error in which boundary checking is not performed? 

A. Input validation 

B. Fuzzing 

C. Secure coding 

D. Cross-site scripting 

Answer: A 

Explanation: 

Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. 


Q29. A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as: 

A. Symmetric cryptography. 

B. Private key cryptography. 

C. Salting. 

D. Rainbow tables. 

Answer: C 

Explanation: 

Salting can be used to strengthen the hashing when the passwords were encrypted. Though hashing is a one-way algorithm it does not mean that it cannot be hacked. One method to hack a hash is though rainbow tables and salt is the counter measure to rainbow tables. With salt a password that you typed in and that has been encrypted with a hash will yield a letter combination other than what you actually types in when it is rainbow table attacked. 


Q30. A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with? 

A. Data confidentiality 

B. High availability 

C. Data integrity 

D. Business continuity 

Answer: C 

Explanation: 

Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing. 



see more SY0-401 dumps