Pass CompTIA SY0-401 - CompTIA Security+ Certification

exam in just 24 HOURS!

100% REAL EXAM QUESTIONS ANSWERS

CompTIA SY0-401 - CompTIA Security+

Certification Buy Complete Questions Answers File from

http://www.certs4you.com/comptia/sy0-401-

dumps.html

100% Exam Passing Guarantee & Money Back Assurance

Sample Questions

Question No 1:

The security administrator at ABC company received the following log information from an external

party:

10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal

10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force

10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan

The external party is reporting attacks coming from abc-company.com. Which of the following is the

reason the ABC company’s security administrator is unable to determine the origin of the attack?

A. A NIDS was used in place of a NIPS.

B. The log is not in UTC.

C. The external party uses a firewall.

D. ABC company uses PAT.

Answer: D

Question No 2:

Which of the following firewall rules only denies DNS zone transfers?

A. Deny udp any any port 53

B. Deny ip any any

C. Deny tcp any any port 53

D. Deny all dns packets

Answer: C

Question No 3:

A corporation is looking to expand their data center but has run out of physical space in

which to store hardware. Which of the following would offer the ability to expand while

keeping their current data center operated by internal staff?

A. Virtualization

B. Subnetting

C. IaaS

D. SaaS

Answer: A

Question No 4:

Which of the following uses port 22 by default? (Select THREE).

A. SSH

B. SSL

C. TLS

D. SFTP

E. SCP

F. FTPS

G. SMTP

H. SNMP

Answer: A, D, E

Question No 5:

The security administrator is currently unaware of an incident that occurred a week ago.

Which of the following will ensure the administrator is notified in a timely manner in the

future?

A. User permissions reviews

B. Incident response team

C. Change management

D. Routine auditing

Answer: D

Question No 6:

Matt, a security consultant, has been tasked with increasing server fault tolerance and has

been given no budget to accomplish his task. Which of the following can Matt implement to

ensure servers will withstand hardware failure?

A. Hardware load balancing

B. RAID

C. A cold site

D. A host standby

Answer: B

Question No 7:

A security administrator wants to perform routine tests on the network during working hours

when certain applications are being accessed by the most people. Which of the following

would allow the security administrator to test the lack of security controls for those

applications with the least impact to the system?

A. Penetration test

B. Vulnerability scan

C. Load testing

D. Port scanner

Answer: B

Question No 8:

A system administrator is using a packet sniffer to troubleshoot remote authentication. The

administrator detects a device trying to communicate to TCP port 49. Which of the following

authentication methods is MOST likely being attempted?

A. RADIUS

B. TACACS+

C. Kerberos

D. LDAP

Answer: B

Question No 9:

Which of the following ports should be opened on a firewall to allow for NetBIOS

communication? (Select TWO).

A. 110

B. 137

C. 139

D. 143

E. 161

F. 443

Answer: B, C

Question No 10:

Which of the following are examples of detective controls?

A. Biometrics, motion sensors and mantraps.

B. Audit, firewall, anti-virus and biometrics.

C. Motion sensors, intruder alarm and audit

D. Intruder alarm, mantraps and firewall.

Answer: C

Buy Complete Questions Answers File from

100% Exam Passing Guarantee & Money Back Assurance

PDF Version + Test Engine Software Version

90 Days Free Updates Service

Valid for All Countries

http://www.certs4you.com/comptia/sy0-401-

dumps.html