Want to Pass SY0-401 Exam In Next HOURS? Download Now →
May 9, 2018

how to use comptia security+ get certified get ahead sy0 401 study guide

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/SY0-401/

P.S. Top Quality SY0-401 class are available on Google Drive, GET MORE: https://drive.google.com/open?id=1YcI_9LpcT9E9qoVydyPqx1o7WTiqZhAb

New CompTIA SY0-401 Exam Dumps Collection (Question 7 - Question 16)

New Questions 7

An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data. In which of the following documents would this concern MOST likely be addressed?

A. Service level agreement

B. Interconnection security agreement

C. Non-disclosure agreement

D. Business process analysis

Answer: A

New Questions 8

An agent wants to create fast and efficient cryptographic keys to use with Diffie-Hellman without using prime numbers to generate the keys. Which of the following should be used?

A. Elliptic curve cryptography

B. Quantum cryptography

C. Public key cryptography

D. Symmetric cryptography

Answer: D

New Questions 9

A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be installed or ran on the useru2019s computers without exception. Which of the following should

the administrator do to prevent all unapproved software from running on the useru2019s computer?

A. Deploy antivirus software and configure it to detect and remove pirated software

B. Configure the firewall to prevent the downloading of executable files

C. Create an application whitelist and use OS controls to enforce it

D. Prevent users from running as administrator so they cannot install software.

Answer: C

New Questions 10

A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following ports should they block on the firewall?

A. 53

B. 110

C. 143

D. 443

Answer: D

New Questions 11

A companyu2019s BYOD policy requires the installation of a company provide mobile agent on their on their personally owned devices which would allow auditing when an employee wants to connect a device to the corporate email system. Which of the following concerns will MOST affect the decision to use a personal device to receive company email?

A. Personal privacy

B. Email support

C. Data ownership

D. Service availability

Answer: A

New Questions 12

Which of the following authentication services uses a default TCP of 389?



C. Kerberos


Answer: D

New Questions 13

The internal audit group discovered that unauthorized users are making unapproved changes to various system configuration settings. This issue occurs when previously authorized users transfer from one department to another and maintain the same credentials. Which of the following controls can be implemented to prevent such unauthorized changes in the future?

A. Periodic access review

B. Group based privileges

C. Least privilege

D. Account lockout

Answer: C

New Questions 14

The security administrator receives an email on a non-company account from a coworker stating that some reports are not exporting correctly. Attached to the email was an example report file with several customersu2019 names and credit card numbers with the PIN. Which of the following is the BEST technical controls that will help mitigate this risk of disclosing sensitive data?

A. Configure the mail server to require TLS connections for every email to ensure all transport data is encrypted

B. Create a user training program to identify the correct use of email and perform regular audits to ensure compliance

C. Implement a DLP solution on the email gateway to scan email and remove sensitive data or files

D. Classify all data according to its sensitivity and inform the users of data that is prohibited to share

Answer: C

New Questions 15

Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe receives a response, he is unable to decrypt the response with the same key he used initially. Which of the following would explain the situation?

A. An ephemeral key was used for one of the messages

B. A stream cipher was used for the initial email, a block cipher was used for the reply

C. Out-of-band key exchange has taken place

D. Asymmetric encryption is being used

Answer: C

New Questions 16

A review of administrative access has discovered that too many accounts have been granted administrative rights. Which of the following will alert the security team when elevated access is applied?

A. Establishing user access reviews

B. Establishing user based privileges

C. Establishing monitoring on accounts

D. Establishing group based privileges

Answer: C

100% Most recent CompTIA SY0-401 Questions & Answers shared by Surepassexam, Get HERE: https://www.surepassexam.com/SY0-401-exam-dumps.html (New 1781 Q&As)