Want to Pass SY0-401 Exam In Next HOURS? Download Now →
May 11, 2018

Amazing security+ sy0 401 To Try


Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/SY0-401/


P.S. Realistic SY0-401 preparation exams are available on Google Drive, GET MORE: https://drive.google.com/open?id=1mIqwTVora9VA21sCf6K3hvnTPQZdXe_t


New CompTIA SY0-401 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

During a review a company was cited for allowing requestors to approve and implement their own change request. Which of the following would resolve the issue? (Select TWO)

A. Separation duties

B. Mandatory access

C. Mandatory vacations

D. Audit logs

E. Job Rotation

F. Time of day restrictions

Answer: A,E


New Questions 10

Which of the following forms of software testing can best be performed with no knowledge of how a system is internally structured or functions? (Select Two.)

A. Boundary testing

B. White box

C. Fuzzing

D. Black box

E. Grey Box

Answer: C,D


New Questions 11

A company has been attacked and their website has been altered to display false information. The security administrator disables the web server service before restoring the website from backup. An audit was performed on the server and no other data was altered. Which of the following should be performed after the server has been restored?

A. Monitor all logs for the attackeru2019s IP

B. Block port 443 on the web server

C. Install and configure SSL to be used on the web server

D. Configure the web server to be in VLAN 0 across the network

Answer: B


New Questions 12

A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

A. Performance and service delivery metrics

B. Backups are being performed and tested

C. Data ownership is being maintained and audited

D. Risk awareness is being adhered to and enforced

Answer: A


New Questions 13

Joe, the security administrator, sees this in a vulnerability scan report:

'The server 10.1..2.232 is running Apache 2.2.20 which may be vulnerabel to a mod_cgi exploit."

Joe verifies that mod_cgi module is not enabled on 10.1.2.232. This message is an example of

A. a threat

B. a risk

C. a false negative

D. afalse positive

Answer: A


New Questions 14

A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

A. Utilizing a single question for password recovery

B. Sending a PIN to a smartphone through text message

C. Utilizing CAPTCHA to avoid brute force attacks

D. Use a different e-mail address to recover password

Answer: B


New Questions 15

A company is exploring the option of letting employees use their personal laptops on the internal network. Which of the following would be the MOST common security concern in this scenario?

A. Credential management

B. Support ownership

C. Device access control

D. Antivirus management

Answer: D


New Questions 16

An organization wants to conduct secure transactions of large data files. Before encrypting and exchanging the data files, the organization wants to ensure a secure exchange of keys. Which of the following algorithms is appropriate for securing the key exchange?

A. DES

B. Blowfish

C. DSA

D. Diffie-Hellman

E. 3DES

Answer: D


New Questions 17

Which of the following exploits either a host file on a target machine or vulnerabilities on a DNS server in order to carry out URL redirection?

A. Pharming

B. Spoofing

C. Vishing

D. Phishing

Answer: B


New Questions 18

The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in delevopment. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many customers have disabled the host based firewall. After examining the system the administrator sees several ports that are open for database and application servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the administrator to take?

A. Allow ports used by the application through the network firewall

B. Allow ports used externally through the host firewall

C. Follow the vendor recommendations and disable the host firewall

D. Allow ports used locally through the host firewall

Answer: D


100% Avant-garde CompTIA SY0-401 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/SY0-401-dumps.html (New 1781 Q&As)