Amazing sy0 401 practice test secrets

Examcollection comptia security+ sy0 401 Questions are updated and all comptia sy0 401 answers are verified by experts. Once you have completely prepared with our sy0 401 practice exam exam prep kits you will be ready for the real sy0 401 braindump exam without a problem. We have Far out CompTIA comptia security+ get certified get ahead sy0 401 study guide dumps study guide. PASSED sy0 401 study guide pdf First attempt! Here What I Did.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q631. Which of the following does full disk encryption prevent? 

A. Client side attacks 

B. Clear text access 

C. Database theft 

D. Network-based attacks 



Full-disk encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 

Q632. Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device? 

A. Authentication 

B. Blacklisting 

C. Whitelisting 

D. Acceptable use policy 



White lists are closely related to ACLs and essentially, a white list is a list of items that are allowed. 

Q633. Which of the following is a notification that an unusual condition exists and should be investigated? 

A. Alert 

B. Trend 

C. Alarm 

D. Trap 



We need to look carefully at the wording of the question to determine the answer. This question is asking about an “unusual condition” that should be investigated. There are different levels of alerts from Critical to Warning to Information only. An Alarm would be triggered by a serious definite problem that needs resolving urgently. An “unusual condition” probably wouldn’t trigger an alarm; it is more likely to trigger an Alert. 

Q634. Which of the following protocols allows for the LARGEST address space? 


B. IPv4 

C. IPv6 

D. Appletalk 



The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. 


Select the appropriate attack from each drop down list to label the corresponding illustrated attack 

Instructions: Attacks may only be used once, and will disappear from drop down list if selected. 

When you have completed the simulation, please select the Done button to submit. 




Q636. Which of the following could cause a browser to display the message below? 

"The security certificate presented by this website was issued for a different website’s address." 

A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs. 

B. The website is using a wildcard certificate issued for the company’s domain. 

C. HTTPS://127.0.01 was used instead of HTTPS://localhost. 

D. The website is using an expired self signed certificate. 



PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA's certificate. Since CA certificates are often signed by other, "higher-ranking," CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme. Localhost is a hostname that means this computer and may be used to access the computer's own network services via its loopback network interface. Using the loopback interface bypasses local network interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost 

Q637. The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection. 

Which of the following has happened on the workstation? 

A. Zero-day attack 

B. Known malware infection 

C. Session hijacking 

D. Cookie stealing 



The vulnerability was unknown in that the full antivirus scan did not detect it. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 

Q638. Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts? 

A. Two factor authentication 

B. Identification and authorization 

C. Single sign-on 

D. Single factor authentication 



Two-factor authentication is when two different authentication factors are provided for 

authentication purposes. 

Speaking (Voice) – something they are. 

Passphrase – something they know. 

Q639. A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner? 

A. Kill all system processes 

B. Enable the firewall 

C. Boot from CD/USB 

D. Disable the network connection 



Q640. A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files? 

A. Integrity 

B. Confidentiality 

C. Steganography 

D. Availability 



Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.