An Expert interview about comptia security+ study guide sy0 401

Want to know Ucertify sy0 401 study guide pdf Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Top Quality CompTIA sy0 401 practice test answers to Renewal sy0 401 dump questions at Ucertify. Gat a success with an absolute guarantee to pass CompTIA sy0 401 braindump (CompTIA Security+ Certification) test on your first attempt.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q561. An organizations' security policy requires that users change passwords every 30 days. After a security audit, it was determined that users were recycling previously used passwords. Which of the following password enforcement policies would have mitigated this issue? 

A. Password history 

B. Password complexity 

C. Password length 

D. Password expiration 



Q562. The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements? 

A. Sniffers 


C. Firewalls 

D. Web proxies 

E. Layer 2 switches 



The basic purpose of a firewall is to isolate one network from another. 

Q563. When reviewing security logs, an administrator sees requests for the AAAA record of Which of the following BEST describes this type of record? 

A. DNSSEC record 

B. IPv4 DNS record 

C. IPSEC DNS record 

D. IPv6 DNS record 


Explanation: The AAAA Address record links a FQDN to an IPv6 address. 

Q564. Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO). 

A. Spoofing 

B. Man-in-the-middle 

C. Dictionary 

D. Brute force 

E. Privilege escalation 

Answer: C,D 


Account lockout is a useful method for slowing down online password-guessing attacks. A dictionary attack performs password guessing by making use of a pre-existing list of likely passwords. A brute-force attack is intended to try every possible valid combination of characters to create possible passwords in the attempt to discover the specific passwords used by user accounts. 

Q565. Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites? 

A. Spam filter 

B. URL filter 

C. Content inspection 

D. Malware inspection 



The question asks how to prevent access to peer-to-peer file sharing websites. You access a website by browsing to a URL using a Web browser or peer-to-peer file sharing client software. A URL filter is used to block URLs (websites) to prevent users accessing the website. 

Incorrect Answer: 

A: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam according to the spam filter configuration. Spam filters do not prevent users accessing peer-to-peer file sharing websites. 

C: Content inspection is the process of inspecting the content of a web page as it is downloaded. The content can then be blocked if it doesn’t comply with the company’s web policy. Content-control software determines what content will be available or perhaps more often what content will be blocked. Content inspection does not prevent users accessing peer-to-peer file sharing websites (although it could block the content of the sites as it is downloaded). 

D: Malware inspection is the process of scanning a computer system for malware. Malware inspection does not prevent users accessing peer-to-peer file sharing websites. 

References:|pagep-1| Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 18, 19. 

Q566. Which of the following is an authentication method that can be secured by using SSL? 




D. Kerberos 



With secure LDAP (LDAPS), all LDAP communications are encrypted with SSL/TLS 

Q567. Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration? 

A. A disk-based image of every computer as they are being replaced. 

B. A plan that skips every other replaced computer to limit the area of affected users. 

C. An offsite contingency server farm that can act as a warm site should any issues appear. 

D. A back-out strategy planned out anticipating any unforeseen problems that may arise. 



A backout is a reversion from a change that had negative consequences. It could be, for example, that everything was working fine until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied. Backout plans can include uninstalling service packs, hotfixes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout. 

Q568. Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of the following attack types is this? 

A. Hoax 

B. Phishing 

C. Vishing 

D. Whaling 



Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized entities. Vishing works like phishing but does not always occur over the Internet and is carried out using voice technology. A vishing attack can be conducted by voice email, VoIP (voice over IP), or landline or cellular telephone. The potential victim receives a message, often generated by speech synthesis, indicating that suspicious activity has taken place in a credit card account, bank account, mortgage account or other financial service in their name. The victim is told to call a specific telephone number and provide information to "verify identity" or to "ensure that fraud does not occur." If the attack is carried out by telephone, caller ID spoofing can cause the victim's set to indicate a legitimate source, such as a bank or a government agency. 

Vishing is difficult for authorities to trace, particularly when conducted using VoIP. Furthermore, like many legitimate customer services, vishing scams are often outsourced to other countries, which may render sovereign law enforcement powerless. 

Consumers can protect themselves by suspecting any unsolicited message that suggests they are targets of illegal activity, no matter what the medium or apparent source. Rather than calling a number given in any unsolicited message, a consumer should directly call the institution named, using a number that is known to be valid, to verify all recent activity and to ensure that the account information has not been tampered with. 

Q569. Which of the following can result in significant administrative overhead from incorrect reporting? 

A. Job rotation 

B. Acceptable usage policies 

C. False positives 

D. Mandatory vacations 



False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. This causes a significant administrative overhead because the reporting is what results in the false positives. 

Q570. After visiting a website, a user receives an email thanking them for a purchase which they did not request. Upon investigation the security administrator sees the following source code in a pop-up window: 


<body onload="document.getElementByID(‘badForm’).submit()"> 

<form id="badForm" action="" method="post" > 

<input name="Perform Purchase" value="Perform Purchase"/> 




Which of the following has MOST likely occurred? 

A. SQL injection 

B. Cookie stealing 





XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application’s trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user’s knowledge.