Foolproof sy0 401 dump tips

Want to know Examcollection sy0 401 pdf Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Actual CompTIA security+ sy0 401 answers to Regenerate sy0 401 pdf questions at Examcollection. Gat a success with an absolute guarantee to pass CompTIA sy0 401 dump (CompTIA Security+ Certification) test on your first attempt.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q81. An internal audit has detected that a number of archived tapes are missing from secured storage. There was no recent need for restoration of data from the missing tapes. The location is monitored by access control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three months. The access control system shows numerous valid entries into the storage location during that time. The last audit was six months ago and the tapes were accounted for at that time. Which of the following could have aided the investigation? 

A. Testing controls 

B. Risk assessment 

C. Signed AUP 

D. Routine audits 



Q82. Which of the following is the term for a fix for a known software problem? 

A. Skiff 

B. Patch 

C. Slipstream 

D. Upgrade 



Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. 

Q83. NO: 36 

Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor? 

A. Allow incoming IPSec traffic into the vendor’s IP address. 

B. Set up a VPN account for the vendor, allowing access to the remote site. 

C. Turn off the firewall while the vendor is in the office, allowing access to the remote site. 

D. Write a firewall rule to allow the vendor to have access to the remote site. 



Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network. 

Q84. Separation of duties is often implemented between developers and administrators in order to separate which of the following? 

A. More experienced employees from less experienced employees 

B. Changes to program code and the ability to deploy to production 

C. Upper level management users from standard development employees 

D. The network access layer from the application access layer 



Separation of duties means that there is differentiation between users, employees and duties per se which form part of best practices. 

Q85. Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first. This is MOST likely to increase the risk of loss from which of the following attacks? 

A. Shoulder surfing 

B. Dumpster diving 

C. Tailgating 

D. Spoofing 



Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 

Q86. A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does not have the appropriate access level for that file. Which of the following is being implemented? 

A. Mandatory access control 

B. Discretionary access control 

C. Rule based access control 

D. Role based access control 



Mandatory Access Control (MAC) allows access to be granted or restricted based on the rules of classification. MAC in corporate business environments involve the following four sensitivity levels Public Sensitive Private Confidential 

MAC assigns subjects a clearance level and assigns objects a sensitivity label. The name of the clearance level must be the same as the name of the sensitivity label assigned to objects or resources. In this case the file is marked confidential, and the user does not have that clearance level and cannot access the file. 

Q87. Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network? 

A. Honeypot 

B. Port scanner 

C. Protocol analyzer 

D. Vulnerability scanner 



A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. By capturing and analyzing the 

packets sent between the systems on the network, Ann would be able to quantify the amount of 

traffic on the network. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 

Q88. To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation? 

A. Management 

B. Administrative 

C. Technical 

D. Operational 



controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection. 

Q89. Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate? 

A. Taking screenshots 

B. System image capture 

C. Chain of custody 

D. Order of volatility 



A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. 

Q90. Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company’s information systems? 

A. Acceptable Use Policy 

B. Privacy Policy 

C. Security Policy 

D. Human Resource Policy 



Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.