Super to security+ sy0 401

Certified of comptia security+ get certified get ahead sy0 401 study guide exam question materials and testing software for CompTIA certification for IT examinee, Real Success Guaranteed with Updated sy0 401 study guide pdf pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q551. Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company's rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with? 

A. Data ownership 

B. Device access control 

C. Support ownership 

D. Acceptable use 



Q552. Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information? 

A. Employ encryption on all outbound emails containing confidential information. 

B. Employ exact data matching and prevent inbound emails with Data Loss Prevention. 

C. Employ hashing on all outbound emails containing confidential information. 

D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. 



Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted. 

Q553. During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? 



C. Email 




DNS (Domain Name System) uses port 53. 

Q554. Which of the following must be kept secret for a public key infrastructure to remain secure? 

A. Certificate Authority 

B. Certificate revocation list 

C. Public key ring 

D. Private key 



The private key, which is also called the secret key, must be kept secret. 

Q555. Which of the following BEST describes part of the PKI process? 

A. User1 decrypts data with User2’s private key 

B. User1 hashes data with User2’s public key 

C. User1 hashes data with User2’s private key 

D. User1 encrypts data with User2’s public key 



In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the 

data using his own private key. 

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), 

registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are 

encrypted with a public key and decrypted with a private key. 

A PKI example: 


 You want to send an encrypted message to Jordan, so you request his public key. 


 Jordan responds by sending you that key. 


 You use the public key he sends you to encrypt the message. 


 You send the message to him. 


 Jordan uses his private key to decrypt the message. 

Q556. Which of the following controls would prevent an employee from emailing unencrypted information to their personal email account over the corporate network? 







Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. 

Q557. A security engineer is reviewing log data and sees the output below: 

POST: /payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ ******* HTTP/1.1 403 Forbidden Connection: close 

Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log? 

A. Host-based Intrusion Detection System 

B. Web application firewall 

C. Network-based Intrusion Detection System 

D. Stateful Inspection Firewall 

E. URL Content Filter 



A web application firewall is a device, server add-on, virtual service, or system filter that defines a strict set of communication rules for a website and all visitors. It’s intended to be an application-specific firewall to prevent cross-site scripting, SQL injection, and other web application attacks. 

Q558. An application developer has tested some of the known exploits within a new application. Which of the following should the administrator utilize to test for unidentified faults or memory leaks? 

A. XSRF Attacks 

B. Fuzzing 

C. Input Validations 

D. SQL Injections 



Q559. Which of the following application attacks is used to gain access to SEH? 

A. Cookie stealing 

B. Buffer overflow 

C. Directory traversal 

D. XML injection 



Buffer overflow protection is used to detect the most common buffer overflows by checking that the stack has not been altered when a function returns. If it has been altered, the program exits with a segmentation fault. Microsoft's implementation of Data Execution Prevention (DEP) mode explicitly protects the pointer to the Structured Exception Handler (SEH) from being overwritten. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 

Q560. Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege principles? 

A. User rights reviews 

B. Incident management 

C. Risk based controls 

D. Annual loss expectancy 



A least privilege policy should be used when assigning permissions. Give users only the permissions and rights that they need to do their work and no more.