The Secret of SY0-401 practice test

Want to know {brand} SY0-401 Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Exact CompTIA SY0-401 answers to Renewal SY0-401 questions at {brand}. Gat a success with an absolute guarantee to pass CompTIA SY0-401 (CompTIA Security+ Certification) test on your first attempt.

♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

2017 Mar SY0-401 Study Guide Questions:

Q631. Which of the following does full disk encryption prevent? 

A. Client side attacks 

B. Clear text access 

C. Database theft 

D. Network-based attacks 

Answer: B 


Full-disk encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 

Q632. Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device? 

A. Authentication 

B. Blacklisting 

C. Whitelisting 

D. Acceptable use policy 

Answer: C 


White lists are closely related to ACLs and essentially, a white list is a list of items that are allowed. 

Q633. Which of the following is a notification that an unusual condition exists and should be investigated? 

A. Alert 

B. Trend 

C. Alarm 

D. Trap 

Answer: A 


We need to look carefully at the wording of the question to determine the answer. This question is asking about an “unusual condition” that should be investigated. There are different levels of alerts from Critical to Warning to Information only. An Alarm would be triggered by a serious definite problem that needs resolving urgently. An “unusual condition” probably wouldn’t trigger an alarm; it is more likely to trigger an Alert. 

SY0-401 dumps

Up to the minute SY0-401 simulations:

Q634. Which of the following protocols allows for the LARGEST address space? 


B. IPv4 

C. IPv6 

D. Appletalk 

Answer: C 


The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. 


Select the appropriate attack from each drop down list to label the corresponding illustrated attack 

Instructions: Attacks may only be used once, and will disappear from drop down list if selected. 

When you have completed the simulation, please select the Done button to submit. 




Q636. Which of the following could cause a browser to display the message below? 

"The security certificate presented by this website was issued for a different website’s address." 

A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs. 

B. The website is using a wildcard certificate issued for the company’s domain. 

C. HTTPS://127.0.01 was used instead of HTTPS://localhost. 

D. The website is using an expired self signed certificate. 

Answer: C 


PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA's certificate. Since CA certificates are often signed by other, "higher-ranking," CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme. Localhost is a hostname that means this computer and may be used to access the computer's own network services via its loopback network interface. Using the loopback interface bypasses local network interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost 

SY0-401 practice question

Simulation SY0-401 item pool:

Q637. The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection. 

Which of the following has happened on the workstation? 

A. Zero-day attack 

B. Known malware infection 

C. Session hijacking 

D. Cookie stealing 

Answer: A 


The vulnerability was unknown in that the full antivirus scan did not detect it. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 

Q638. Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts? 

A. Two factor authentication 

B. Identification and authorization 

C. Single sign-on 

D. Single factor authentication 

Answer: A 


Two-factor authentication is when two different authentication factors are provided for 

authentication purposes. 

Speaking (Voice) – something they are. 

Passphrase – something they know. 

Q639. A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner? 

A. Kill all system processes 

B. Enable the firewall 

C. Boot from CD/USB 

D. Disable the network connection 

Answer: C 


Q640. A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files? 

A. Integrity 

B. Confidentiality 

C. Steganography 

D. Availability 

Answer: C 


Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.