Ultimate Guide: sy0 401 dump

we provide Practical CompTIA comptia security+ sy0 401 pdf answers which are the best for clearing comptia security+ sy0 401 test, and to get certified by CompTIA CompTIA Security+ Certification. The sy0 401 practice exam Questions & Answers covers all the knowledge points of the real comptia security+ get certified get ahead sy0 401 study guide exam. Crack your CompTIA security+ sy0 401 Exam with latest dumps, guaranteed!


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q591. A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond? 

A. Rule based access control 

B. Role based access control 

C. Discretionary access control 

D. Mandatory access control 



Rule-based access control is used for network devices, such as firewalls and routers, which filter traffic based on filtering rules. 

Q592. A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe? 

A. Zero-day 

B. Buffer overflow 

C. Cross site scripting 

D. Malicious add-on 



This question describes a buffer overflow attack. 

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 

Q593. Which of the following can be implemented with multiple bit strength? 



C. SHA-1 

D. MD5 

E. MD4 



AES (a symmetric algorithm) uses key sizes of 128, 192, or 256 bits. 

Q594. Which of the following attacks impact the availability of a system? (Select TWO). 

A. Smurf 

B. Phishing 

C. Spim 

D. DDoS 

E. Spoofing 

Answer: A,D 


Q595. In PKI, a key pair consists of: (Select TWO). 

A. A key ring 

B. A public key 

C. A private key 

D. Key escrow 

E. A passphrase 

Answer: B,C 


In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key. The key pair consists of these two keys. 

Q596. Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective? 



C. Kerberos 

D. Diameter 



Diameter is an authentication, authorization, and accounting protocol that replaces the RADIUS protocol. Diameter Applications extend the base protocol by including new commands and/or attributes, such as those for use of the Extensible Authentication Protocol (EAP). 

Q597. To ensure proper evidence collection, which of the following steps should be performed FIRST? 

A. Take hashes from the live system 

B. Review logs 

C. Capture the system image 

D. Copy all compromised files 



Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. This is essential since the collection of evidence process may result in some mishandling and changing the exploited state. 

Q598. Connections using point-to-point protocol authenticate using which of the following? (Select TWO). 




D. RC4 

E. Kerberos 

Answer: B,C 


B: A password authentication protocol (PAP) is an authentication protocol that uses a password. PAP is used by Point to Point Protocol to validate users before allowing them access to server resources. 

C: CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. 

Q599. Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of: 

A. Redundant systems. 

B. Separation of duties. 

C. Layered security. 

D. Application control. 



Layered security is the practice of combining multiple mitigating security controls to protect resources and data. 

Q600. Which of the following secure file transfer methods uses port 22 by default? 







SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.