Where to find comptia security+ sy0 401

we provide Practical CompTIA comptia sy0 401 test questions which are the best for clearing sy0 401 braindump test, and to get certified by CompTIA CompTIA Security+ Certification. The comptia security+ get certified get ahead sy0 401 study guide Questions & Answers covers all the knowledge points of the real sy0 401 vce exam. Crack your CompTIA comptia security+ sy0 401 Exam with latest dumps, guaranteed!


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q281. The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised? 

A. The file containing the recovery agent’s keys. 

B. The file containing the public key. 

C. The file containing the private key. 

D. The file containing the server’s encrypted passwords. 



The public key can be made available to everyone. There is no need to reissue the certificate. 

Q282. The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by: 

A. Utilizing the already present TPM. 

B. Configuring secure application sandboxes. 

C. Enforcing whole disk encryption. 

D. Moving data and applications into the cloud. 



Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 

Q283. Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft? 

A. Disk encryption 

B. Encryption policy 

C. Solid state drive 

D. Mobile device policy 



Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 

Q284. Which of the following types of application attacks would be used to identify malware causing security breaches that have NOT yet been identified by any trusted sources? 

A. Zero-day 

B. LDAP injection 

C. XML injection 

D. Directory traversal 



The security breaches have NOT yet been identified. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 

Q285. A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. 

Which of the following describes how the employee is leaking these secrets? 

A. Social engineering 

B. Steganography 

C. Hashing 

D. Digital signatures 



Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message. 

Q286. During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR). 

A. 21 

B. 22 

C. 23 

D. 69 

E. 3389 


G. Terminal services 

H. Rlogin 

I. Rsync 

J. Telnet 

Answer: B,C,F,J 


The question states that Jane was able to establish a connection to an internal router. Typical 

ports and protocols used to connect to a router include the following: 

B, F: Port 22 which is used by SSH (Secure Shell). 

C, J: Port 23 which is used by Telnet. 

SSH and Telnet both provide command line interfaces for administering network devices such as 

routers and switches. 

Q287. The server administrator has noticed that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment? 

A. The administrator will need to deploy load balancing and clustering. 

B. The administrator may spend more on licensing but less on hardware and equipment. 

C. The administrator will not be able to add a test virtual environment in the data center. 

D. Servers will encounter latency and lowered throughput issues. 



Q288. Which of the following is a hardware-based security technology included in a computer? 

A. Symmetric key 

B. Asymmetric key 

C. Whole disk encryption 

D. Trusted platform module 



Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 

Q289. A company hosts its public websites internally. The administrator would like to make some changes to the architecture. 

The three goals are: 


 reduce the number of public IP addresses in use by the web servers 


 drive all the web traffic through a central point of control 


 mitigate automated attacks that are based on IP address scanning 

Which of the following would meet all three goals? 

A. Firewall 

B. Load balancer 

C. URL filter 

D. Reverse proxy 



Q290. Which of the following is a best practice when securing a switch from physical access? 

A. Disable unnecessary accounts 

B. Print baseline configuration 

C. Enable access lists 

D. Disable unused ports 



Disabling unused switch ports a simple method many network administrators use to help secure their network from unauthorized access. 

All ports not in use should be disabled. Otherwise, they present an open door for an attacker to enter.