Why You Need To security+ + sy0-401?

Act now and download your CompTIA SY0-401 test today! Do not waste time for the worthless CompTIA SY0-401 tutorials. Download Avant-garde CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA SY0-401 with a classic professional.

2016 Jun SY0-401 Study Guide Questions:

Q531. The security department has implemented a new laptop encryption product in the environment. The product requires one user name and password at the time of boot up and also another password after the operating system has finished loading. This setup is using which of the following authentication types? 

A. Two-factor authentication 

B. Single sign-on 

C. Multifactor authentication 

D. Single factor authentication 

Answer: D 


Single-factor authentication is when only one authentication factor is used. In this case, Something you know is being used as an authentication factor. Username, password, and PIN form part of Something you know. 

Q532. In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time? 

A. Import the recipient’s public key 

B. Import the recipient’s private key 

C. Export the sender’s private key 

D. Export the sender’s public key 

Answer: A 


See step 4 below. 


 When a user encrypts plaintext with PGP, PGP first compresses the plaintext. 


 PGP then creates a session key, which is a one-time-only secret key. 


 This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. 


 Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. 

Q533. Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task? 


B. Firewall 


D. Spam filter 

Answer: C 


Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. 

SY0-401  practice exam

Improved exam sy0-401 pdf:


For each of the given items, select the appropriate authentication category from the dropdown choices. 

Instructions: When you have completed the simulation, please select the Done button to submit. 



Something you are includes fingerprints, retina scans, or voice recognition. 

Something you have includes smart cards, token devices, or keys. 

Something you know includes a passwords, codes, PINs, combinations, or secret phrases. 

Somewhere you are includes a physical location s or logical addresses, such as domain name, an IP address, or a MAC address. 

Something you do includes your typing rhythm, a secret handshake, or a private knock. 


Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 285. 

Q535. Which of the following authentication services uses a ticket granting system to provide access? 




D. Kerberos 

Answer: D 


The basic process of Kerberos authentication is as follows: 

The subject provides logon credentials. 

The Kerberos client system encrypts the password and transmits the protected credentials to the 


The KDC verifies the credentials and then creates a ticket-granting ticket (TGT—a hashed form of 

the subject’s password with the addition of a time stamp that indicates a valid lifetime). The TGT is 

encrypted and sent to the client. 

The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos 


The subject requests access to resources on a network server. This causes the client to request a 

service ticket (ST) from the KDC. 

The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST 

includes a time stamp that indicates its valid lifetime. 

The client receives the ST. 

The client sends the ST to the network server that hosts the desired resource. 

The network server verifies the ST. If it’s verified, it initiates a communication session with the 

client. From this point forward, Kerberos is no longer involved. 

Q536. Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for the executives? (Select TWO). 

A. Acceptable use of social media 

B. Data handling and disposal 

C. Zero day exploits and viruses 

D. Phishing threats and attacks 

E. Clean desk and BYOD 

F. Information security awareness 

Answer: D,F 


Managers/ i.e. executives in the company are concerned with more global issues in the organization, including enforcing security policies and procedures. Managers should receive additional training or exposure that explains the issues, threats, and methods of dealing with threats. Management will also be concerned about productivity impacts and enforcement and how the various departments are affected by security policies. Phishing is a form of social engineering in which you ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. An email might look as if it is from a bank and contain some basic information, such as the user’s name. Executives an easily fall prey to phishing if they are not trained to lookout for these attacks. 


Guaranteed security plus certification sy0-401:

Q537. Which of the following technical controls helps to prevent Smartphones from connecting to a corporate network? 

A. Application white listing 

B. Remote wiping 

C. Acceptable use policy 

D. Mobile device management 

Answer: D 


Mobile device management (MDM) is allows for managing the mobile devices that employees use to access company resources. MDM is intended to improve security, provide monitoring, enable remote management, and support troubleshooting. It can be used to push or remove applications, manage data, and enforce configuration settings on these devices. 

Q538. During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges? 

A. All users have write access to the directory. 

B. Jane has read access to the file. 

C. All users have read access to the file. 

D. Jane has read access to the directory. 

Answer: C 


The question states that Jane was able to download a document from the spool directory. To view and download the document, Jane must have at least Read access to the file. The fact that the document belonged to someone else suggests that all users have read access to the file. 

Q539. How often, at a MINIMUM, should Sara, an administrator, review the accesses and rights of the users on her system? 

A. Annually 

B. Immediately after an employee is terminated 

C. Every five years 

D. Every time they patch the server 

Answer: A 


Reviewing the accesses and rights of the users on a system at least annually is acceptable practice. More frequently would be desirable but too frequently would be a waste of administrative time. 

Q540. Which of the following would allow the organization to divide a Class C IP address range into several ranges? 


B. Virtual LANs 


D. Subnetting 

Answer: D 


Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections. 

About SY0-401 Information: SY0-401 Dumps