Examples of sy0 401 practice test

Your success in CompTIA sy0 401 study guide pdf is our sole target and we develop all our sy0 401 practice test braindumps in a way that facilitates the attainment of this target. Not only is our sy0 401 braindump study material the best you can find, it is also the most detailed and the most updated. sy0 401 practice exam Practice Exams for CompTIA Security+ sy0 401 study guide pdf are written to the highest standards of technical accuracy.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q131. Which of the following documents outlines the technical and security requirements of an agreement between organizations? 







Q132. An administrator is building a development environment and requests that three virtual servers are cloned and placed in a new virtual network isolated from the production network. Which of the following describes the environment the administrator is building? 

A. Cloud 

B. Trusted 

C. Sandbox 

D. Snapshot 



Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from being able to cause harm to production systems. 

Q133. Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network? 

A. Single sign on 

B. IPv6 

C. Secure zone transfers 

D. VoIP 



C: A primary DNS server has the "master copy" of a zone, and secondary DNS servers keep copies of the zone for redundancy. When changes are made to zone data on the primary DNS server, these changes must be distributed to the secondary DNS servers for the zone. This is done through zone transfers. If you allow zone transfers to any server, all the resource records in the zone are viewable by any host that can contact your DNS server. Thus you will need to secure the zone transfers to stop an attacker from mapping out your addresses and devices on your network. 

Q134. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server? 

A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. 

B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application. 

C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. 

D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application. 



Q135. FTP/S uses which of the following TCP ports by default? 

A. 20 and 21 

B. 139 and 445 

C. 443 and 22 

D. 989 and 990 


Explanation: FTPS uses ports 989 and 990. 

Q136. Which of the following attacks involves the use of previously captured network traffic? 

A. Replay 

B. Smurf 

C. Vishing 

D. DDoS 



Q137. A system administrator is setting up a file transfer server. The goal is to encrypt the user authentication and the files the user is sending using only a user ID and a key pair. Which of the following methods would achieve this goal? 


B. IPSec 





Q138. Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption? 




D. WPA 2 



WEP offers no end-to-end TLS encryption. 

The WEP process consists of a series of steps as follows: 

The wireless client sends an authentication request. 

The Access Point (AP) sends an authentication response containing clear-text (uh-oh!) challenge 


The client takes the challenge text received and encrypts it using a static WEP key. 

The client sends the encrypted authentication packet to the AP. 

The AP encrypts the challenge text using its own static WEP key and compares the result to the 

authentication packet sent by the client. If the results match, the AP begins the association 

process for the wireless client. 

The big issue with WEP is the fact that it is very susceptible to a Man in the Middle attack. The 

attacker captures the clear-text challenge and then the authentication packet reply. The attacker 

then reverses the RC4 encryption in order to derive the static WEP key. Yikes! 

As you might guess, the designers attempted to strengthen WEP using the approach of key 

lengths. The native Windows client supported a 104-bit key as opposed to the initial 40-bit key. 

The fundamental weaknesses in the WEP process still remained however. 

Q139. A technician is investigating intermittent switch degradation. The issue only seems to occur when the building’s roof air conditioning system runs. Which of the following would reduce the connectivity issues? 

A. Adding a heat deflector 

B. Redundant HVAC systems 

C. Shielding 

D. Add a wireless network 



EMI can cause circuit overload, spikes, or even electrical component failure. In the question it is mentioned that switch degradation occurs when the building’s roof air-conditioning system is also running. All electromechanical systems emanate EMI. Thus you could alleviate the problem using EMI shielding. 

Q140. Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie? 

A. Network based firewall 

B. Anti-spam software 

C. Host based firewall 

D. Anti-spyware software 



Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.