Quick Study For CompTIA SY0-401 Exam With Practice Questions

Money back guarantee of CompTIA Security+ SY0-401 exam is offered on the both products in case of a failure because the experts are confident about the quality and authenticity of the both products practice test software and PDF files. Save your time and money both and prepare CompTIA Security+ SY0-401 certification exam with the internationally recognized practice test software and PDF booklet. PDF files consist of Latest CompTIA SY0-401 exam questions that realy helps you in your acutal CompTIA SY0-401 exam.

♥♥ 2018 NEW RECOMMEND SY0-401 Exam Questions ♥♥

SY0-401 exam questions, SY0-401 PDF dumps; SY0-401 exam dumps:: https://www.dumpsschool.com/SY0-401-exam-dumps.html (1781 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest and Most Accurate CompTIA SY0-401 Dumps Exam Questions and Answers:

Version: 39.0
Question: 21

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO).

A. Deny incoming connections to the outside router interface.
B. Change the default HTTP port
C. Implement EAP-TLS to establish mutual authentication
D. Disable the physical switch ports
E. Create a server VLAN
F. Create an ACL to access the server

Answer: E, F

Explanation:
We can protect the servers from the user devices by separating them into separate VLANs (virtual local area networks).
The network device in the question is a router/switch. We can use the router to allow access from devices in one VLAN to the servers in the other VLAN. We can configure an ACL (Access Control List) on the router to determine who is able to access the server.
In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN.
This is usually achieved on switch or router devices. Simpler devices only support partitioning on a port level (if at all), so sharing VLANs across devices requires running dedicated cabling for each VLAN. More sophisticated devices can mark packets through tagging, so that a single interconnect (trunk) may be used to transport data for multiple VLANs.
Grouping hosts with a common set of requirements regardless of their physical location by VLAN can greatly simplify network design. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together more easily even if they are not on the same network switch. The network described in this question is a DMZ, not a VLAN.
Incorrect Answers:
A: The servers are web servers. It’s therefore safe to assume the websites hosted by the web servers should be accessible externally. Denying incoming connections to the outside router interface would prevent external access to the websites. Furthermore, it would not protect the servers from the user devices.
B: The servers are web servers. It’s therefore safe to assume the websites hosted by the web servers should be accessible externally. If you change the default HTTP port, only people who know what the new port is would be able to access the websites. A member of the public looking to browse the company website would not be able to (without knowing the new port number). Furthermore, this would not protect the servers from the user devices.
C: Implementing EAP-TLS to establish mutual authentication would ensure that connections to the wireless router are secure. It wouldn’t protect the servers from the user devices though.
D: The servers need to connect to the physical switch ports. Therefore disabling the ports would take the servers offline.
References:
http://en.wikipedia.org/wiki/Virtual_LAN

Question: 22

A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices.
Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees’ devices are connected?

A. VPN
B. VLAN
C. WPA2
D. MAC filtering

Answer: B

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
Incorrect Answers:
A: A virtual private network (VPN) is a communication tunnel between two entities across an intermediary network. In most cases, the intermediary network is an untrusted network, such as the Internet, and therefore the communication tunnel is also encrypted.
C: WPA2 is a new encryption scheme known as the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on the Advanced Encryption Standard (AES) encryption scheme. To date, no real-world attack has compromised the encryption of a properly configured WPA2 wireless network.
D: A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. Although it’s a useful feature to implement, it can only be used in environments with a small (fewer than 20 wireless devices), static set of wireless clients.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 11, 23, 60, 61

Question: 23

The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?

A. A NIDS was used in place of a NIPS.
B. The log is not in UTC.
C. The external party uses a firewall.
D. ABC company uses PAT.

Answer: D

Explanation:
PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source.
Incorrect Answers:
A: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks. This will not have any bearing on the security administrator at ABC Company finding the root of the attack.
B: UTC is the abbreviation for Coordinated Universal Time, which is the primary time standard by which the world regulates clocks and time. The time in the log is not the issue in this case.
C: Whether the external party uses a firewall or not will not have any bearing on the security administrator at ABC Company finding the root of the attack.
References:
http://www.webopedia.com/TERM/P/PAT.html
http://en.wikipedia.org/wiki/Intrusion_prevention_system
http://en.wikipedia.org/wiki/Coordinated_Universal_Time

Question: 24

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer
B. Router
C. Firewall
D. Switch

Answer: C

Explanation:
Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.
Incorrect Answers:
A: A sniffer is a tool used in the process of monitoring the data that is transmitted across a network.
B, D: A router is connected to two or more data lines from different networks, whereas a network switch is connected to data lines from one single network. These may include a firewall, but not by default.
References:
http://en.wikipedia.org/wiki/Iptables
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 342
http://en.wikipedia.org/wiki/Router_(computing)

Question: 25

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall

Answer: B

Explanation:
Stateful inspections occur at all levels of the network.
Incorrect Answers:
A: Packet-filtering firewalls operate at the Network layer (Layer 3) and the Transport layer (Layer 4) of the Open Systems Interconnect (OSI) model.
C: The proxy function can occur at either the application level or the circuit level.
D: Application Firewalls operates at the Application layer (Layer7) of the OSI model.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 98-100
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 6

Question: 26

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Sniffers
B. NIDS
C. Firewalls
D. Web proxies
E. Layer 2 switches

Answer: C

New Updated SY0-401 Exam Questions SY0-401 PDF dumps SY0-401 practice exam dumps: https://www.dumpsschool.com/SY0-401-exam-dumps.html