Cause all that matters here is passing the CompTIA sy0 401 pdf exam. Cause all that you need is a high score of sy0 401 vce CompTIA Security+ Certification exam. The only one thing you need to do is downloading Examcollection comptia security+ study guide sy0 401 exam study guides now. We will not let you down with our money-back guarantee.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q181. Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?
A. Sign in and sign out logs
B. Mantrap
C. Video surveillance
D. HVAC
Answer: B
Explanation:
Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open. Mantraps are in most cases also combined with guards. This is the most physical protection any one measure will provide.
Q182. A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?
A. Time of day restrictions
B. Group based privileges
C. User assigned privileges
D. Domain admin restrictions
Answer: B
Explanation:
The question states that the sales department has a high employee turnover. You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). Then when a new employee starts, you simply add the new user account to the appropriate groups. The user then inherits all the permissions assigned to the groups.
Q183. A malicious person gained access to a datacenter by ripping the proximity badge reader off the wall near the datacenter entrance. This caused the electronic locks on the datacenter door to release because the:
A. badge reader was improperly installed.
B. system was designed to fail open for life-safety.
C. system was installed in a fail closed configuration.
D. system used magnetic locks and the locks became demagnetized.
Answer: B
Explanation:
It describes a design the lock to fail open for life safety, causing the door to stay open when power is lost – in this case the proximity badge reader was ripped off the wall.
Q184. After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?
A. IV attack
B. War dialing
C. Rogue access points
D. War chalking
Answer: D
Explanation:
War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot.
Q185. Which of the following protocols is the security administrator observing in this packet capture?
12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK
A. HTTPS
B. RDP
C. HTTP
D. SFTP
Answer: B
Explanation:
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides
a user with a graphical interface to connect to another computer over a network connection.
Example of RDP tracing output:
No. Time Delta Source Destination Protocol Length Info
5782, 2013-01-06 09:52:15.407, 0.000 , SRC 10.7.3.187 , DST 10.0.107.58, TCP, 62, 3389 >
59193 [SYN, ACK]
Q186. The string:
‘ or 1=1-- -
Represents which of the following?
A. Bluejacking
B. Rogue access point
C. SQL Injection
D. Client-side attacks
Answer: C
Explanation:
The code in the question is an example of a SQL Injection attack. The code ‘1=1’ will always provide a value of true. This can be included in statement designed to return all rows in a SQL table.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Q187. A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?
A. Backdoor
B. Spyware
C. Logic bomb
D. DDoS
E. Smurf
Answer: B
Explanation: Explanation Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.
Q188. Which of the following is a notification that an unusual condition exists and should be investigated?
A. Alert
B. Trend
C. Alarm
D. Trap
Answer: A
Explanation:
We need to look carefully at the wording of the question to determine the answer. This question is asking about an “unusual condition” that should be investigated. There are different levels of alerts from Critical to Warning to Information only. An Alarm would be triggered by a serious definite problem that needs resolving urgently. An “unusual condition” probably wouldn’t trigger an alarm; it is more likely to trigger an Alert.
Q189. CORRECT TEXT
A security administrator discovers that an attack has been completed against a node on the corporate network. All available logs were collected and stored.
You must review all network logs to discover the scope of the attack, check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. The environment is a critical production environment; perform the LEAST disruptive actions on the network, while still performing the appropriate incid3nt responses.
Instructions: The web server, database server, IDS, and User PC are clickable. Check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. Not all actions may be used, and order is not important. If at anytime you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.
Answer: Database server was attacked, actions should be to capture network traffic and Chain of Custody.
Q190. One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?
A. Mandatory access
B. Rule-based access control
C. Least privilege
D. Job rotation
Answer: C
Explanation:
A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more.