we provide Exact CompTIA sy0 401 practice test brain dumps which are the best for clearing comptia security+ sy0 401 pdf test, and to get certified by CompTIA CompTIA Security+ Certification. The sy0 401 practice exam Questions & Answers covers all the knowledge points of the real comptia sy0 401 exam. Crack your CompTIA comptia security+ sy0 401 pdf Exam with latest dumps, guaranteed!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

P.S. Exact SY0-401 dump are available on Google Drive, GET MORE: https://drive.google.com/open?id=1725x6txe6_CCe14yNl1HAjULucSaec4_


New CompTIA SY0-401 Exam Dumps Collection (Question 2 - Question 11)

Q1. An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA?

A. CSR

B. Recovery agent

C. Private key

D. CRL

Answer: A

Explanation:

In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification request) is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate.

When you renew a certificate you send a CSR to the CA to get the certificate resigned.


Q2. A security technician would like to use ciphers that generate ephemeral keys for secure communication. Which of the following algorithms support ephemeral modes? (Select TWO)

A. Diffie-Hellman

B. RC4

C. RIPEMO

D. NTLMv2

E. PAP

F. RSA

Answer: A,F


Q3. A security technician has been tasked with opening ports on a firewall to allow users to browse the internet. Which of the following ports should be opened on the firewall? (Select Three)

A. 22

B. 53

C. 80

D. 110

E. 443

F. 445

G. 8080

Answer: C,E,G


Q4. Ann a new small business owner decides to implement WiFi access for her customers. There are several other businesses nearby who also have WiFi hot spots. Ann is concerned about security of the wireless network and wants to ensure that only her customers have access. Which of the following choices BEST meets her intent of security and access?

A. Enable port security

B. Enable WPA

C. Disable SSID broadcasting

D. Enable WEP

Answer: B


Q5. Joe a website administrator believes he owns the intellectual property for a company invention and has been replacing image files on the companyu2021s public facing website in the

DMZ. Joe is using steganography to hide stolen data. Which of the following controls can be implemented to mitigate this type of inside threat?

A. Digital signatures

B. File integrity monitoring

C. Access controls

D. Change management

E. Stateful inspection firewall

Answer: B


Q6. A university has a building that holds the power generators for the entire campus. A risk assessment was completed for the university and the generator building was labeled as a high risk. Fencing and lighting was installed to reduce risk. Which of the following security goals would this meet?

A. Load balancing

B. Non-repudiation

C. Disaster recovery

D. Physical security

Answer: D


Q7. Recently the desktop support group has been performing a hardware refresh and has replaced numerous computers. An auditor discovered that a number of the new computers did not have the companyu2021s antivirus software installed on them, Which of the following could be utilized to notify the network support group when computers without the antivirus software are added to the network?

A. Network port protection

B. NAC

C. NIDS

D. Mac Filtering

Answer: C


Q8. In order to use a two-way trust model the security administrator MUST implement which of the following?

A. DAC

B. PKI

C. HTTPS

D. TPM

Answer: B

Explanation:

PKI is a high level concept. Within a PKI you use a trust model to set up trust between Certification Authorities (CAs).

A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.


Q9. A one time security audit revealed that employees do not have the appropriate access to system resources. The auditor is concerned with the fact that most of the accounts audited have unneeded elevated permission to sensitive resources. Which of the following was implemented to detect this issue?

A. Continuous monitoring

B. Account review

C. Group based privileges

D. Credential management

Answer: B


Q10. Joe, the chief technical officer (CTO) is concerned that the servers and network devices may not be able to handle the growing needs of the company. He has asked his network engineer to being monitoring the performance of these devices and present statistics to management for capacity planning. Which of the following protocols should be used to this?

A. SNMP

B. SSH

C. TLS

D. ICMP

Answer: A


P.S. Easily pass SY0-401 Exam with Examcollectionplus Exact Dumps & pdf vce, Try Free: https://www.examcollectionplus.net/vce-SY0-401/ (1781 New Questions)