we provide Tested CompTIA sy0 401 braindump free draindumps which are the best for clearing comptia sy0 401 test, and to get certified by CompTIA CompTIA Security+ Certification. The security+ sy0 401 Questions & Answers covers all the knowledge points of the real sy0 401 vce exam. Crack your CompTIA comptia security+ study guide sy0 401 Exam with latest dumps, guaranteed!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q221. Mandatory vacations are a security control which can be used to uncover which of the following? 

A. Fraud committed by a system administrator 

B. Poor password security among users 

C. The need for additional security staff 

D. Software vulnerabilities in vendor code 

Answer:

Explanation: 

Mandatory vacations also provide an opportunity to discover fraud apart from the obvious benefits of giving employees a chance to refresh and making sure that others in the company can fill those positions and make the company less dependent on those persons; a sort pf replication and duplication at all levels. 


Q222. The loss prevention department has purchased a new application that allows the employees to monitor the alarm systems at remote locations. However, the application fails to connect to the vendor's server and the users are unable to log in. Which of the following are the MOST likely causes of this issue? (Select TWO). 

A. URL filtering 

B. Role-based access controls 

C. MAC filtering 

D. Port Security 

E. Firewall rules 

Answer: A,E 

Explanation: 


Q223. A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure? 

A. IPsec 

B. SFTP 

C. BGP 

D. PPTP 

Answer:

Explanation: 

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication. L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP. 


Q224. Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example of? (Select TWO). 

A. Rootkit 

B. Logic Bomb 

C. Botnet 

D. Backdoor 

E. Spyware 

Answer: B,D 

Explanation: 

This is an example of both a logic bomb and a backdoor. The logic bomb is configured to ‘go off’ or activate one week after her account has been disabled. The reactivated account will provide a backdoor into the system. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs". To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set 

time are not normally regarded as logic bombs. 

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal 

authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, 

and so on, while attempting to remain undetected. The backdoor may take the form of an installed 

program (e.g., Back Orifice) or may subvert the system through a rootkit. 

A backdoor in a login system might take the form of a hard coded user and password combination 

which gives access to the system. 


Q225. The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack. 

Which of the following should the CIO be concerned with? 

A. Smurf Attack 

B. Trojan 

C. Logic bomb 

D. Virus 

Answer:

Explanation: 

A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs". To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs. 


Q226. Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns? 

A. Deploy a HIDS suite on the users' computers to prevent application installation. 

B. Maintain the baseline posture at the highest OS patch level. 

C. Enable the pop-up blockers on the users' browsers to prevent malware. 

D. Create an approved application list and block anything not on it. 

Answer:

Explanation: 


Q227. Which of the following devices will help prevent a laptop from being removed from a certain location? 

A. Device encryption 

B. Cable locks 

C. GPS tracking 

D. Remote data wipes 

Answer:

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 


Q228. A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit? 

A. SSH 

B. SHA1 

C. TPM 

D. MD5 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 


Q229. An auditor’s report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors’ accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding? 

A. Disable unnecessary contractor accounts and inform the auditor of the update. 

B. Reset contractor accounts and inform the auditor of the update. 

C. Inform the auditor that the accounts belong to the contractors. 

D. Delete contractor accounts and inform the auditor of the update. 

Answer:

Explanation: 

A disabled account cannot be used. It is ‘disabled’. Whenever an employee leaves a company, the employee’s user account should be disabled. The question states that the accounts are contractors’ accounts who would be returning in three months. Therefore, it would be easier to keep the accounts rather than deleting them which would require that the accounts are recreated in three months time. By disabling the accounts, we can ensure that the accounts cannot be used; in three months when the contractors are back, we can simply re-enable the accounts. 


Q230. A security administrator is notified that users attached to a particular switch are having intermittent connectivity issues. Upon further research, the administrator finds evidence of an ARP spoofing attack. Which of the following could be utilized to provide protection from this type of attack? 

A. Configure MAC filtering on the switch. 

B. Configure loop protection on the switch. 

C. Configure flood guards on the switch. 

D. Configure 802.1x authentication on the switch. 

Answer:

Explanation: