The CompTIA Security+ Certification is aimed at an IT security professional who has:
> A minimum of 2 years experience in IT administration with a focus on security
> Day to day technical information security experience
> Broad knowledge of security concerns and implementation including the topics in the domain list below
SY0-401 Domain | % of Examination
1.0 Network Security 20%
2.0 Compliance and Operational Security 18%
3.0 Threats and Vulnerabilities 20%
4.0 Application, Data and Host Security 15%
5.0 Access Control and Identity Management 15%
6.0 Cryptography 12%
In today's competitive IT industry, passing CompTIA certification SY0-401 exam has a lot of benefits. Gaining CompTIA SY0-401 certification can increase your salary. People who have got CompTIA SY0-401 certification often have much higher salary than counterparts who don't have the certificate. But CompTIA certification SY0-401 exam is not very easy, so Pass4Test is a website that can help you grow your salary.

Exam Name: CompTIA Security+ Certification
One year free update, No help, Full refund!
SY0-401 Exam Prep Total Q&A: 1150 Questions and Answers
Last Update: 10-23,2015
SY0-401 VCE Dumps Detail : SY0-401 Exam
Prep
NO.1 A security technician wishes to gather and analyze all Web traffic during a particular time
period.
Which of the following represents the BEST approach to gathering the required data?
A. Configure a VPN concentrator to log all traffic destined for ports 80 and 443.
B. Configure a proxy server to log all traffic destined for ports 80 and 443.
C. Configure a switch to log all traffic destined for ports 80 and 443.
D. Configure a NIDS to log all traffic destined for ports 80 and 443.
Answer: B
CompTIA answers real questions SY0-401 Test Questions SY0-401 Exam Questions SY0-401 test SY0-401 Exam Tests
Explanation:
A proxy server is in essence a device that acts on behalf of others and in security terms all internal
user interaction with the Internet should be controlled through a proxy server. This makes a proxy
server the best tool to gather the required data.
NO.2 Which of the following IP addresses would be hosts on the same subnet given the subnet mask
255.255.255.224? (Select TWO).
A. 10.4.4.125
B. 10.4.4.158
C. 10.4.4.165
D. 10.4.4.189
E. 10.4.4.199
Answer: C,D
CompTIA exam simulations SY0-401 certification SY0-401 Training online SY0-401 test questions
Explanation:
With the given subnet mask, a maximum number of 30 hosts between IP addresses 10.4.4.161 and
10.4.4.190 are allowed. Therefore, option C and D would be hosts on the same subnet, and the other
options would not.
References: http://www.subnetonline.com/pages/subnet-calculators/ip-subnet-calculator.php
NO.3 Pete, a security auditor, has detected clear text passwords between the RADIUS server and the
authenticator. Which of the following is configured in the RADIUS server and what technologies
should the authentication protocol be changed to?
A. PAP, MSCHAPv2
B. CHAP, PAP
C. MSCHAPv2, NTLMv2
D. NTLM, NTLMv2
Answer: A
CompTIA original questions SY0-401 Exam Questions SY0-401 answers real questions SY0-401 Free download
Explanation:
PAP transmits the username and password to the authentication server in plain text. MSCHAPv2 is
utilized as an authentication option for RADIUS servers that are used for Wi-Fi security using the
WPA-Enterprise protocol.
NO.4 After a recent internal audit, the security administrator was tasked to ensure that all
credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary
words or patterns. All credentials will remain enabled regardless of the number of attempts made.
Which of the following types of user account options were enforced? (Select TWO).
A. Recovery
B. User assigned privileges
C. Lockout
D. Disablement
E. Group based privileges
F. Password expiration
G. Password complexity
Answer: F,G
CompTIA Free download SY0-401 Dumps PDF SY0-401 dumps SY0-401 Practice Test SY0-401 dumps torrent
Explanation:
Password complexity often requires the use of a minimum of three out of four standard character
types for a password. The more characters in a password that includes some character type
complexity, the more resistant it is to password-cracking techniques. In most cases, passwords are
set to expire every 90 days.
NO.5 Which of the following firewall rules only denies DNS zone transfers?
A. deny udp any any port 53
B. deny ip any any
C. deny tcp any any port 53
D. deny all dns packets
Answer: C
CompTIA exam dumps SY0-401 test answers SY0-401 SY0-401 Exam Questions SY0-401 Exam Cram
Explanation:
DNS operates over TCP and UDP port 53. TCP port 53 is used for zone transfers.
NO.6 Which of the following is best practice to put at the end of an ACL?
A. Implicit deny
B. Time of day restrictions
C. Implicit allow
D. SNMP string
Answer: A
CompTIA dumps SY0-401 Exam Questions SY0-401 PDF VCE SY0-401 SY0-401 original questions
Explanation:
An implicit deny clause is implied at the end of each ACL. This implies that if you aren't specifically
granted access or privileges for a resource, you're denied access by default. The implicit deny clause
is set by the system.
NO.7 A network inventory discovery application requires non-privileged access to all hosts on a
network for inventory of installed applications. A service account is created by the network inventory
discovery application for accessing all hosts. Which of the following is the MOST efficient method for
granting the account non-privileged access to the hosts?
A. Implement Group Policy to add the account to the users group on the hosts
B. Add the account to the Domain Administrator group
C. Add the account to the Users group on the hosts
D. Implement Group Policy to add the account to the Power Users group on the hosts.
Answer: A
CompTIA test questions SY0-401 demo SY0-401 Exam Cost
Explanation:
Group Policy is an infrastructure that allows you to implement specific configurations for users and
computers. Group Policy settings are contained in Group Policy objects (GPOs), which are linked to
the following Active Directory directory service containers: sites, domains, or organizational units
(OUs). This means that if the GPO is linked to the domain, all Users groups in the domain will include
the service account.
NO.8 RADIUS provides which of the following?
A. Authentication, Authorization, Availability
B. Authentication, Authorization, Auditing
C. Authentication, Accounting, Auditing
D. Authentication, Authorization, Accounting
Answer: D
CompTIA exam SY0-401 Exam Dumps SY0-401 Training online SY0-401
Explanation:
The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized
Authentication, Authorization, and Accounting (AAA) management for users who make use of a
network service. It is for this reason that A, B, and C: are incorrect.
References: http://en.wikipedia.org/wiki/RADIUS
Pass4Test offer the latest 350-018 exam material and high-quality C4120-784 pdf questions & answers. Our 1Z0-478 VCE testing engine and 000-087 study guide can help you pass the real exam. High-quality 070-246 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.
SY0-401 Real Exams : http://blog.vinhelp.com/sy0-401-exam-questions-mb0-001-exam-questions/
没有评论:
发表评论