CompTIA SY0-401 ExamCompTIA Security+ Certification

Total Question: 1781 Last Updated: March 27,2017
  • Updated SY0-401 Dumps
  • Based on Real SY0-401 Exams Scenarios
  • Free SY0-401 pdf Demo Available
  • Check out our SY0-401 Dumps in a new PDF format
  • Instant SY0-401 download
  • Guarantee SY0-401 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $110.95 $55.95

Buy Now Free Trial
PDF Version Software Version

100% Guarantee on Products High Success Rate, supported by our 99.3% pass rate history and money back guarantee should you fail your exam.

Yes Yes

Updated regularly Get hold of Updated Exam Materials Every time. Free updates without any extra charges to the actual exam.

Yes Yes

SY0-401 PDF Questions & Answers Available in a universal Adobe PDF format. Portable and printable anywhere anytime.

Yes Yes

Quality and Value Exact Exam Questions with Correct Answers, verified by Experts with years of Experience in IT Field.

Yes Yes

Customizable Testing Engine Simulates a real world exam environment to prepare you for SY0-401 Success.


Unlimited Practice SY0-401 Exam Re-takes Practice Until you get it right. With options to Highlight missed questions, you can analyse your mistakes and prepare for Ultimate SY0-401 Success.


Special Promotion More than 30% Discount for Royal Pack.


A Review Of Printable SY0-401 testing material

SY0-401 ( CompTIA Security+ Certification ) assessment would be the any craze amid Them pros. The volume of prospects pursuing that certification can be massive together with employers have a tendency to retain qualified pros. Begin money making the particular SY0-401 assessment right now might indicate substantial benefits in the future. Right after following while in the SY0-401 assessment youre going to be eligible as a CompTIA.

2017 Mar SY0-401 test preparation

Q521. The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed? 

A. Signature Based IDS 

B. Heuristic IDS 

C. Behavior Based IDS 

D. Anomaly Based IDS 



A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. 

Q522. An overseas branch office within a company has many more technical and non-technical security incidents than other parts of the company. Which of the following management controls should be introduced to the branch office to improve their state of security? 

A. Initial baseline configuration snapshots 

B. Firewall, IPS and network segmentation 

C. Event log analysis and incident response 

D. Continuous security monitoring processes 



Q523. Which of the following best practices makes a wireless network more difficult to find? 

A. Implement MAC filtering 


C. Disable SSID broadcast 

D. Power down unused WAPs 



Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use. 

Q524. Jane, an IT security technician, needs to create a way to secure company mobile devices. Which of the following BEST meets this need? 

A. Implement voice encryption, pop-up blockers, and host-based firewalls. 

B. Implement firewalls, network access control, and strong passwords. 

C. Implement screen locks, device encryption, and remote wipe capabilities. 

D. Implement application patch management, antivirus, and locking cabinets. 


Explanation: Screen-lock is a security feature that requires the user to enter a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications. Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people. 

Q525. A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern? 

A. Create conduct policies prohibiting sharing credentials. 

B. Enforce a policy shortening the credential expiration timeframe. 

C. Implement biometric readers on laptops and restricted areas. 

D. Install security cameras in areas containing sensitive systems. 



Biometrics is an authentication process that makes use of physical characteristics to establish identification. This will prevent users making use of others credentials. 

Most recent SY0-401 exam price:

Q526. Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief Information Officer (CIO) is concerned about disclosure of confidential information. Which of the following is the MOST secure method to dispose of these hard drives? 

A. Degaussing 

B. Physical Destruction 

C. Lock up hard drives in a secure safe 

D. Wipe 



The physical description of hard drives is the only secure means of disposing hard drives. This can include incineration, an acid bath, and crushing. 

Q527. Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO). 

A. Scanning printing of documents. 

B. Scanning of outbound IM (Instance Messaging). 

C. Scanning copying of documents to USB. 

D. Scanning of SharePoint document library. 

E. Scanning of shared drives. 

F. Scanning of HTTP user traffic. 

Answer: B,F 


DLP systems monitor the contents of systems (workstations, servers, networks) to make sure key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Outbound IM and HTTP user traffic refers to data over a network which falls within the DLP strategy. 

Q528. Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly? 

A. Protocol analyzer 

B. Baseline report 

C. Risk assessment 

D. Vulnerability scan 



A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. Capturing and analyzing the 

packets sent between applications on systems that are not communicating properly could help 

determine the cause of the issue. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 

Q529. The finance department works with a bank which has recently had a number of cyber attacks. The finance department is concerned that the banking website certificates have been compromised. Which of the following can the finance department check to see if any of the bank’s certificates are still valid? 

A. Bank’s CRL 

B. Bank’s private key 

C. Bank’s key escrow 

D. Bank’s recovery agent 



The finance department can check if any of the bank's certificates are in the CRL or not. If a certificate is not in the CRL then it is still valid. The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. 

Q530. During an audit, the security administrator discovers that there are several users that are no longer employed with the company but still have active user accounts. Which of the following should be performed? 

A. Account recovery 

B. Account disablement 

C. Account lockouts 

D. Account expiration 



Account Disablement should be implemented when a user will be gone from a company whether they leave temporary or permanently. In the case of permanently leaving the company the account should be disabled. Disablement means that the account will no longer be an active account. 

Related SY0-401 Articles