SlideShare a Scribd company logo

Sy0 401-q&a-demo-cert magic

J
jenie Emmons

SY0-401 CertMagic Exam contains all the questions and answers to pass SY0-401 IT Exam on first try. The Questions & answers are verified and selected by professionals in the field and ensure accuracy and efficiency throughout the whole Product. Visit@https://www.certmagic.com/SY0-401-certification-practice-exams.html

Education
1 of 8
Download to read offline
CCCEEERRRTTT MMMAAAGGGIIICCC Demo Edition CompTIA Security+ Exam: SY0-401 SY0-401 1 http://www.certmagic.com
QUESTION: 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols? A. TCP/IP B. SSL C. SCP D. SSH Answer: B QUESTION: 2 A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO’s requirements? A. Username and password B. Retina scan and fingerprint scan C. USB token and PIN D. Proximity badge and token Answer: C QUESTION: 3 Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended? A. Screen lock B. Voice encryption C. GPS tracking D. Device encryption Answer: A SY0-401 2 http://www.certmagic.com
QUESTION: 4 Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? A. Protocol analyzer B. Baseline report C. Risk assessment D. Vulnerability scan Answer: A QUESTION: 5 Which of the following can result in significant administrative overhead from incorrect reporting? A. Job rotation B. Acceptable usage policies C. False positives D. Mandatory vacations Answer: C QUESTION: 6 A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system? A. Penetration test B. Vulnerability scan C. Load testing D. Port scanner Answer: B SY0-401 3 http://www.certmagic.com
QUESTION: 7 Which of the following risk concepts requires an organization to determine the number of failures per year? A. SLE B. ALE C. MTBF D. Quantitative analysis Answer: B QUESTION: 8 A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique? A. Disabling unnecessary accounts B. Rogue machine detection C. Encrypting sensitive files D. Implementing antivirus Answer: B QUESTION: 9 Three of the primary security control types that can be implemented are. A. Supervisory, subordinate, and peer. B. Personal, procedural, and legal. C. Operational, technical, and management. D. Mandatory, discretionary, and permanent. Answer: C QUESTION: 10 The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST SY0-401 4 http://www.certmagic.com
appropriate as a FIRST response? A. Recovery B. Follow-up C. Validation D. Identification E. Eradication F. Containment Answer: D QUESTION: 11 Which of the following protocols operates at the HIGHEST level of the OSI model? A. ICMP B. IPSec C. SCP D. TCP Answer: C QUESTION: 12 Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? A. $500 B. $5,000 C. $25,000 D. $50,000 Answer: B QUESTION: 13 Which of the following should an administrator implement to research current attack SY0-401 5 http://www.certmagic.com
methodologies? A. Design reviews B. Honeypot C. Vulnerability scanner D. Code reviews Answer: B QUESTION: 14 Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks? A. Intrusion Detection System B. Flood Guard Protection C. Web Application Firewall D. URL Content Filter Answer: C QUESTION: 15 Which of the following means of wireless authentication is easily vulnerable to spoofing? A. MAC Filtering B. WPA - LEAP C. WPA - PEAP D. Enabled SSID Answer: A QUESTION: 16 The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO). A. permit redirection to Internet-facing web URLs. SY0-401 6 http://www.certmagic.com
B. ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”. C. validate and filter input on the server side and client side. D. use a web proxy to pass website requests between the user and the application. E. restrict and sanitize use of special characters in input and URLs. Answer: C, E QUESTION: 17 Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP Answer: D QUESTION: 18 Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate? A. System image capture B. Record time offset C. Order of volatility D. Chain of custody Answer: D QUESTION: 19 A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? SY0-401 7 http://www.certmagic.com
A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions Answer: B QUESTION: 20 Which of the following is being tested when a company’s payroll server is powered off for eight hours? A. Succession plan B. Business impact document C. Continuity of operations plan D. Risk assessment plan Answer: C SY0-401 8 http://www.certmagic.com

Recommended

Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Cas 003-q&amp;a-demo-exam area
Cas 003-q&amp;a-demo-exam areaCas 003-q&amp;a-demo-exam area
Cas 003-q&amp;a-demo-exam areaSamanthaGreen16
 
Ceh v8 labs module 13 hacking web applications
Ceh v8 labs module 13 hacking web applicationsCeh v8 labs module 13 hacking web applications
Ceh v8 labs module 13 hacking web applicationsMehrdad Jingoism
 
The bare minimum that you should know about web application security testing ...
The bare minimum that you should know about web application security testing ...The bare minimum that you should know about web application security testing ...
The bare minimum that you should know about web application security testing ...Ken DeSouza
 
Cas 003-q&amp;a-demo-cert magic
Cas 003-q&amp;a-demo-cert magicCas 003-q&amp;a-demo-cert magic
Cas 003-q&amp;a-demo-cert magicjenie Emmons
 
VSEC Sourcecode Review Service Profile
VSEC Sourcecode Review Service ProfileVSEC Sourcecode Review Service Profile
VSEC Sourcecode Review Service ProfileVietnamese Network Security J.S.C
 

Recommended

Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Cas 003-q&amp;a-demo-exam area
Cas 003-q&amp;a-demo-exam areaCas 003-q&amp;a-demo-exam area
Cas 003-q&amp;a-demo-exam areaSamanthaGreen16
 
Ceh v8 labs module 13 hacking web applications
Ceh v8 labs module 13 hacking web applicationsCeh v8 labs module 13 hacking web applications
Ceh v8 labs module 13 hacking web applicationsMehrdad Jingoism
 
The bare minimum that you should know about web application security testing ...
The bare minimum that you should know about web application security testing ...The bare minimum that you should know about web application security testing ...
The bare minimum that you should know about web application security testing ...Ken DeSouza
 
Cas 003-q&amp;a-demo-cert magic
Cas 003-q&amp;a-demo-cert magicCas 003-q&amp;a-demo-cert magic
Cas 003-q&amp;a-demo-cert magicjenie Emmons
 
VSEC Sourcecode Review Service Profile
VSEC Sourcecode Review Service ProfileVSEC Sourcecode Review Service Profile
VSEC Sourcecode Review Service ProfileVietnamese Network Security J.S.C
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityShubhneet Goel
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingPrathan Phongthiproek
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slidesBassam Al-Khatib
 
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesDecrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesBlueboxer2014
 
Isaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfIsaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfMarco Morana
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
 
Web Application Security Testing Tools
Web Application Security Testing ToolsWeb Application Security Testing Tools
Web Application Security Testing ToolsEric Lai
 
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Prathan Phongthiproek
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approachIdexcel Technologies
 
Jump-Start The MASVS
Jump-Start The MASVSJump-Start The MASVS
Jump-Start The MASVSPrathan Phongthiproek
 
Security testing in mobile applications
Security testing in mobile applicationsSecurity testing in mobile applications
Security testing in mobile applicationsJose Manuel Ortega Candel
 
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51martinvoelk
 
Hacking android apps by srini0x00
Hacking android apps by srini0x00Hacking android apps by srini0x00
Hacking android apps by srini0x00srini0x00
 
Bulletproof
BulletproofBulletproof
BulletproofGodfrey Nolan
 
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisThreats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisIan G
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Cyber securityppt
Cyber securitypptCyber securityppt
Cyber securitypptSachin Roy
 
Introduction to Application Security Testing
Introduction to Application Security TestingIntroduction to Application Security Testing
Introduction to Application Security TestingMohamed Ridha CHEBBI, CISSP
 
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introductionCeh v5 module 00 student introduction
Ceh v5 module 00 student introductionVi Tính Hoàng Nam
 
CySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdfCySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdfCCIEHOMER
 
312 50-demo
312 50-demo312 50-demo
312 50-demoTomas Vileikis
 

More Related Content

What's hot

Mobile application security
Mobile application securityMobile application security
Mobile application securityShubhneet Goel
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingPrathan Phongthiproek
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slidesBassam Al-Khatib
 
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesDecrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesBlueboxer2014
 
Isaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfIsaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfMarco Morana
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
 
Web Application Security Testing Tools
Web Application Security Testing ToolsWeb Application Security Testing Tools
Web Application Security Testing ToolsEric Lai
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approachIdexcel Technologies
 
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51martinvoelk
 
Hacking android apps by srini0x00
Hacking android apps by srini0x00Hacking android apps by srini0x00
Hacking android apps by srini0x00srini0x00
 
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisThreats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisIan G
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Cyber securityppt
Cyber securitypptCyber securityppt
Cyber securitypptSachin Roy
 
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introductionCeh v5 module 00 student introduction
Ceh v5 module 00 student introductionVi Tính Hoàng Nam
 

What's hot (20)

Mobile application security
Mobile application securityMobile application security
Mobile application security
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration Testing
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slides
 
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesDecrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
 
Isaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfIsaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdf
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample Report
 
Web Application Security Testing Tools
Web Application Security Testing ToolsWeb Application Security Testing Tools
Web Application Security Testing Tools
 
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approach
 
Jump-Start The MASVS
Jump-Start The MASVSJump-Start The MASVS
Jump-Start The MASVS
 
Security testing in mobile applications
Security testing in mobile applicationsSecurity testing in mobile applications
Security testing in mobile applications
 
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51
 
Hacking android apps by srini0x00
Hacking android apps by srini0x00Hacking android apps by srini0x00
Hacking android apps by srini0x00
 
Bulletproof
BulletproofBulletproof
Bulletproof
 
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisThreats, Threat Modeling and Analysis
Threats, Threat Modeling and Analysis
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Cyber securityppt
Cyber securitypptCyber securityppt
Cyber securityppt
 
Introduction to Application Security Testing
Introduction to Application Security TestingIntroduction to Application Security Testing
Introduction to Application Security Testing
 
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introductionCeh v5 module 00 student introduction
Ceh v5 module 00 student introduction
 

Similar to Sy0 401-q&amp;a-demo-cert magic

CySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdfCySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdfCCIEHOMER
 
Cv0 001-q&amp;a-demo-cert magic
Cv0 001-q&amp;a-demo-cert magicCv0 001-q&amp;a-demo-cert magic
Cv0 001-q&amp;a-demo-cert magicjenie Emmons
 
Exam-MB0-001 CompTIA Mobility+
Exam-MB0-001 CompTIA Mobility+Exam-MB0-001 CompTIA Mobility+
Exam-MB0-001 CompTIA Mobility+Ellina Beckman
 
4_5769479639445540375.pptx
4_5769479639445540375.pptx4_5769479639445540375.pptx
4_5769479639445540375.pptxHHoko1
 
St0 029 question answers
St0 029 question answersSt0 029 question answers
St0 029 question answersMarcoMCervantes
 
1z0-1104-21 Dumps Questions
1z0-1104-21 Dumps Questions1z0-1104-21 Dumps Questions
1z0-1104-21 Dumps QuestionsStudy Material
 
Chapter 12 protection_mechanisms
Chapter 12 protection_mechanismsChapter 12 protection_mechanisms
Chapter 12 protection_mechanismshusseinalshomali
 
SY0-701 PrepKit Exam Dumps
SY0-701 PrepKit Exam DumpsSY0-701 PrepKit Exam Dumps
SY0-701 PrepKit Exam Dumpsbronxfugly43
 
Quick Study for SY0-401 CompTIA Security+ Certification Exam with Practice
Quick Study for SY0-401 CompTIA Security+ Certification Exam with PracticeQuick Study for SY0-401 CompTIA Security+ Certification Exam with Practice
Quick Study for SY0-401 CompTIA Security+ Certification Exam with PracticePopeTeri
 
1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docxambersalomon88660
 
ethical hacker certified v05.16.06 426q
ethical hacker certified v05.16.06 426qethical hacker certified v05.16.06 426q
ethical hacker certified v05.16.06 426qAmbuj Sharma
 
Modul 1-sample-test
Modul 1-sample-testModul 1-sample-test
Modul 1-sample-teststacio
 
020-100 Certification Exam Unlock Success Dumps pdf.pdf
020-100 Certification Exam Unlock Success Dumps pdf.pdf020-100 Certification Exam Unlock Success Dumps pdf.pdf
020-100 Certification Exam Unlock Success Dumps pdf.pdfAliza Oscar
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5madunix
 
H12-711_V3.0-ENU HCIA-Security v3.0 Real Questions
H12-711_V3.0-ENU HCIA-Security v3.0 Real QuestionsH12-711_V3.0-ENU HCIA-Security v3.0 Real Questions
H12-711_V3.0-ENU HCIA-Security v3.0 Real QuestionswilliamLeo13
 
IBM Cloud Professional Architect v5 C1000-118 Exam Questions
IBM Cloud Professional Architect v5 C1000-118 Exam QuestionsIBM Cloud Professional Architect v5 C1000-118 Exam Questions
IBM Cloud Professional Architect v5 C1000-118 Exam QuestionswilliamLeo13
 

Similar to Sy0 401-q&amp;a-demo-cert magic (20)

CySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdfCySA+_CS0-002_May_2023-v1.1.pdf
CySA+_CS0-002_May_2023-v1.1.pdf
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
 
Cv0 001-q&amp;a-demo-cert magic
Cv0 001-q&amp;a-demo-cert magicCv0 001-q&amp;a-demo-cert magic
Cv0 001-q&amp;a-demo-cert magic
 
Wa
WaWa
Wa
 
Exam-MB0-001 CompTIA Mobility+
Exam-MB0-001 CompTIA Mobility+Exam-MB0-001 CompTIA Mobility+
Exam-MB0-001 CompTIA Mobility+
 
4_5769479639445540375.pptx
4_5769479639445540375.pptx4_5769479639445540375.pptx
4_5769479639445540375.pptx
 
St0 029 question answers
St0 029 question answersSt0 029 question answers
St0 029 question answers
 
1z0-1104-21 Dumps Questions
1z0-1104-21 Dumps Questions1z0-1104-21 Dumps Questions
1z0-1104-21 Dumps Questions
 
Com Ed 8 Finals
Com Ed 8 FinalsCom Ed 8 Finals
Com Ed 8 Finals
 
Chapter 12 protection_mechanisms
Chapter 12 protection_mechanismsChapter 12 protection_mechanisms
Chapter 12 protection_mechanisms
 
SY0-701 PrepKit Exam Dumps
SY0-701 PrepKit Exam DumpsSY0-701 PrepKit Exam Dumps
SY0-701 PrepKit Exam Dumps
 
Quick Study for SY0-401 CompTIA Security+ Certification Exam with Practice
Quick Study for SY0-401 CompTIA Security+ Certification Exam with PracticeQuick Study for SY0-401 CompTIA Security+ Certification Exam with Practice
Quick Study for SY0-401 CompTIA Security+ Certification Exam with Practice
 
1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx
 
ethical hacker certified v05.16.06 426q
ethical hacker certified v05.16.06 426qethical hacker certified v05.16.06 426q
ethical hacker certified v05.16.06 426q
 
Modul 1-sample-test
Modul 1-sample-testModul 1-sample-test
Modul 1-sample-test
 
020-100 Certification Exam Unlock Success Dumps pdf.pdf
020-100 Certification Exam Unlock Success Dumps pdf.pdf020-100 Certification Exam Unlock Success Dumps pdf.pdf
020-100 Certification Exam Unlock Success Dumps pdf.pdf
 
300 208 exam dumps
300 208 exam dumps300 208 exam dumps
300 208 exam dumps
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5
 
H12-711_V3.0-ENU HCIA-Security v3.0 Real Questions
H12-711_V3.0-ENU HCIA-Security v3.0 Real QuestionsH12-711_V3.0-ENU HCIA-Security v3.0 Real Questions
H12-711_V3.0-ENU HCIA-Security v3.0 Real Questions
 
IBM Cloud Professional Architect v5 C1000-118 Exam Questions
IBM Cloud Professional Architect v5 C1000-118 Exam QuestionsIBM Cloud Professional Architect v5 C1000-118 Exam Questions
IBM Cloud Professional Architect v5 C1000-118 Exam Questions
 

Recently uploaded

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 

Recently uploaded (20)

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 

Sy0 401-q&amp;a-demo-cert magic

  • 1. CCCEEERRRTTT MMMAAAGGGIIICCC Demo Edition CompTIA Security+ Exam: SY0-401 SY0-401 1 http://www.certmagic.com
  • 2. QUESTION: 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols? A. TCP/IP B. SSL C. SCP D. SSH Answer: B QUESTION: 2 A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO’s requirements? A. Username and password B. Retina scan and fingerprint scan C. USB token and PIN D. Proximity badge and token Answer: C QUESTION: 3 Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended? A. Screen lock B. Voice encryption C. GPS tracking D. Device encryption Answer: A SY0-401 2 http://www.certmagic.com
  • 3. QUESTION: 4 Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? A. Protocol analyzer B. Baseline report C. Risk assessment D. Vulnerability scan Answer: A QUESTION: 5 Which of the following can result in significant administrative overhead from incorrect reporting? A. Job rotation B. Acceptable usage policies C. False positives D. Mandatory vacations Answer: C QUESTION: 6 A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system? A. Penetration test B. Vulnerability scan C. Load testing D. Port scanner Answer: B SY0-401 3 http://www.certmagic.com
  • 4. QUESTION: 7 Which of the following risk concepts requires an organization to determine the number of failures per year? A. SLE B. ALE C. MTBF D. Quantitative analysis Answer: B QUESTION: 8 A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique? A. Disabling unnecessary accounts B. Rogue machine detection C. Encrypting sensitive files D. Implementing antivirus Answer: B QUESTION: 9 Three of the primary security control types that can be implemented are. A. Supervisory, subordinate, and peer. B. Personal, procedural, and legal. C. Operational, technical, and management. D. Mandatory, discretionary, and permanent. Answer: C QUESTION: 10 The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST SY0-401 4 http://www.certmagic.com
  • 5. appropriate as a FIRST response? A. Recovery B. Follow-up C. Validation D. Identification E. Eradication F. Containment Answer: D QUESTION: 11 Which of the following protocols operates at the HIGHEST level of the OSI model? A. ICMP B. IPSec C. SCP D. TCP Answer: C QUESTION: 12 Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? A. $500 B. $5,000 C. $25,000 D. $50,000 Answer: B QUESTION: 13 Which of the following should an administrator implement to research current attack SY0-401 5 http://www.certmagic.com
  • 6. methodologies? A. Design reviews B. Honeypot C. Vulnerability scanner D. Code reviews Answer: B QUESTION: 14 Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks? A. Intrusion Detection System B. Flood Guard Protection C. Web Application Firewall D. URL Content Filter Answer: C QUESTION: 15 Which of the following means of wireless authentication is easily vulnerable to spoofing? A. MAC Filtering B. WPA - LEAP C. WPA - PEAP D. Enabled SSID Answer: A QUESTION: 16 The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO). A. permit redirection to Internet-facing web URLs. SY0-401 6 http://www.certmagic.com
  • 7. B. ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”. C. validate and filter input on the server side and client side. D. use a web proxy to pass website requests between the user and the application. E. restrict and sanitize use of special characters in input and URLs. Answer: C, E QUESTION: 17 Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP Answer: D QUESTION: 18 Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate? A. System image capture B. Record time offset C. Order of volatility D. Chain of custody Answer: D QUESTION: 19 A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? SY0-401 7 http://www.certmagic.com
  • 8. A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions Answer: B QUESTION: 20 Which of the following is being tested when a company’s payroll server is powered off for eight hours? A. Succession plan B. Business impact document C. Continuity of operations plan D. Risk assessment plan Answer: C SY0-401 8 http://www.certmagic.com