회사 다니면서 CompTIA SY0-401 (CompTIA Security+ Certification) 시험공부까지 하려면 너무 힘들죠? CompTIA SY0-401 (CompTIA Security+ Certification) 시험패스때문에 고민하고 계시는 분들, 이젠 고민고민하지 마세요. Pass4test가 여러분들을 위해 CompTIA SY0-401 (CompTIA Security+ Certification) 시험부담을 덜어드립니다. Pass4test를 믿고 가시면 어려운 길도 쉬워집니다.
시험 번호/코드: SY0-401
시험 이름: CompTIA Security+ Certification
버전: V13.95
업데이트: 2015-03-18
Q & A: 1036문항
NO.1 Which of the following protocols uses an asymmetric key to open a session
and then establishes
a symmetric key for the remainder of the session?
A.
SFTP
B. HTTPS
C. TFTP
D. TLS
Answer: B
NO.2 Which of the
following components MUST be trusted by all parties in PKI?
A. Key
escrow
B. CA
C. Private key
D. Recovery key
Answer: B
NO.3 An
administrator has a network subnet dedicated to a group of users. Due to
concerns
regarding data and network security, the administrator desires to
provide network access for this
group only. Which of the following would BEST
address this desire?
A. Install a proxy server between the users' computers
and the switch to filter inbound network
traffic.
B. Block commonly used
ports and forward them to higher and unused port numbers.
C. Configure the
switch to allow only traffic from computers based upon their physical
address.
D. Install host-based intrusion detection software to monitor
incoming DHCP Discover
requests.
Answer: C
NO.4 Which of the
following BEST describes a demilitarized zone?
A. A buffer zone between
protected and unprotected networks.
B. A network where all servers exist and
are monitored.
C. A sterile, isolated network segment with access
lists.
D. A private network that is protected by a firewall and a
VLAN.
Answer: A
NO.5 An investigator recently discovered that an
attacker placed a remotely accessible CCTV
camera in a public area
overlooking several Automatic Teller Machines (ATMs). It is also believed
that
user accounts belonging to ATM operators may have been compromised.
Which of the following
attacks has MOST likely taken place?
A. Shoulder
surfing
B. Dumpster diving
C. Whaling attack
D. Vishing
attack
Answer: A
NO.6 Mandatory vacations are a security control which
can be used to uncover which of the
following?
A. Fraud committed by a
system administrator
B. Poor password security among users
C. The need for
additional security staff
D. Software vulnerabilities in vendor
code
Answer: A
NO.7 The security administrator is implementing a
malware storage system to archive all malware
seen by the company into a
central database. The malware must be categorized and stored based
on
similarities in the code. Which of the following should the security
administrator use to identify
similar malware?
A. TwoFish
B.
SHA-512
C. Fuzzy hashes
D. HMAC
Answer: C
NO.8 Which of the
following tools will allow a technician to detect security-related TCP
connection
anomalies?
A. Logical token
B. Performance monitor
C.
Public key infrastructure
D. Trusted platform module
Answer: B
and then establishes
a symmetric key for the remainder of the session?
A.
SFTP
B. HTTPS
C. TFTP
D. TLS
Answer: B
NO.2 Which of the
following components MUST be trusted by all parties in PKI?
A. Key
escrow
B. CA
C. Private key
D. Recovery key
Answer: B
NO.3 An
administrator has a network subnet dedicated to a group of users. Due to
concerns
regarding data and network security, the administrator desires to
provide network access for this
group only. Which of the following would BEST
address this desire?
A. Install a proxy server between the users' computers
and the switch to filter inbound network
traffic.
B. Block commonly used
ports and forward them to higher and unused port numbers.
C. Configure the
switch to allow only traffic from computers based upon their physical
address.
D. Install host-based intrusion detection software to monitor
incoming DHCP Discover
requests.
Answer: C
NO.4 Which of the
following BEST describes a demilitarized zone?
A. A buffer zone between
protected and unprotected networks.
B. A network where all servers exist and
are monitored.
C. A sterile, isolated network segment with access
lists.
D. A private network that is protected by a firewall and a
VLAN.
Answer: A
NO.5 An investigator recently discovered that an
attacker placed a remotely accessible CCTV
camera in a public area
overlooking several Automatic Teller Machines (ATMs). It is also believed
that
user accounts belonging to ATM operators may have been compromised.
Which of the following
attacks has MOST likely taken place?
A. Shoulder
surfing
B. Dumpster diving
C. Whaling attack
D. Vishing
attack
Answer: A
NO.6 Mandatory vacations are a security control which
can be used to uncover which of the
following?
A. Fraud committed by a
system administrator
B. Poor password security among users
C. The need for
additional security staff
D. Software vulnerabilities in vendor
code
Answer: A
NO.7 The security administrator is implementing a
malware storage system to archive all malware
seen by the company into a
central database. The malware must be categorized and stored based
on
similarities in the code. Which of the following should the security
administrator use to identify
similar malware?
A. TwoFish
B.
SHA-512
C. Fuzzy hashes
D. HMAC
Answer: C
NO.8 Which of the
following tools will allow a technician to detect security-related TCP
connection
anomalies?
A. Logical token
B. Performance monitor
C.
Public key infrastructure
D. Trusted platform module
Answer: B