Pass4Test사이트에서 제공하는  CompTIA SY0-401 (CompTIA Security+ Certification) 덤프의 일부 문제와 답을 체험해보세요. 우리 Pass4Test의 CompTIA SY0-401 (CompTIA Security+ Certification) 덤프공부자료를 선택해주신다면 우리는 최선을 다하여 여러분이 꼭 한번에 시험을 패스할 수 있도록 도와드리겠습니다.만약 여러분이 우리의 인증시험 덤프를 보시고 CompTIA SY0-401 (CompTIA Security+ Certification) 시험이랑 틀려서 패스를 하지 못하였다면 우리는 무조건 덤프비용 전부를 환불해드릴것입니다. Pass4Test제품으로 자격증을 정복합시다!

NO.1 Which of the following assessments would Pete, the security administrator, use to actively test

that an application's security controls are in place?

A. Code review

B. Penetration test

C. Protocol analyzer

D. Vulnerability scan

Answer: B

NO.2 Which of the following is an example of a false positive?

A. Anti-virus identifies a benign application as malware.

B. A biometric iris scanner rejects an authorized user wearing a new contact lens.

C. A user account is locked out after the user mistypes the password too many times.

D. The IDS does not identify a buffer overflow.

Answer: A

NO.3 Pete needs to open ports on the firewall to allow for secure transmission of files. Which of

the following ports should be opened on the firewall?

A. TCP 23

B. UDP 69

C. TCP 22

D. TCP 21

Answer: C

NO.4 In the initial stages of an incident response, Matt, the security administrator, was provided

the hard drives in question from the incident manager. Which of the following incident response

procedures would he need to perform in order to begin the analysis? (Select TWO).

A. Take hashes

B. Begin the chain of custody paperwork

C. Take screen shots

D. Capture the system image

E. Decompile suspicious files

Answer: A,D

NO.5 Mike, a network administrator, has been asked to passively monitor network traffic to the

company's sales websites. Which of the following would be BEST suited for this task?

A. HIDS

B. Firewall

C. NIPS

D. Spam filter

Answer: C

NO.6 Configuring the mode, encryption methods, and security associations are part of which of the

following?

A. IPSec

B. Full disk encryption

C. 802.1x

D. PKI

Answer: A

NO.7 Jane has recently implemented a new network design at her organization and wishes to

passively identify security issues with the new network. Which of the following should Jane perform?

A. Vulnerability assessment

B. Black box testing

C. White box testing

D. Penetration testing

Answer: A

NO.8 Pete, a developer, writes an application. Jane, the security analyst, knows some things about

the overall application but does not have all the details. Jane needs to review the software before it

is released to production. Which of the following reviews should Jane conduct?

A. Gray Box Testing

B. Black Box Testing

C. Business Impact Analysis

D. White Box Testing

Answer: A