Pass4Test사이트에서 제공하는 CompTIA SY0-401 (CompTIA Security+ Certification) 덤프의 일부 문제와 답을 체험해보세요. 우리 Pass4Test의 CompTIA SY0-401 (CompTIA Security+ Certification) 덤프공부자료를 선택해주신다면 우리는 최선을 다하여 여러분이 꼭 한번에 시험을 패스할 수 있도록 도와드리겠습니다.만약 여러분이 우리의 인증시험 덤프를 보시고 CompTIA SY0-401 (CompTIA Security+ Certification) 시험이랑 틀려서 패스를 하지 못하였다면 우리는 무조건 덤프비용 전부를 환불해드릴것입니다. Pass4Test제품으로 자격증을 정복합시다!
NO.1 Which of the following assessments would Pete, the security administrator, use to actively test
that an application's security controls are in place?
A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan
Answer: B
NO.2 Which of the following is an example of a false positive?
A. Anti-virus identifies a benign application as malware.
B. A biometric iris scanner rejects an authorized user wearing a new contact lens.
C. A user account is locked out after the user mistypes the password too many times.
D. The IDS does not identify a buffer overflow.
Answer: A
NO.3 Pete needs to open ports on the firewall to allow for secure transmission of files. Which of
the following ports should be opened on the firewall?
A. TCP 23
B. UDP 69
C. TCP 22
D. TCP 21
Answer: C
NO.4 In the initial stages of an incident response, Matt, the security administrator, was provided
the hard drives in question from the incident manager. Which of the following incident response
procedures would he need to perform in order to begin the analysis? (Select TWO).
A. Take hashes
B. Begin the chain of custody paperwork
C. Take screen shots
D. Capture the system image
E. Decompile suspicious files
Answer: A,D
NO.5 Mike, a network administrator, has been asked to passively monitor network traffic to the
company's sales websites. Which of the following would be BEST suited for this task?
A. HIDS
B. Firewall
C. NIPS
D. Spam filter
Answer: C
NO.6 Configuring the mode, encryption methods, and security associations are part of which of the
following?
A. IPSec
B. Full disk encryption
C. 802.1x
D. PKI
Answer: A
NO.7 Jane has recently implemented a new network design at her organization and wishes to
passively identify security issues with the new network. Which of the following should Jane perform?
A. Vulnerability assessment
B. Black box testing
C. White box testing
D. Penetration testing
Answer: A
NO.8 Pete, a developer, writes an application. Jane, the security analyst, knows some things about
the overall application but does not have all the details. Jane needs to review the software before it
is released to production. Which of the following reviews should Jane conduct?
A. Gray Box Testing
B. Black Box Testing
C. Business Impact Analysis
D. White Box Testing
Answer: A