Pass4Test는 많은 분들이 Security+ SY0-401 (CompTIA Security+ Certification) 시험을 응시하여 성공하도록 도와주는 사이트입니다.Pass4Test의 Security+ SY0-401 (CompTIA Security+ Certification) 학습가이드는 시험의 예상문제로 만들어진 아주 퍼펙트한 시험자료입니다. Security+ SY0-401 (CompTIA Security+ Certification) 시험은 최근 가장 인기있는 시험으로 IT인사들의 사랑을 독차지하고 있으며 국제적으로 인정해주는 시험이라 어느 나라에서 근무하나 제한이 없습니다. Pass4Test로 여러분은 소유하고 싶은 인증서를 빠른 시일내에 얻게 될것입니다.
NO.1 Which of the following BEST describes a demilitarized zone?
A. A buffer
zone between protected and unprotected networks.
B. A network where all
servers exist and are monitored.
C. A sterile, isolated network segment with
access lists.
D. A private network that is protected by a firewall and a
VLAN.
Answer: A
NO.2 A security technician is attempting to improve
the overall security posture of an internal mail
server. Which of the
following actions would BEST accomplish this goal?
A. Monitoring event logs
daily
B. Disabling unnecessary services
C. Deploying a content filter on
the network
D. Deploy an IDS on the network
Answer: B
NO.3 Which of
the following protocols uses an asymmetric key to open a session and then
establishes
a symmetric key for the remainder of the session?
A.
SFTP
B. HTTPS
C. TFTP
D. TLS
Answer: B
NO.4 Which of the
following would a security administrator implement in order to identify
a
problem between two systems that are not communicating properly?
A.
Protocol analyzer
B. Baseline report
C. Risk assessment
D.
Vulnerability scan
Answer: A
NO.5 A software development company has
hired a programmer to develop a plug-in module to an
existing proprietary
application. After completing the module, the developer needs to test the
entire
application to ensure that the module did not introduce new
vulnerabilities. Which of the following is
the developer performing when
testing the application?
A. Black box testing
B. White box testing
C.
Gray box testing
D. Design review
Answer: C
NO.6 Which of the
following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS
NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input
validation
C. CSRF prevention
D. Cross-site scripting
prevention
Answer: B
NO.7 The security administrator is implementing a
malware storage system to archive all malware
seen by the company into a
central database. The malware must be categorized and stored based
on
similarities in the code. Which of the following should the security
administrator use to identify
similar malware?
A. TwoFish
B.
SHA-512
C. Fuzzy hashes
D. HMAC
Answer: C
NO.8 An administrator
has a network subnet dedicated to a group of users. Due to concerns
regarding
data and network security, the administrator desires to provide network access
for this
group only. Which of the following would BEST address this
desire?
A. Install a proxy server between the users' computers and the switch
to filter inbound network
traffic.
B. Block commonly used ports and
forward them to higher and unused port numbers.
C. Configure the switch to
allow only traffic from computers based upon their physical address.
D.
Install host-based intrusion detection software to monitor incoming DHCP
Discover
requests.
Answer: C
A. A buffer
zone between protected and unprotected networks.
B. A network where all
servers exist and are monitored.
C. A sterile, isolated network segment with
access lists.
D. A private network that is protected by a firewall and a
VLAN.
Answer: A
NO.2 A security technician is attempting to improve
the overall security posture of an internal mail
server. Which of the
following actions would BEST accomplish this goal?
A. Monitoring event logs
daily
B. Disabling unnecessary services
C. Deploying a content filter on
the network
D. Deploy an IDS on the network
Answer: B
NO.3 Which of
the following protocols uses an asymmetric key to open a session and then
establishes
a symmetric key for the remainder of the session?
A.
SFTP
B. HTTPS
C. TFTP
D. TLS
Answer: B
NO.4 Which of the
following would a security administrator implement in order to identify
a
problem between two systems that are not communicating properly?
A.
Protocol analyzer
B. Baseline report
C. Risk assessment
D.
Vulnerability scan
Answer: A
NO.5 A software development company has
hired a programmer to develop a plug-in module to an
existing proprietary
application. After completing the module, the developer needs to test the
entire
application to ensure that the module did not introduce new
vulnerabilities. Which of the following is
the developer performing when
testing the application?
A. Black box testing
B. White box testing
C.
Gray box testing
D. Design review
Answer: C
NO.6 Which of the
following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS
NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input
validation
C. CSRF prevention
D. Cross-site scripting
prevention
Answer: B
NO.7 The security administrator is implementing a
malware storage system to archive all malware
seen by the company into a
central database. The malware must be categorized and stored based
on
similarities in the code. Which of the following should the security
administrator use to identify
similar malware?
A. TwoFish
B.
SHA-512
C. Fuzzy hashes
D. HMAC
Answer: C
NO.8 An administrator
has a network subnet dedicated to a group of users. Due to concerns
regarding
data and network security, the administrator desires to provide network access
for this
group only. Which of the following would BEST address this
desire?
A. Install a proxy server between the users' computers and the switch
to filter inbound network
traffic.
B. Block commonly used ports and
forward them to higher and unused port numbers.
C. Configure the switch to
allow only traffic from computers based upon their physical address.
D.
Install host-based intrusion detection software to monitor incoming DHCP
Discover
requests.
Answer: C