Latest CompTIA SY0-401 Exam Questions – Updated 2018

CompTIA Security+ SY0-401 certification exam success with money back guarantee is offered by preparing through the most updated SY0-401 exam dumps material available as practice test software and PDF Q&A file. CompTIA Security+ SY0-401 PDF booklet offers the most updated SY0-401 exam questions with the answers and SY0-401 exam practice test software is the most reliable source of SY0-401 exam preparation in a best way by arranging the entire SY0-401 exam logically.

♥♥ 2018 NEW RECOMMEND SY0-401 Exam Questions ♥♥

SY0-401 exam questions, SY0-401 PDF dumps; SY0-401 exam dumps:: https://www.dumpsschool.com/SY0-401-exam-dumps.html (1781 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest and Most Accurate CompTIA SY0-401 Dumps Exam Questions and Answers:

Version: 39.0
Question: 21

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?

A. Software as a Service
B. Infrastructure as a Service
C. Platform as a Service
D. Hosted virtualization service

Answer: A

Explanation:
Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.
Incorrect Answers:
B: In an IaaS model, a third-party provider hosts hardware, software, servers, storage and other infrastructure components on behalf of its users. IaaS providers also host users’ applications and handle tasks including system maintenance, backup and resiliency planning.
C: Platform as a service (PaaS) is a cloud computing model that delivers applications over the Internet. In a PaaS model, a cloud provider delivers hardware and software tools (usually those needed for application development) to its users as a service.
D: It is used to provide software development and QA/testing teams access to dependent system components that are needed to exercise an application under test (AUT), but are unavailable or difficult-to-access for development and testing purposes.
References:
http://searchcloudcomputing.techtarget.com/definition/Software-as-a-Service
http://searchcloudcomputing.techtarget.com/definition/Infrastructure-as-a-Service-IaaS
http://searchcloudcomputing.techtarget.com/definition/Platform-as-a-Service-PaaS
http://en.wikipedia.org/wiki/Service_virtualization

Question: 22

An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?

A. Infrastructure as a Service
B. Storage as a Service
C. Platform as a Service
D. Software as a Service

Answer: A

Explanation:
Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.
Incorrect Answers:
B: Storage as a Service (SaaS) is a business model in which third-party providers rent space on their storage to end users that lack the capital budget and/or technical personnel to implement and maintain their own storage infrastructure.
C: This entails cloud providers deliver a computing platform, typically including operating system, programming language execution environment, database, and web server.
D: Software as a Service (SaaS) is sometimes referred to as “on-demand software” and is usually priced on a pay-per-use basis or using a subscription fee.
References:
http://en.wikipedia.org/wiki/Cloud_computing
http://searchstorage.techtarget.com/definition/Storage-as-a-Service-SaaS

Question: 23

The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?

A. A NIDS was used in place of a NIPS.
B. The log is not in UTC.
C. The external party uses a firewall.
D. ABC company uses PAT.

Answer: D

Explanation:
PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source.
Incorrect Answers:
A: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks. This will not have any bearing on the security administrator at ABC Company finding the root of the attack.
B: UTC is the abbreviation for Coordinated Universal Time, which is the primary time standard by which the world regulates clocks and time. The time in the log is not the issue in this case.
C: Whether the external party uses a firewall or not will not have any bearing on the security administrator at ABC Company finding the root of the attack.
References:
http://www.webopedia.com/TERM/P/PAT.html
http://en.wikipedia.org/wiki/Intrusion_prevention_system
http://en.wikipedia.org/wiki/Coordinated_Universal_Time

Question: 24

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer
B. Router
C. Firewall
D. Switch

Answer: C

Explanation:
Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.
Incorrect Answers:
A: A sniffer is a tool used in the process of monitoring the data that is transmitted across a network.
B, D: A router is connected to two or more data lines from different networks, whereas a network switch is connected to data lines from one single network. These may include a firewall, but not by default.
References:
http://en.wikipedia.org/wiki/Iptables
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 342
http://en.wikipedia.org/wiki/Router_(computing)

Question: 25

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall

Answer: B

Explanation:
Stateful inspections occur at all levels of the network.
Incorrect Answers:
A: Packet-filtering firewalls operate at the Network layer (Layer 3) and the Transport layer (Layer 4) of the Open Systems Interconnect (OSI) model.
C: The proxy function can occur at either the application level or the circuit level.
D: Application Firewalls operates at the Application layer (Layer7) of the OSI model.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 98-100
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 6

Question: 26

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Sniffers
B. NIDS
C. Firewalls
D. Web proxies
E. Layer 2 switches

Answer: C

Explanation:
The basic purpose of a firewall is to isolate one network from another.
Incorrect Answers:
A: The terms protocol analyzer and packet sniffer are interchangeable. They refer to the tools used in the process of monitoring the data that is transmitted across a network.
B: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks.
D: Web proxies are used to forward HTTP requests.
E: Layer 2 switching uses the media access control address (MAC address) from the host’s network interface cards (NICs) to decide where to forward frames. Layer 2 switching is hardware based, which means switches use application-specific integrated circuit (ASICs) to build and maintain filter tables (also known as MAC address tables or CAM tables).
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 342
http://en.wikipedia.org/wiki/Intrusion_prevention_system
http://en.wikipedia.org/wiki/LAN_switching
http://en.wikipedia.org/wiki/Proxy_server#Web_proxy_servers

New Updated SY0-401 Exam Questions SY0-401 PDF dumps SY0-401 practice exam dumps: https://www.dumpsschool.com/SY0-401-exam-dumps.html

         

Facebook Comments