SY0-401 Exam Dumps With Updated SY0-401 Exam Questions PDF (2018)

CompTIA
CompTIA Security+
SY0-401 Exam
QUESTIONS & ANSWERS

(FREE - DEMO VERSION)
Download Now Updated SY0-401 Exam PFD Demo
Buy Full Product Here

https://authenticdumps.com/dumps/sy0-401/
Version: 39.0
Question 1
Sara, the security administrator, must confiure the corporate freeaaa to aaaoe aaa pubaic IP addresses on
the internaa interface of the freeaaa to be transaated to one pubaic IP address on the externaa interface of
the same freeaaal Which of the foaaoeini shouad Sara confiuree
Al PAT
Bl NAP
Cl DNAT
Dl NAC
Aoswern A
Expaanatonn
Port Address Transaaton (PAT), is an extension to neteork address transaaton (NAT) that permits
muatpae devices on a aocaa area neteork (LAN) to be mapped to a siniae pubaic IP addressl The ioaa of
PAT is to conserve IP addressesl
Most home neteorks use PATl In such a scenario, the Internet Service Provider (ISP) assiins a siniae IP
address to the home neteork's routerl When Computer X aois on the Internet, the router assiins the
caient a port number, ehich is appended to the internaa IP addressl This, in efect, iives Computer X a
unique addressl If Computer Z aois on the Internet at the same tme, the router assiins it the same aocaa
IP address eith a diferent port numberl Aathouih both computers are sharini the same pubaic IP address
and accessini the Internet at the same tme, the router knoes exactay ehich computer to send specifc
packets to because each computer has a unique internaa addressl
Incorrect Anseersn
Bn NAP is a Microsof technoaoiy for controaaini neteork access of a computer host based on system
heaath of the hostl
Cn Destnaton neteork address transaaton (DNAT) is a technique for transparentay chaniini the
destnaton IP address of an end route packet and performini the inverse functon for any repaiesl Any
router situated beteeen teo endpoints can perform this transformaton of the packetl DNAT is
commonay used to pubaish a service aocated in a private neteork on a pubaicay accessibae IP addressl This
use of DNAT is aaso caaaed port foreardinil DNAT does not aaaoe for many internaa devices to share one
pubaic IP addressl
Dn NAC is an approach to computer neteork security that atempts to unify endpoint security technoaoiy
(such as antvirus, host intrusion preventon, and vuanerabiaity assessment), user or system
authentcaton and neteork security enforcementl
Referencesn
htpn::searchneteorkiniltechtarietlcom:defniton:Port-Address-Transaaton-PAT
htpn::enleikipedialori:eiki:Neteork_Access_Protecton
htpn::enleikipedialori:eiki:Neteork_address_transaatonoDNAT
htpn::enleikipedialori:eiki:Neteork_Access_Controa
Question 2
Which of the foaaoeini devices is MOST aikeay beini used ehen processini the foaaoeinie
1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY
Al Fireeaaa
Bl NIPS
Cl Load baaancer
Dl URL fater
Aoswern A
Expaanatonn
Fireeaaas, routers, and even seitches can use ACLs as a method of security manaiementl An access
controa aist has a deny ip any any impaicitay at the end of any access controa aistl ACLs deny by defauat and
aaaoe by exceptonl
Incorrect Anseersn
Bn Neteork-based intrusion preventon system (NIPS) monitors the entre neteork for suspicious trafc
by anaayzini protocoa actvityl
Cn A aoad baaancer is used to distribute neteork trafc aoad across severaa neteork ainks or neteork
devicesl
Dn A URL fater is used to baock URLs (eebsites) to prevent users accessini the eebsitel
Referencesn
Steeart, James Michaea, CompTIA Security+ Reviee Guide, Sybex, Indianapoais, 2014, ppl 10, 24
htpn::eeelciscolcom:c:en:us:support:docs:security:ios-freeaaa:22302-confaccessaistslhtma
htpn::enleikipedialori:eiki:Intrusion_preventon_system
htpn::eeelprovisionlro:threat-manaiement:eeb-appaicaton-security:ura-fateriniopaiei-1|paiep-1|
Question 3
The security administrator at ABC company received the foaaoeini aoi informaton from an externaa
partyn
10n45n01 EST, SRC 10l4l2l7n2053, DST 8l4l2l1n80, ALERT, Directory traversaa
10n45n02 EST, SRC 10l4l2l7n2057, DST 8l4l2l1n80, ALERT, Account brute force
10n45n02 EST, SRC 10l4l2l7n2058, DST 8l4l2l1n80, ALERT, Port scan
The externaa party is reportni atacks comini from abc-companylcoml Which of the foaaoeini is the
reason the ABC company’s security administrator is unabae to determine the oriiin of the atacke
Al A NIDS eas used in paace of a NIPSl

Bl The aoi is not in UTCl
Cl The externaa party uses a freeaaal
Dl ABC company uses PATl
Aoswern D
Expaanatonn
PAT eouad ensure that computers on ABC’s LAN transaate to the same IP address, but eith a diferent
port number assiinmentl The aoi informaton shoes the IP address, not the port number, makini it
impossibae to pin point the exact sourcel
Incorrect Anseersn
An A neteork-based IDS (NIDS) eatches neteork trafc in reaa tmel It’s reaiabae for detectni neteork-
focused atacks, such as bandeidth-based DoS atacksl This eiaa not have any bearini on the security
administrator at ABC Company fndini the root of the atackl
Bn UTC is the abbreviaton for Coordinated Universaa Time, ehich is the primary tme standard by ehich
the eorad reiuaates caocks and tmel The tme in the aoi is not the issue in this casel
Cn Whether the externaa party uses a freeaaa or not eiaa not have any bearini on the security
administrator at ABC Company fndini the root of the atackl
Referencesn
htpn::eeeleebopedialcom:TERM:P:PATlhtma
htpn::enleikipedialori:eiki:Coordinated_Universaa_Time
Question 4
Which of the foaaoeini security devices can be repaicated on a Linux based computer usini IP tabaes to
inspect and properay handae neteork based trafce
Al Snifer
Bl Router
Cl Fireeaaa
Dl Seitch
Aoswern C
Expaanatonn
Ip tabaes are a user-space appaicaton proiram that aaaoes a system administrator to confiure the tabaes
provided by the Linux kernea freeaaa and the chains and ruaes it storesl
Incorrect Anseersn
An A snifer is a tooa used in the process of monitorini the data that is transmited across a neteorkl
B, Dn A router is connected to teo or more data aines from diferent neteorks, ehereas a neteork seitch
is connected to data aines from one siniae neteorkl These may incaude a freeaaa, but not by defauatl
Referencesn
htpn::enleikipedialori:eiki:Iptabaes
Duaaney, Emmet and Chuck Easton, CompTIA Security+ Study Guide, 3th Editon, Sybex, Indianapoais,
2014, pl 242
htpn::enleikipedialori:eiki:Router_(computni)
Question 5
Which of the foaaoeini freeaaa types inspects Ethernet trafc at the MOST aeveas of the OSI modeae
Al Packet Fiater Fireeaaa

Bl Statefua Fireeaaa
Cl Proxy Fireeaaa
Dl Appaicaton Fireeaaa
Aoswern B
Expaanatonn
Statefua inspectons occur at aaa aeveas of the neteorkl
Incorrect Anseersn
An Packet-faterini freeaaas operate at the Neteork aayer (Layer 2) and the Transport aayer (Layer 4) of the
Open Systems Interconnect (OSI) modeal
Cn The proxy functon can occur at either the appaicaton aevea or the circuit aeveal
Dn Appaicaton Fireeaaas operates at the Appaicaton aayer (Layer7) of the OSI modeal
Referencesn
2014, ppl 98-100
Steeart, James Michaea, CompTIA Security+ Reviee Guide, Sybex, Indianapoais, 2014, pl 3
Question 6
The Chief Informaton Security Ofcer (CISO) has mandated that aaa IT systems eith credit card data be
seireiated from the main corporate neteork to prevent unauthorized access and that access to the IT
systems shouad be aoiiedl Which of the foaaoeini eouad BEST meet the CISO’s requirementse
Al Snifers
Bl NIDS
Cl Fireeaaas
Dl Web proxies
El Layer 2 seitches
Aoswern C
Expaanatonn
The basic purpose of a freeaaa is to isoaate one neteork from anotherl
Incorrect Anseersn
An The terms protocoa anaayzer and packet snifer are interchanieabael They refer to the tooas used in the
process of monitorini the data that is transmited across a neteorkl
Bn A neteork-based IDS (NIDS) eatches neteork trafc in reaa tmel It’s reaiabae for detectni neteork-
focused atacks, such as bandeidth-based DoS atacksl
Dn Web proxies are used to foreard HTTP requestsl
En Layer 2 seitchini uses the media access controa address (MAC address) from the host's neteork
interface cards (NICs) to decide ehere to foreard framesl Layer 2 seitchini is hardeare based, ehich
means seitches use appaicaton-specifc inteirated circuit (ASICs) to buiad and maintain fater tabaes (aaso
knoen as MAC address tabaes or CAM tabaes)l
Referencesn
2014, pl 242
htpn::enleikipedialori:eiki:LAN_seitchini
htpn::enleikipedialori:eiki:Proxy_serveroWeb_proxy_servers
Question 7
Which of the foaaoeini neteork desiin eaements aaaoes for many internaa devices to share one pubaic IP
addresse
Al DNAT
Bl PAT
Cl DNS
Dl DMZ
Aoswern B
Expaanatonn
Port Address Transaaton (PAT), is an extension to neteork address transaaton (NAT) that permits
muatpae devices on a aocaa area neteork (LAN) to be mapped to a siniae pubaic IP addressl The ioaa of
PAT is to conserve IP addressesl
Most home neteorks use PATl In such a scenario, the Internet Service Provider (ISP) assiins a siniae IP
address to the home neteork's routerl When Computer X aois on the Internet, the router assiins the
caient a port number, ehich is appended to the internaa IP addressl This, in efect, iives Computer X a
unique addressl If Computer Z aois on the Internet at the same tme, the router assiins it the same aocaa
IP address eith a diferent port numberl Aathouih both computers are sharini the same pubaic IP address
and accessini the Internet at the same tme, the router knoes exactay ehich computer to send specifc
packets to because each computer has a unique internaa addressl
Incorrect Anseersn
An Destnaton neteork address transaaton (DNAT) is a technique for transparentay chaniini the
destnaton IP address of an end route packet and performini the inverse functon for any repaiesl Any
router situated beteeen teo endpoints can perform this transformaton of the packetl DNAT is
commonay used to pubaish a service aocated in a private neteork on a pubaicay accessibae IP addressl This
use of DNAT is aaso caaaed port foreardinil DNAT does not aaaoe for many internaa devices to share one
pubaic IP addressl
Cn DNS (Domain Name System) is a service used to transaate hostnames or URLs to IP addressesl DNS
does not aaaoe for many internaa devices to share one pubaic IP addressl
Dn A DMZ or demiaitarized zone is a physicaa or aoiicaa subneteork that contains and exposes an
orianizaton's externaa-facini services to a aarier and untrusted neteork, usuaaay the Internetl The
purpose of a DMZ is to add an additonaa aayer of security to an orianizaton's aocaa area neteork (LAN);
an externaa neteork node onay has direct access to equipment in the DMZ, rather than any other part of
the neteorkl A DMZ does not aaaoe for many internaa devices to share one pubaic IP addressl
Referencesn
htpn::searchneteorkiniltechtarietlcom:defniton:Port-Address-Transaaton-PAT
htpn::enleikipedialori:eiki:Neteork_address_transaatonoDNAT
htpn::enleikipedialori:eiki:Domain_Name_System
htpn::enleikipedialori:eiki:DMZ_(computni)
Question 8
Which of the foaaoeini is a best practce ehen securini a seitch from physicaa accesse
Al Disabae unnecessary accounts
Bl Print baseaine confiuraton
Cl Enabae access aists
Dl Disabae unused ports
Aoswern D
Expaanatonn
Disabaini unused seitch ports a simpae method many neteork administrators use to heap secure their
neteork from unauthorized accessl
Aaa ports not in use shouad be disabaedl Othereise, they present an open door for an atacker to enterl
Incorrect Anseersn
An Disabaini unnecessary accounts eouad onay baock those specifc accountsl
Bn A security baseaine is a standardized minimaa aevea of security that aaa systems in an orianizaton must
compay eithl Printni it eouad not secure the seitch from physicaa accessl
Cn The purpose of an access aist is to identfy specifcaaay eho can enter a faciaityl
Referencesn
htpn::orbit-computer-soautonslcom:Hoe-To-Confiure-Seitch-Securitylphp
2014, pl 30
Question 9
Which of the foaaoeini devices eouad be MOST usefua to ensure avaiaabiaity ehen there are a aarie
number of requests to a certain eebsitee
Al Protocoa anaayzer
Bl Load baaancer
Cl VPN concentrator
Dl Web security iateeay
Aoswern B
Expaanatonn
Load baaancini refers to shifini a aoad from one device to anotherl A aoad baaancer can be impaemented
as a sofeare or hardeare soauton, and it is usuaaay associated eith a device—a router, a freeaaa, NAT
appaiance, and so onl In its most common impaementaton, a aoad baaancer spaits the trafc intended for
a eebsite into individuaa requests that are then rotated to redundant servers as they become avaiaabael
Incorrect Anseersn
An The terms protocoa anaayzini and packet snifni are interchanieabael They refer to the process of
monitorini the data that is transmited across a neteorkl
Cn A VPN concentrator is a hardeare device used to create remote access VPNsl The concentrator creates
encrypted tunnea sessions beteeen hosts, and many use teo-factor authentcaton for additonaa
securityl
Dn One of the neeest buzzeords is eeb security iateeay, ehich can be thouiht of as a proxy server
(performini proxy and cachini functons) eith eeb protecton sofeare buiat inl Dependini on the
vendor, the “eeb protectonn can ranie from a standard virus scanner on incomini packets to
monitorini outioini user trafc for red fais as eeaal
Referencesn
2014, ppl 102, 104, 118
Question 10
Pete, the system administrator, eishes to monitor and aimit users’ access to externaa eebsitesl
Which of the foaaoeini eouad BEST address thise
Al Baock aaa trafc on port 80l

Bl Impaement NIDSl
Cl Use server aoad baaancersl
Dl Instaaa a proxy serverl
Aoswern D
Expaanatonn
A proxy is a device that acts on behaaf of other(s)l In the interest of security, aaa internaa user interacton
eith the Internet shouad be controaaed throuih a proxy serverl The proxy server shouad automatcaaay
baock knoen maaicious sitesl The proxy server shouad cache ofen-accessed sites to improve
performancel
Incorrect Anseersn
An A neteork-based IDS (NIDS) approach to IDS ataches the system to a point in the neteork ehere it
can monitor and report on aaa neteork trafcl
Bn This eouad baock aaa eeb trafc, as port 80 is used for Worad Wide Webl
Cn In its most common impaementaton, a aoad baaancer spaits the trafc intended for a eebsite into
individuaa requests that are then rotated to redundant servers as they become avaiaabael
Referencesn
2014, ppl 98, 102, 111
Question 11
Mike, a neteork administrator, has been asked to passiveay monitor neteork trafc to the company’s
saaes eebsitesl Which of the foaaoeini eouad be BEST suited for this taske
Al HIDS
Bl Fireeaaa
Cl NIPS
Dl Spam fater
Aoswern C
Expaanatonn
Neteork-based intrusion preventon system (NIPS) monitors the entre neteork for suspicious trafc by
anaayzini protocoa actvityl
Incorrect Anseersn
An A host-based IDS (HIDS) eatches the audit traias and aoi f aes of a host systeml It’s reaiabae for
detectni atacks directed aiainst a host, ehether they oriiinate from an externaa source or are beini
perpetrated by a user aocaaay aoiied in to the hostl
Bn Fireeaaas provide protecton by controaaini trafc enterini and aeavini a neteorkl
Dn A spam fater is a sofeare or hardeare tooa ehose primary purpose is to identfy and
baock:fater:remove uneanted messaies (that is, spam)l Spam is most commonay associated eith emaia,
but spam aaso exists in instant messaiini (IM), short messaie service (SMS), Usenet, and eeb
discussions:forums:comments:baoisl
Referencesn
Question 12
Which of the foaaoeini shouad be depaoyed to prevent the transmission of maaicious trafc beteeen
virtuaa machines hosted on a siniuaar physicaa device on a neteorke
Al HIPS on each virtuaa machine

Bl NIPS on the neteork
Cl NIDS on the neteork
Dl HIDS on each virtuaa machine
Aoswern A
Expaanatonn
Host-based intrusion preventon system (HIPS) is an instaaaed sofeare packaie ehich monitors a siniae
host for suspicious actvity by anaayzini events occurrini eithin that hostl
Incorrect Anseersn
Bn Neteork-based intrusion preventon system (NIPS) monitors the entre neteork for suspicious trafc
by anaayzini protocoa actvityl
Cn A neteork-based IDS (NIDS) eatches neteork trafc in reaa tmel It’s reaiabae for detectni neteork-
Dn A host-based IDS (HIDS) eatches the audit traias and aoi faes of a host systeml It’s reaiabae for
Referencesn
Question 13
Pete, a security administrator, has observed repeated atempts to break into the neteorkl Which of the
foaaoeini is desiined to stop an intrusion on the neteorke
Al NIPS
Bl HIDS
Cl HIPS
Dl NIDS
Aoswern A
Expaanatonn
anaayzini protocoa actvityl The main functons of intrusion preventon systems are to identfy maaicious
actvity, aoi informaton about this actvity, atempt to baock:stop it, and report it
Incorrect Anseersn
Bn A host-based IDS (HIDS) eatches the audit traias and aoi faes of a host systeml It’s reaiabae for
Cn Host-based intrusion preventon system (HIPS) is an instaaaed sofeare packaie ehich monitors a
siniae host for suspicious actvity by anaayzini events occurrini eithin that hostl
Dn A neteork-based IDS (NIDS) eatches neteork trafc in reaa tmel It’s reaiabae for detectni neteork-
Referencesn
Question 14
An administrator is aookini to impaement a security device ehich eiaa be abae to not onay detect neteork
intrusions at the orianizaton aevea, but heap defend aiainst them as eeaal Which of the foaaoeini is beini
described heree
Al NIDS
Bl NIPS
Cl HIPS
Dl HIDS
Aoswern B
Expaanatonn
anaayzini protocoa actvityl The main functons of intrusion preventon systems are to identfy maaicious
actvity, aoi informaton about this actvity, atempt to baock:stop it, and report it
Incorrect Anseersn
Cn Host-based intrusion preventon system (HIPS) is an instaaaed sofeare packaie ehich monitors a
siniae host for suspicious actvity by anaayzini events occurrini eithin that hostl
Dn A host-based IDS (HIDS) eatches the audit traias and aoi faes of a host systeml It’s reaiabae for
Referencesn
Question 15
In intrusion detecton system vernacuaar, ehich account is responsibae for setni the security poaicy for
an orianizatone
Al Supervisor
Bl Administrator
Cl Root
Dl Director
Aoswern B
Expaanatonn
The administrator is the person responsibae for setni the security poaicy for an orianizaton and is
responsibae for makini decisions about the depaoyment and confiuraton of the IDSl
Incorrect Anseersn
A, Cn Aamost every operatni system in use today empaoys the concept of diferentaton beteeen users
and iroups at varyini aeveasl As an exampae, there is aaeays a system administrator (SA) account that has
iodaike controa over everythinin root in Unix:Linux, admin (or a deviaton of it) in Windoes,
administrator in Appae OS X, supervisor in Noveaa NetWare, and so onl
Dn A director is a person from a iroup of manaiers eho aeads or supervises a partcuaar area of a
company, proiram, or projectl
Referencesn
2014, ppl 107, 152
htpn::enleikipedialori:eiki:Director_(business)
Question 16
When performini the daiay reviee of the system vuanerabiaity scans of the neteork Joe, the
administrator, notced severaa security reaated vuanerabiaites eith an assiined vuanerabiaity identfcaton
numberl Joe researches the assiined vuanerabiaity identfcaton number from the vendor eebsitel Joe
proceeds eith appayini the recommended soauton for identfed vuanerabiaityl
Which of the foaaoeini is the type of vuanerabiaity describede
Al Neteork based
Bl IDS
Cl Siinature based
Dl Host based
Aoswern C
Expaanatonn
A siinature-based monitorini or detecton method reaies on a database of siinatures or paterns of
knoen maaicious or uneanted actvityl The strenith of a siinature-based system is that it can quickay and
accurateay detect any event from its database of siinaturesl
Incorrect Anseersn
Bn An intrusion detecton system (IDS) is an automated system that either eatches actvity in reaa tme or
reviees the contents of audit aois in order to detect intrusions or security poaicy vioaatonsl
Cn A host-based IDS (HIDS) eatches the audit traias and aoi f aes of a host systeml It’s reaiabae for
Referencesn
Question 17
The neteork security eniineer just depaoyed an IDS on the neteork, but the Chief Technicaa Ofcer (CTO)
has concerns that the device is onay abae to detect knoen anomaaiesl Which of the foaaoeini types of IDS
has been depaoyede
Al Siinature Based IDS

Bl Heuristc IDS
Cl Behavior Based IDS
Dl Anomaay Based IDS
Aoswern A
Expaanatonn
A siinature based IDS eiaa monitor packets on the neteork and compare them aiainst a database of
siinatures or atributes from knoen maaicious threatsl
Incorrect Anseersn
B, Cn The technique used by anomaay-based IDS:IPS systems is aaso referred as neteork behavior anaaysis
or heuristcs anaaysisl
Dn An IDS ehich is anomaay based eiaa monitor neteork trafc and compare it aiainst an estabaished
baseainel The baseaine eiaa identfy ehat is “normaan for that neteork- ehat sort of bandeidth is
ieneraaay used, ehat protocoas are used, ehat ports and devices ieneraaay connect to each other- and
aaert the administrator or user ehen trafc is detected ehich is anomaaous, or siinifcantay diferent,
than the baseainel
Referencesn
htpsn::technetlmicrosoflcom:en-us:aibrary:dd277252laspx
htpn::enleikipedialori:eiki:Intrusion_detecton_systemoSiinature-based_IDS
htpn::enleikipedialori:eiki:Intrusion_detecton_systemoStatstcaa_anomaay-based_IDS
Question 18
Joe, the Chief Technicaa Ofcer (CTO), is concerned about nee maaeare beini introduced into the
corporate neteorkl He has tasked the security eniineers to impaement a technoaoiy that is capabae of
aaertni the team ehen unusuaa trafc is on the neteorkl Which of the foaaoeini types of technoaoiies
eiaa BEST address this scenarioe
Al Appaicaton Fireeaaa
Bl Anomaay Based IDS
Cl Proxy Fireeaaa
Dl Siinature IDS
Aoswern B
Expaanatonn
Anomaay-based detecton eatches the onioini actvity in the environment and aooks for abnormaa
occurrencesl An anomaay-based monitorini or detecton method reaies on defnitons of aaa vaaid forms of
actvityl This database of knoen vaaid actvity aaaoes the tooa to detect any and aaa anomaaiesl Anomaay-
based detecton is commonay used for protocoasl Because aaa the vaaid and aeiaa forms of a protocoa are
knoen and can be defned, any variatons from those knoen vaaid constructons are seen as anomaaiesl
Incorrect Anseersn
An An appaicaton aeare freeaaa provides faterini services for specifc appaicatonsl
Cn Proxy freeaaas are used to process requests from an outside neteork; the proxy freeaaa examines the
data and makes ruae-based decisions about ehether the request shouad be forearded or refusedl The
proxy intercepts aaa of the packets and reprocesses them for use internaaayl
Dn A siinature-based monitorini or detecton method reaies on a database of siinatures or paterns of
knoen maaicious or uneanted actvityl
Referencesn
2014, pl 98
Question 19
Mat, an administrator, notces a food fraimented packet and retransmits from an emaia serverl
Afer disabaini the TCP ofoad setni on the NIC, Mat sees normaa trafc eith packets foeini in
sequence aiainl Which of the foaaoeini utaites eas he MOST aikeay usini to viee this issuee
Al Spam fater
Bl Protocoa anaayzer
Cl Web appaicaton freeaaa
Dl Load baaancer
Aoswern B
Expaanatonn
A protocoa anaayzer is a tooa used to examine the contents of neteork trafcl Commonay knoen as a
snifer, a protocoa anaayzer can be a dedicated hardeare device or sofeare instaaaed onto a typicaa host
systeml In either case, a protocoa anaayzer is frst a packet capturini tooa that can coaaect neteork trafc
and store it in memory or onto a storaie devicel Once a packet is captured, it can be anaayzed either eith
compaex automated tooas and scripts or manuaaayl
Incorrect Anseersn
An A spam fater is a sofeare or hardeare tooa ehose primary purpose is to identfy and
baock:fater:remove uneanted messaies (that is, spam)l Spam is most commonay associated eith emaia,
but spam aaso exists in instant messaiini (IM), short messaie service (SMS), Usenet, and eeb
discussions:forums:comments:baoisl Because spam consumes about 89 percent of aaa emaia trafc (see
the Inteaaiience Reports at eeelmessaieaabslcom), it’s essentaa to fater and baock spam at every
opportunityl
Cn A eeb appaicaton freeaaa is a device, server add-on, virtuaa service, or system fater that defnes a
strict set of communicaton ruaes for a eebsite and aaa visitorsl It’s intended to be an appaicaton-specifc
freeaaa to prevent cross-site scriptni, SQL injecton, and other eeb appaicaton atacksl
Dn A aoad baaancer is used to spread or distribute neteork trafc aoad across severaa neteork ainks or
neteork devicesl
Referencesn
Steeart, James Michaea, CompTIA Security+ Reviee Guide, Sybex, Indianapoais, 2014, ppl 10, 18, 19
Question 20
Which the foaaoeini fais are used to estabaish a TCP connectone (Seaect TWO)l
Al PSH
Bl ACK
Cl SYN
Dl URG
El FIN
Aoswern B, C
Expaanatonn
To estabaish a TCP connecton, the three-eay (or 2-step) handshake occursn
SYNn The actve open is performed by the caient sendini a SYN to the serverl The caient sets the
seiment's sequence number to a random vaaue Al
SYN-ACKn In response, the server repaies eith a SYN-ACKl The acknoeaediment number is set to one
more than the received sequence number ilel A+1, and the sequence number that the server chooses for
the packet is another random number, Bl
ACKn Finaaay, the caient sends an ACK back to the serverl The sequence number is set to the received
acknoeaediement vaaue ilel A+1, and the acknoeaediement number is set to one more than the
received sequence number ilel B+1l
Incorrect Anseersn
An The PSH fai teaas the TCP stack to fush aaa bufers and send any outstandini data up to and incaudini
the data that had the PSH fai setl
Dn URG indicates that the urient pointer fead has a vaaid pointer to data that shouad be treated urientay
and be transmited before non-urient datal
En FIN is used to indicate that the caient eiaa send no more datal
Referencesn
htpn::ainuxpoisonlbaoispotlcom:2007:11:ehat-are-tcp-controa-bitslhtma
Question 21
Which of the foaaoeini components of an aaa-in-one security appaiance eouad MOST aikeay be confiured
in order to restrict access to peer-to-peer fae sharini eebsitese
Al Spam fater
Bl URL fater
Cl Content inspecton
Dl Maaeare inspecton
Aoswern B
Expaanatonn
The queston asks hoe to prevent access to peer-to-peer fae sharini eebsitesl You access a eebsite by
broesini to a URL usini a Web broeser or peer-to-peer fae sharini caient sofearel A URL fater is used
to baock URLs (eebsites) to prevent users accessini the eebsitel
Incorrect Anseern
An A spam fater is used for emaial Aaa inbound (and sometmes outbound) emaia is passed throuih the
spam fater to detect spam emaiasl The spam emaias are then discarded or taiied as potentaa spam
accordini to the spam fater confiuratonl Spam faters do not prevent users accessini peer-to-peer fae
sharini eebsitesl
Cn Content inspecton is the process of inspectni the content of a eeb paie as it is doenaoadedl The
content can then be baocked if it doesn’t compay eith the company’s eeb poaicyl Content-controa
sofeare determines ehat content eiaa be avaiaabae or perhaps more ofen ehat content eiaa be baockedl
Content inspecton does not prevent users accessini peer-to-peer fae sharini eebsites (aathouih it
couad baock the content of the sites as it is doenaoaded)l
Dn Maaeare inspecton is the process of scannini a computer system for maaearel Maaeare inspecton
does not prevent users accessini peer-to-peer fae sharini eebsitesl
Referencesn
htpn::eeelprovisionlro:threat-manaiement:eeb-appaicaton-security:ura-fateriniopaiei-1|paiep-1|
Question 22
Pete, the system administrator, eants to restrict access to advertsements, iames, and iambaini eeb
sitesl Which of the foaaoeini devices eouad BEST achieve this ioaae
Al Fireeaaa
Bl Seitch
Cl URL content fater
Dl Spam fater
Aoswern C
Expaanatonn
URL faterini, aaso knoen as eeb faterini, is the act of baockini access to a site based on aaa or part of the
URL used to request accessl URL faterini can focus on aaa or part of a fuaay quaaifed domain name
(FQDN), specifc path names, specifc faenames, specifc f ae extensions, or entre specifc URLsl Many
URL-faterini tooas can obtain updated master URL baock aists from vendors as eeaa as aaaoe
administrators to add or remove URLs from a custom aistl
Incorrect Anseersn
An The basic purpose of a freeaaa is to isoaate one neteork from anotherl Fireeaaas are avaiaabae as
appaiances, meanini they’re instaaaed as the primary device separatni teo neteorksl
Bn Seitches are muatport devices that improve neteork efciencyl
Dn A spam fater is a sofeare or hardeare tooa ehose primary purpose is to identfy and
baock:fater:remove uneanted messaies (that is, spam)l
Referencesn
2014, ppl 93, 102
Question 23
The administrator receives a caaa from an empaoyee named Joel Joe says the Internet is doen and he is
receivini a baank paie ehen typini to connect to a popuaar sports eebsitel The administrator asks Joe to
try visitni a popuaar search eniine site, ehich Joe reports as successfual Joe then says that he can iet to
the sports site on this phonel Which of the foaaoeini miiht the administrator need to confiuree
Al The access ruaes on the IDS

Bl The pop up baocker in the empaoyee’s broeser
Cl The sensitvity aevea of the spam fater
Dl The defauat baock paie on the URL fater
Aoswern D
Expaanatonn
A URL fater is used to baock access to a site based on aaa or part of a URLl There are a number of URL-
faterini tooas that can acquire updated master URL baock aists from vendors, as eeaa as aaaoe
administrators to add or remove URLs from a custom aistl
Incorrect Anseersn
An An intrusion detecton system (IDS) is an automated system that either eatches actvity in reaa tme or
reviees the contents of audit aois in order to detect intrusions or security poaicy vioaatonsl
Bn Pop-up baockers prevent eebsites from openini further eeb broeser eindoes eithout your approvaal
Cn A spam fater deaas eith identfyini and baockini:faterini:removini unsoaicited messaiesl
Referencesn
Steeart, James Michaea, CompTIA Security+ Reviee Guide, Sybex, Indianapoais, 2014, ppl 18, 19, 21, 243
Question 24
Layer 7 devices used to prevent specifc types of htma tais are caaaedn
Al Fireeaaas
Bl Content faters
Cl Routers
Dl NIDS
Aoswern B
Expaanatonn
A content fater is a is a type of sofeare desiined to restrict or controa the content a reader is authorised
to access, partcuaaray ehen used to aimit materiaa deaivered over the Internet via the Web, e-maia, or
other meansl Because the user and the OSI aayer interact directay eith the content fater, it operates at
Layer 7 of the OSI modeal
Incorrect Anseersn
A, C, Dn These devices deaa eith controaaini hoe devices in a neteork iain access to data and permission
to transmit it, as eeaa as controaaini error checkini and packet synchronizatonl It, therefore, operates at
Layer 2 of the OSI modeal
Referencesn
htpn::enleikipedialori:eiki:Content-controa_sofeareoTypes_of_faterini
htpn::enleikipedialori:eiki:OSI_modea
Question 25
Pete, an empaoyee, atempts to visit a popuaar sociaa neteorkini site but is baockedl Instead, a paie is
dispaayed notfyini him that this site cannot be visitedl Which of the foaaoeini is MOST aikeay baockini
Pete’s access to this sitee
Al Internet content fater

Bl Fireeaaa
Cl Proxy server
Dl Protocoa anaayzer
Aoswern A
Expaanatonn
Web faterini sofeare is desiined to restrict or controa the content a reader is authorised to access,
especiaaay ehen utaised to restrict materiaa deaivered over the Internet via the Web, e-maia, or other
meansl
Incorrect Anseersn
Bn The basic purpose of a freeaaa is to isoaate one neteork from anotherl
Cn A proxy server is a variaton of an appaicaton freeaaa or circuit-aevea freeaaa, and used as a middaeman
beteeen caients and serversl Ofen a proxy serves as a barrier aiainst externaa threats to internaa caientsl
Dn The terms protocoa anaayzer and packet snifer are interchanieabael They refer to the tooas used in the
process of monitorini the data that is transmited across a neteorkl
Referencesn
htpn::enleikipedialori:eiki:Content-controa_sofeare
2014, ppl 11, 93, 242
20% OFF
USE Coupen Code Save20
Thank You For Downloading SY0-401 Exam PFD

Demo
(Start Your SY0-401 Exam Prepration)

Get Updated SY0-401 Exam Dumps PFD Demo & Pass in First Attempt
Buy Full Product Visit the Link Below

https://authenticdumps.com/dumps/sy0-401/

SY0-401 Exam Dumps With Updated SY0-401 Exam Questions PDF (2018)

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

SY0-401 Exam Dumps With Updated SY0-401 Exam Questions PDF (2018)

Enviado por

Direitos autorais:

Formatos disponíveis

CompTIA

QUESTIONS & ANSWERS

Buy Full Product Here

Al A NIDS eas used in paace of a NIPSl

Al Packet Fiater Fireeaaa

Al Baock aaa trafc on port 80l

Al HIPS on each virtuaa machine

Al Siinature Based IDS

Al The access ruaes on the IDS

Al Internet content fater

Thank You For Downloading SY0-401 Exam PFD

(Start Your SY0-401 Exam Prepration)

Buy Full Product Visit the Link Below

Você também pode gostar