Press "Enter" to skip to content

Helpful CompTIA SY0-401 PDF Security+ Exam Training Online Learning and Study Guide

exam 0

Flydumps is a website which is able to speed up your passing the CompTIA certification SY0-401 exam answers. Our CompTIA certification SY0-401 exam answers bank is produced by DumpLeader’s experts’s continuously research of outline and previous exam. When you are still struggling to prepare for passing the CompTIA certification SY0-401 pdf,  please choose DumpLeader’s latest CompTIA certification SY0-401 pdf bank, and it will brings you a lot of help.

Vendor: CompTIA
Certifications: Security+
Exam Code: SY0-401
Exam Name: CompTIA Security+ Certification Exam
Total Questions: 1776 Q&As
Updated on: Apr 13, 2017

★ NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these SY0-401 pdf instructions.

Topics include:

  • Comparing viruses, worms, and Trojans
  • Understanding backdoors and logic bombs
  • Defending against denial of service and password attacks
  • Preventing insider threats
  • Detecting social engineering attacks
  • Preventing wireless eavesdropping
  • Understanding cross-site scripting
  • Preventing SQL injection
  • Deterring attacks
  • Securing your network
  • Scanning for and assessing threats

SY0-401 pdf

♥♥Flydymps Latest and Most Accurate CompTIA SY0-401 PDF Exam Q&As  ♥♥

Question No : 28  Ann, a technician, is attempting to establish a remote terminal session to an end user’s
computer using Kerberos authentication, but she cannot connect to the destination
machine. Which of the following default ports should Ann ensure is open?
A. 22
B. 139
C. 443
D. 3389
Answer: D
Remote Desktop Protocol (RDP) uses TCP port 3389.


Question No : 29  A security administrator is segregating all web-facing server traffic from the internal network
and restricting it to a single interface on a firewall. Which of the following BEST describes
this new network?
B. Subnet
Answer: D
A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical
or logical subnetwork that contains and exposes an organization’s external-facing services
to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an
additional layer of security to an organization’s local area network (LAN); an external
network node only has direct access to equipment in the DMZ, rather than any other part of
the network. The name is derived from the term “demilitarized zone”, an area between
nation states in which military operation is not permitted.


Question No : 30  Which of the following BEST describes the weakness in WEP encryption?
A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm.
Once enough packets are captured an XOR operation can be performed and the
asymmetric keys can be derived.
B. The WEP key is stored in plain text and split in portions across 224 packets of random
Once enough packets are sniffed the IV portion of the packets can be removed leaving the
plain text key.
C. The WEP key has a weak MD4 hashing algorithm used.
A simple rainbow table can be used to generate key possibilities due to MD4 collisions.
D. The WEP key is stored with a very small pool of random numbers to make the cipher

As the random numbers are often reused it becomes easy to derive the remaining WEP
Answer: D
Explanation:SY0-401 pdf
WEP is based on RC4, but due to errors in design and implementation, WEP is weak in a
number of areas, two of which are the use of a static common key and poor implementation
of initiation vectors (IVs). When the WEP key is discovered, the attacker can join the
network and then listen in on all other wireless client communications.



Question No : 31  An administrator wants to establish a WiFi network using a high gain directional antenna
with a narrow radiation pattern to connect two buildings separated by a very long distance.
Which of the following antennas would be BEST for this situation?
A. Dipole
B. Yagi
C. Sector
D. Omni
Answer: B
A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna
consisting of multiple parallel dipole elements in a line, usually made of metal rods. It
consists of a single driven element connected to the transmitter or receiver with a
transmission line, and additional parasitic elements: a so-called reflector and one or more
directors. The reflector element is slightly longer than the driven dipole, whereas the
directors are a little shorter. This design achieves a very substantial increase in the
antenna’s directionality and gain compared to a simple dipole.



Question No : 32  A database administrator contacts a security administrator to request firewall changes for a
connection to a new internal application. The security administrator notices that the new
application uses a port typically monopolized by a virus. The security administrator denies
the request and suggests a new port or service be used to complete the application’s task.
Which of the following is the security administrator practicing in this example?
A. Explicit deny
B. Port security
C. Access control lists
D. Implicit deny
Answer: C
Traffic that comes into the router is compared to ACL entries based on the order that the
entries occur in the router. New statements are added to the end of the list. The router
continues to look until it has a match. If no matches are found when the router reaches the
end of the list, the traffic is denied. For this reason, you should have the frequently hit
entries at the top of the list. There is an implied deny for traffic that is not permitted.

Question No : 33  When performing the daily review of the system vulnerability scans of the network Joe, the
administrator, noticed several security related vulnerabilities with an assigned vulnerability
identification number. Joe researches the assigned vulnerability identification number from
the vendor website. Joe proceeds with applying the recommended solution for identified
Which of the following is the type of vulnerability described?
A. Network based
C. Signature based
D. Host based
Answer: C
A signature-based monitoring or detection method relies on a database of signatures or
patterns of known malicious or unwanted activity. The strength of a signature-based
system is that it can quickly and accurately detect any event from its database of



Question No : 34 A security administrator must implement a wireless security system, which will require
users to enter a 30 character ASCII password on their accounts. Additionally the system
must support 3DS wireless encryption.
Which of the following should be implemented?
A. WPA2-CCMP with 802.1X
D. WPA2-Enterprise
Answer: D
D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as
opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS
authentication server. This requires a more complicated setup, but provides additional
security (e.g. protection against dictionary attacks on short passwords). Various kinds of
the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be
managed centrally, and the servers that allow access to a network can verify with a
RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can
perform all authentications. This will require users to use their passwords on their user
Drag and drop the correct protocol to its default port.



Question No : 35 DRAG DROP – (Topic 1)

SY0-401 pdf


SY0-401 pdf

SY0-401 pdf

FTP uses TCP port 21.
Telnet uses port 23.
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP,
SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file
transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a
secured alternative to standard File Transfer Protocol (FTP).
SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162.
References:SY0-401 pdf
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp.
42, 45, 51

Question No : 36  A server is configured to communicate on both VLAN 1 and VLAN 12. VLAN 1
communication works fine, but VLAN 12 does not. Which of the following MUST happen
before the server can communicate on VLAN 12?
A. The server’s network switch port must be enabled for 802.11x on VLAN 12.
B. The server’s network switch port must use VLAN Q-in-Q for VLAN 12.
C. The server’s network switch port must be 802.1q untagged for VLAN 12.
D. The server’s network switch port must be 802.1q tagged for VLAN 12.
Answer: D
802.1q is a standard that defines a system of VLAN tagging for Ethernet frames. The
purpose of a tagged port is to pass traffic for multiple VLAN’s.
Incorrect Options:
A: 802.11x provides an authentication mechanism to devices wishing to attach to a LAN or
B: VLAN Q-in-Q allows multiple VLAN tags to be inserted into a single frame.
C: The purpose an untagged port is to accept traffic for a single VLAN only.



Question No : 37  Which of the following would allow the organization to divide a Class C IP address range
into several ranges?
B. Virtual LANs
D. Subnetting
Answer: D
Subnetting is a dividing process used on networks to divide larger groups of hosts into
smaller collections.

sy0-401 pdf

Security+ SY0-401 PDF Beta Questions

Your exam may have some beta sy0-401 pdf questions. They aren’t graded but instead are used to test the validity of the questions. If everyone gets a beta question correct, it’s probably too easy. If everyone gets it incorrect, there’s probably something wrong with the question. After enough people have tested a beta question, CompTIA personnel analyze it and decide if they want to add it to the test bank, and rewrite and test it as a new beta question.

See More at:

I used the blog to help me study:

Related More Informations: