Exam Code: security+ sy0 401 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass sy0 401 practice test Exam.
Q371. Which of the following is best practice to put at the end of an ACL?
A. Implicit deny
B. Time of day restrictions
C. Implicit allow
D. SNMP string
An implicit deny clause is implied at the end of each ACL. This implies that if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. The implicit deny clause is set by the system.
Q372. Which of the following is BEST carried out immediately after a security breach is discovered?
A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management
Incident management is the steps followed when security incident occurs.
Q373. Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).
Explanation: NetBIOS provides four distinct services:
Name service for name registration and resolution (port: 137/udp)
Name service for name registration and resolution (port: 137/tcp)
Datagram distribution service for connectionless communication (port: 138/udp)
Session service for connection-oriented communication (port: 139/tcp)
Q374. Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?
A. Sign in and sign out logs
C. Video surveillance
Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open. Mantraps are in most cases also combined with guards. This is the most physical protection any one measure will provide.
Q375. After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?
B. Proximity readers
C. Video surveillance
To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures. Bollards are physical barriers that are strong enough to withstand impact with a vehicle.
Q376. An administrator configures all wireless access points to make use of a new network certificate authority. Which of the following is being used?
The majority of the EAP-TLS implementations require client-side X.509 certificates without giving the option to disable the requirement.
Q377. A Human Resources user is issued a virtual desktop typically assigned to Accounting employees. A system administrator wants to disable certain services and remove the local accounting groups installed by default on this virtual machine. The system administrator is adhering to which of the following security best practices?
A. Black listing applications
B. Operating System hardening
C. Mandatory Access Control
D. Patch Management
Q378. To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?
controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection.
Q379. Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?
HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key. The hashing function provides data integrity, while the symmetric key provides authenticity.
Q380. Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective?
A. Password reuse
C. Social engineering
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. This should be prevented in this case.
To know more about the SY0-401, click here.