Certification Exam Prep Questions For CompTIA Security+ SY0-401

Name: Practice Exam - CompTIA Security+
SKU: Practice Exam - CompTIA Security+
Price: 109 USD
Availability: InStock

QuickStartis now offering assessment questions for CompTIA Security+ SY0-401. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA Security+ SY0-401.

The security administrator needs to configure the corporate firewall to let all public IP addresses on the firewall’s internal interface to be translated to 1 public IP-address on the same firewall’s external interface. Which of the following should they configure?

A. NAP: Incorrect.

B. DNAT: Incorrect.

C. PAT: Correct!

D. NAC: Incorrect.

Which of the following security devices can be replicated on a Linux-based computer using IP tables to properly handle and inspect network-based traffic?

A. Firewall: Correct!

B. Sniffer: Incorrect.

C. Router: Incorrect.

D. Switch: Incorrect.

Which of the following firewall type inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall: Incorrect.

B. Proxy Firewall: Incorrect.

C. Application Firewall: Incorrect.

D. Stateful Firewall: Correct!

The Chief Information Security Officer (CISO) has mandated that al IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Firewalls: Correct!

B. Sniffers: Incorrect.

C. NIDS: Incorrect.

D. Web proxies: Incorrect.

Which of the following network design elements allows for many internal devices to share one public IP address?

A. DNAT: Incorrect.

B. DNS: Incorrect.

C. DMZ: Incorrect.

D. PAT: Correct!

Which of the following is a best practice when securing a switch from physical access?

A. Disable unused ports: Correct!

B. Disable unnecessary accounts: Incorrect.

C. Print baseline configuration: Incorrect.

D. Enable access lists: Incorrect.

Which of the following devices would be MOST useful to ensure availability when there is a large number of requests on a certain website?

A. Protocol analyzer: Incorrect.

B. VPN concentrator: Incorrect.

C. Load balancer: Correct!

D. Web security gateway: Incorrect.

Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?

A. Install a proxy server.: Correct!

B. Block all traffic on port 80.: Incorrect.

C. Implement NIDS.: Incorrect.

D. Use server load balancers.: Incorrect.

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

A. HIDS: Incorrect.

B. NIPS: Correct!

C. Firewall: Incorrect.

D. Spam filter: Incorrect.

Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?

A. NIPS on the network: Incorrect.

B. NIDS on the network: Incorrect.

C. HIDS on each virtual machine: Incorrect.

D. HIPS on each virtual machine: Correct!

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. HIDS: Incorrect.

B. HIPS: Incorrect.

C. NIPS: Correct!

D. NIDS: Incorrect.

An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?

A. NIDS: Incorrect.

B. HIPS: Incorrect.

C. HIDS: Incorrect.

D. NIPS: Correct!

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor: Incorrect.

B. Root: Incorrect.

C. Director: Incorrect.

D. Administrator: Correct!

Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?

A. Application Firewall: Incorrect.

B. Proxy Firewall: Incorrect.

C. Signature IDS: Incorrect.

D. Anomaly Based IDS: Correct!

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

A. Protocol analyzer: Correct!

B. Spam filter: Incorrect.

C. Web application firewall: Incorrect.

D. Load balancer: Incorrect.

Which the following flags are used to establish a TCP connection? (Select TWO).

A. PSH: Incorrect.

B. SYN: Correct!

C. ACK: Correct!

D. URG: Incorrect.

Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?

A. Spam filter: Incorrect.

B. URL filter: Correct!

C. Content inspection: Incorrect.

D. Malware inspection: Incorrect.

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling websites. Which of the following devices would BEST achieve this goal?

A. Firewall: Incorrect.

B. Switch: Incorrect.

C. URL content filter: Correct!

D. Spam filter: Incorrect.

Layer 7 devices used to prevent specific types of html tags are called:

A. Firewalls: Incorrect.

B. Content filters: Correct!

C. Routers: Incorrect.

D. NIDS: Incorrect.

Practice Exam - CompTIA Security+

Be the first to review this course

Self-Paced

Learning Style

Practice Exam

Learning Style

Beginner

Difficulty

1 Hour

Course Duration

Course Info

Download PDF

Certificate

See Sample

Buy Individually Timezone

tab
About Individual Course: Individual course plan gives you access to this course $109.00 / Each

Outline

More Information

More Information
Lab Access	No
Learning Style	Self-Paced Learning
Learning Type	Practice Exam
Difficulty	Beginner
Course Duration	1 Hour
Language	English

Financing

Monthly Payments With Affirm

QuickStart and Affirm have teamed up to offer you financing, allowing you to pay off your purchase over time, on your own terms. Simply select Affirm in checkout, and you will need to take a few moments to fill out some information for a real-time decision. Checking your eligibility and terms won't affect your credit score. Once you are qualified, you will have the option to choose from 3, 6, 12, 18 or 26-month financing terms*, with each term clearly showing your monthly payment. No hidden fees or costs! it's that simple!

Rates are between 0-30% APR. As an example, a $700 purchase might cost $63.24/mo for 12 months at 15% APR. A down payment may be required. Subject to eligibility check and approval. Payment options depend on your purchase amount. Estimated payment excluded taxes and shipping fees. Paid interest is nonrefundable. Actual terms may vary. Payment options through Affirm are provided by these lending partners: affirm.com/lenders. Visit affirm.com/help for more info.

Reviews

Write Your Own Review

Only registered users can write reviews. Please Sign in or create an account

Ask A Question