Certification Exam Prep Questions For CompTIA Security+ SY0-401


QuickStartis now offering assessment questions for CompTIA Security+ SY0-401. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA Security+ SY0-401.


Arrow
 

1

The security administrator needs to configure the corporate firewall to let all public IP addresses on the firewall’s internal interface to be translated to 1 public IP-address on the same firewall’s external interface. Which of the following should they configure?

A. NAP
Incorrect.
B. DNAT
Incorrect.
C. PAT
Correct!
D. NAC
Incorrect.
2

Which of the following security devices can be replicated on a Linux-based computer using IP tables to properly handle and inspect network-based traffic?

A. Firewall
Correct!
B. Sniffer
Incorrect.
C. Router
Incorrect.
D. Switch
Incorrect.
3

Which of the following firewall type inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
Incorrect.
B. Proxy Firewall
Incorrect.
C. Application Firewall
Incorrect.
D. Stateful Firewall
Correct!
4

The Chief Information Security Officer (CISO) has mandated that al IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Firewalls
Correct!
B. Sniffers
Incorrect.
C. NIDS
Incorrect.
D. Web proxies
Incorrect.
5

Which of the following network design elements allows for many internal devices to share one public IP address?

A. DNAT
Incorrect.
B. DNS
Incorrect.
C. DMZ
Incorrect.
D. PAT
Correct!
6

Which of the following is a best practice when securing a switch from physical access?

7

Which of the following devices would be MOST useful to ensure availability when there is a large number of requests on a certain website?

A. Protocol analyzer
Incorrect.
B. VPN concentrator
Incorrect.
C. Load balancer
Correct!
D. Web security gateway
Incorrect.
8

Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?

9

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

A. HIDS
Incorrect.
B. NIPS
Correct!
C. Firewall
Incorrect.
D. Spam filter
Incorrect.
10

Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?

11

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. HIDS
Incorrect.
B. HIPS
Incorrect.
C. NIPS
Correct!
D. NIDS
Incorrect.
12

An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?

A. NIDS
Incorrect.
B. HIPS
Incorrect.
C. HIDS
Incorrect.
D. NIPS
Correct!
13

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor
Incorrect.
B. Root
Incorrect.
C. Director
Incorrect.
D. Administrator
Correct!
14

Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?

A. Application Firewall
Incorrect.
B. Proxy Firewall
Incorrect.
C. Signature IDS
Incorrect.
D. Anomaly Based IDS
Correct!
15

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

A. Protocol analyzer
Correct!
B. Spam filter
Incorrect.
C. Web application firewall
Incorrect.
D. Load balancer
Incorrect.
16

Which the following flags are used to establish a TCP connection? (Select TWO).

A. PSH
Incorrect.
B. SYN
Correct!
C. ACK
Correct!
D. URG
Incorrect.
17

Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?

A. Spam filter
Incorrect.
B. URL filter
Correct!
C. Content inspection
Incorrect.
D. Malware inspection
Incorrect.
18

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling websites. Which of the following devices would BEST achieve this goal?

A. Firewall
Incorrect.
B. Switch
Incorrect.
C. URL content filter
Correct!
D. Spam filter
Incorrect.
19

Layer 7 devices used to prevent specific types of html tags are called:

A. Firewalls
Incorrect.
B. Content filters
Correct!
C. Routers
Incorrect.
D. NIDS
Incorrect.

Practice Exam - CompTIA Security+

  • Self-Paced Learning

    Learning Style
  • Beginner

    Difficulty
  • 1 Hour

    Course Duration
  • Course Info

  • Sample Certificate

BUY INDIVIDUALLY
About Individual Course:
  • Individual course plan gives you access to this course
$0.00
$0.00
/ Each
More Information
Lab Access No
Learning Style Self-Paced Learning
Difficulty Beginner
Course Duration 1 Hour
Language English
Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account
FAQ's

Frequently Asked Questions About Virtual Instructor-Led Courses

I can't connect to my class, what are my options?

The link to the class is available upon logging in to your dashboard. If you are unable to see it, please contact our support team at 1-855-800-8240 and they will be happy to provide you the direct link via email or the dial in number.


I can't make it to attend to class. Can I reschedule?

Yes, you can reschedule your class. Please contact your Sales representative and they will arrange this for you. If you forgot his/her name, feel free to contact our support team at support@quickstart.com or 1-855-800-8240.


Will I get my certificate upon completion?

Yes. Upon completion of the course, it will be available on your course as a Trophy Icon for you to download. If you do not see this, you will need to contact support@quickstart.com with the following details so they can email you the certificate: Class Name, Class Date, Account Rep, and Your Email.


I cannot connect to my lab. Help!

Your Lab is accessible on the bottom part of your course. You will see a button that says "LAB". Just click it to launch the lab. Please note that some classes don’t need/require a LAB. You can verify with our support team by calling them at 1-855-800-8240 or by email at support@quickstart.com. You can also check with your Instructor or the Associate Instructor if your class includes one.


What is my access code for Skillpipe?

A. Not all of the classes have or require Skillpipe. If your class includes one, please check your email as you should have received one from noreply@skillpipe.com. In case you do not find it in your inbox, please check the Spam / Junk folder. For any further assistance, you can call the support at 1-855-800-8240 or contact them via email at support@quickstart.com.


I don't have audio. I can't hear the instructor.

Make sure you are using a compatible headset for your laptop or computer. If you don’t have a headset, you can use the built-in speaker of your laptop. Otherwise, you can use the dial in option by calling the dial in number provided in the class joining email. You may also contact support team for the dial in numbers associated for your training at 1-855-800-8240 or contact them via email at support@quickstart.com.


How can I reach student support?

Support can be reach via phone at 1855-800-8240; via email at support@quickstart.com or via chat support through the chat button on our website. Please note that support office hours will be from 8am-5pm CST Monday to Friday. Any concerns after office hours will be attended the following business day.

Get A Team Quote or Got Questions?

qs-compressor

Why QuickStart


  • Personalize learning based on competencies, goals & tools
  • Expert Mentoring
  • Hands on Labs & Assignments
  • AI Curated Digital Book Content
  • Adaptive Learning Paths
  • Analytics & Benchmarking
  • High certification Pass Rates – Over 200,000 people certified and more than 95% of our learners pass their certification on the first attempt

click here