Where to find comptia security+ study guide sy0 401

we provide 100% Guarantee CompTIA comptia sy0 401 exam question which are the best for clearing comptia security+ sy0 401 pdf test, and to get certified by CompTIA CompTIA Security+ Certification. The comptia security+ get certified get ahead sy0 401 study guide Questions & Answers covers all the knowledge points of the real sy0 401 pdf exam. Crack your CompTIA comptia security+ sy0 401 pdf Exam with latest dumps, guaranteed!

Q21. Which of the following technologies can store multi-tenant data with different security requirements? 

A. Data loss prevention 

B. Trusted platform module 

C. Hard drive encryption 

D. Cloud computing 

Answer:

Explanation: 

One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security. 


Q22. A systems engineer has been presented with storage performance and redundancy requirements for a new system to be built for the company. The storage solution must be designed to support the highest performance and must also be able to support more than one drive failure. Which of the following should the engineer choose to meet these requirements? 

A. A mirrored striped array with parity 

B. A mirrored mirror array 

C. A striped array 

D. A striped array with parity 

Answer:

Explanation: 


Q23. DRAG DROP 

You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan. 

Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit. 

Answer: 

Explanation: 

References: 

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, 

Indianapolis, 2014, p 369 


Q24. Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises. 

A security technician was asked to prepare a report of files that had changed since last night’s integrity scan. 

Which of the following could the technician use to prepare the report? (Select TWO). 

A. PGP 

B. MD5 

C. ECC 

D. AES 

E. Blowfish 

F. HMAC 

Answer: B,F 

Explanation: 

B: MD5 can be used to locate the data which has changed. 

The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash 

value is used to help maintain integrity. There are several versions of MD; the most common are 

MD5, MD4, and MD2. 

F: A common method of verifying integrity involves adding a message authentication code (MAC) 

to the message. 

HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a 

symmetric key. 


Q25. After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. 

Which of the following is the MOST likely reason the PC technician is unable to ping those devices? 

A. ICMP is being blocked 

B. SSH is not enabled 

C. DNS settings are wrong 

D. SNMP is not configured properly 

Answer:

Explanation: 

ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked. 


Q26. An administrator has successfully implemented SSL on srv4.comptia.com using wildcard certificate *.comptia.com, and now wishes to implement SSL on srv5.comptia.com. Which of the following files should be copied from srv4 to accomplish this? 

A. certificate, private key, and intermediate certificate chain 

B. certificate, intermediate certificate chain, and root certificate 

C. certificate, root certificate, and certificate signing request 

D. certificate, public key, and certificate signing request 

Answer:

Explanation: 

a wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. In public-key cryptography, the receiver has a private key known only to them; a public key corresponds to it, which they make known to others. The public key can be sent to all other parties; the private key is never divulged. A symmetric algorithm requires that receivers of the message use the same private key. Thus you should copy the certificate, the private key and the intermediate certificate chain from srv4 to srv5. 


Q27. The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed? 

A. Hot and cold aisles 

B. Humidity control 

C. HVAC system 

D. EMI shielding 

Answer:

Explanation: 

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. Infrared cameras are heat detection measures thus it is hot and cold aisle design elements. 


Q28. Which of the following devices is BEST suited for servers that need to store private keys? 

A. Hardware security module 

B. Hardened network firewall 

C. Solid state disk drive 

D. Hardened host firewall 

Answer:

Explanation: 

A hardware security module (HSM) is a physical computing device that safeguards and manages 

digital keys for strong authentication and provides cryptoprocessing. 

By adding a HSM to the server and storing the private keys on HSM, the security of the keys 

would be improved. 


Q29. Which of the following is the BEST reason for placing a password lock on a mobile device? 

A. Prevents an unauthorized user from accessing owner's data 

B. Enables remote wipe capabilities 

C. Stops an unauthorized user from using the device again 

D. Prevents an unauthorized user from making phone calls 

Answer:

Explanation: 


Q30. Key elements of a business impact analysis should include which of the following tasks? 

A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes. 

B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates. 

C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management. 

D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential. 

Answer:

Explanation: 

The key components of a Business impact analysis (BIA) include: Identifying Critical Functions Prioritizing Critical Business Functions Calculating a Timeframe for Critical Systems Loss Estimating the Tangible and Intangible Impact on the Organization