Certification Exam Prep Questions For CompTIA Security+ SY0-401

QuickStartis now offering assessment questions for CompTIA Security+ SY0-401. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA Security+ SY0-401.


Arrow
 

1

The security administrator needs to configure the corporate firewall to let all public IP addresses on the firewall’s internal interface to be translated to 1 public IP-address on the same firewall’s external interface. Which of the following should they configure?

A. NAP
Incorrect.
B. DNAT
Incorrect.
C. PAT
Correct!
D. NAC
Incorrect.
2

Which of the following security devices can be replicated on a Linux-based computer using IP tables to properly handle and inspect network-based traffic?

A. Firewall
Correct!
B. Sniffer
Incorrect.
C. Router
Incorrect.
D. Switch
Incorrect.
3

Which of the following firewall type inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
Incorrect.
B. Proxy Firewall
Incorrect.
C. Application Firewall
Incorrect.
D. Stateful Firewall
Correct!
4

The Chief Information Security Officer (CISO) has mandated that al IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

A. Firewalls
Correct!
B. Sniffers
Incorrect.
C. NIDS
Incorrect.
D. Web proxies
Incorrect.
5

Which of the following network design elements allows for many internal devices to share one public IP address?

A. DNAT
Incorrect.
B. DNS
Incorrect.
C. DMZ
Incorrect.
D. PAT
Correct!
6

Which of the following is a best practice when securing a switch from physical access?

7

Which of the following devices would be MOST useful to ensure availability when there is a large number of requests on a certain website?

A. Protocol analyzer
Incorrect.
B. VPN concentrator
Incorrect.
C. Load balancer
Correct!
D. Web security gateway
Incorrect.
8

Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?

9

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

A. HIDS
Incorrect.
B. NIPS
Correct!
C. Firewall
Incorrect.
D. Spam filter
Incorrect.
10

Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?

11

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. HIDS
Incorrect.
B. HIPS
Incorrect.
C. NIPS
Correct!
D. NIDS
Incorrect.
12

An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?

A. NIDS
Incorrect.
B. HIPS
Incorrect.
C. HIDS
Incorrect.
D. NIPS
Correct!
13

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor
Incorrect.
B. Root
Incorrect.
C. Director
Incorrect.
D. Administrator
Correct!
14

Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?

A. Application Firewall
Incorrect.
B. Proxy Firewall
Incorrect.
C. Signature IDS
Incorrect.
D. Anomaly Based IDS
Correct!
15

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

A. Protocol analyzer
Correct!
B. Spam filter
Incorrect.
C. Web application firewall
Incorrect.
D. Load balancer
Incorrect.
16

Which the following flags are used to establish a TCP connection? (Select TWO).

A. PSH
Incorrect.
B. SYN
Correct!
C. ACK
Correct!
D. URG
Incorrect.
17

Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?

A. Spam filter
Incorrect.
B. URL filter
Correct!
C. Content inspection
Incorrect.
D. Malware inspection
Incorrect.
18

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling websites. Which of the following devices would BEST achieve this goal?

A. Firewall
Incorrect.
B. Switch
Incorrect.
C. URL content filter
Correct!
D. Spam filter
Incorrect.
19

Layer 7 devices used to prevent specific types of html tags are called:

A. Firewalls
Incorrect.
B. Content filters
Correct!
C. Routers
Incorrect.
D. NIDS
Incorrect.

Practice Exam - CompTIA Security+

QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.
$99.00
QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.

More Information:

  • Learning Style: On Demand
  • Learning Style: Practice Exam
  • Difficulty: Beginner
  • Course Duration: 1 Hour
  • Course Info: Download PDF
  • Certificate: See Sample

Need Training for 5 or More People?

Customized to your team's need:

  • Annual Subscriptions
  • Private Training
  • Flexible Pricing
  • Enterprise LMS
  • Dedicated Customer Success Manager

Course Information

QuickStart is now offering assessment questions for CompTIA Security+ SY0-401. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA Security+ SY0-401.

Outline

Hit button to validate captcha