PrepAway - Latest Free Exam Questions & Answers

Tag: Exam SY0-401 (update May 2nd, 2016)

Exam SY0-401: CompTIA Security+ Certification (update May 2nd, 2016)

Which of the following is the MOST likely cause of the connectivity issues?

A user of the wireless network is unable to gain access to the network. The symptoms are:
1.) Unable to connect to both internal and Internet resources

2.) The wireless icon shows connectivity but has no network access
The wireless network is WPA2 Enterprise and users must be a member of the wireless security
group to authenticate. Which of the following is the MOST likely cause of the connectivity issues?

which of the following controls should the CISO focus on in the report?

A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide
responses to a recent audit report detailing deficiencies in the organization security controls. The
CFO would like to know ways in which the organization can improve its authorization controls.
Given the request by the CFO, which of the following controls should the CISO focus on in the
report? (Select Three)

Which of the following mobile device capabilities should the user disable to achieve the stated goal?

A mobile device user is concerned about geographic positioning information being included in
messages sent between users on a popular social network platform. The user turns off the
functionality in the application, but wants to ensure the application cannot re-enable the setting

without the knowledge of the user. Which of the following mobile device capabilities should the
user disable to achieve the stated goal?

Which of the following recommendations should the penetration tester provide to the organization to better pro

An organization has hired a penetration tester to test the security of its ten web servers. The
penetration tester is able to gain root/administrative access in several servers by exploiting
vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP.
Which of the following recommendations should the penetration tester provide to the organization
to better protect their web servers in the future?

Which of the following should the security administrator do to rectify this issue?

A security engineer is faced with competing requirements from the networking group and database
administrators. The database administrators would like ten application servers on the same subnet
for ease of administration, whereas the networking group would like to segment all applications
from one another. Which of the following should the security administrator do to rectify this issue?

Which of the following assessment techniques is BEST described in the analyst’s report?

A security analyst has been asked to perform a review of an organization’s software development
lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members
evaluate and provide critical feedback of another developer’s code. Which of the following
assessment techniques is BEST described in the analyst’s report?

which of the following types of attacks?

An attacker wearing a building maintenance uniform approached a company’s receptionist asking
for access to a secure area. The receptionist asks for identification, a building access badge and
checks the company’s list approved maintenance personnel prior to granting physical access to

the secure are. The controls used by the receptionist are in place to prevent which of the following
types of attacks?


Page 167 of 168« First...102030...164165166167168