PrepAway - Latest Free Exam Questions & Answers

Which of the following MUST be implemented to support t…

A system administrator wants to ensure that only authorized devices can connect to the wired and wireless corporate system. Unauthorized devices should be
automatically be placed on a guest network. Which of the following MUST be implemented to support these requirements? (Select TWO).

PrepAway - Latest Free Exam Questions & Answers

Port security





PrepAway - Latest Free Exam Questions & Answers

48 Comments on “Which of the following MUST be implemented to support t…

  1. Peter says:

    Just took the test on may 16th, 2017 and passed. Im in the United States. A lot of these questions were on the exam. I went through this list and marked which one’s I had gotten wrong, went back and did them again. I had 6 simulation questions on my exam, and there are no simulation questions in this list. Go to this website:
    The simulation questions are the following #’s:
    These sim questions were exactly like the ones I had on my test. With answers re-arranged.
    A lot of the same questions here are on that website as well, but that website had A LOT of wrong answers.

    Anyways, You’re welcome. I wish somebody would have done all of this for me, so just passing it along.



        1. ang says:

          hi suzzy
          i think i had 6 sim questions – all of the ones that Peter listed above.
          only a handful of the v6 answers are incorrect; make sure you read the comments to make your own conclusions.
          yes, i had enough time to finish and review all of the questions i marked for review.
          good luck!


  2. MilkChewy says:

    Just got certified on Jun 16 while studying mainly on this site with SY401 v6. There were a lot of questions here appeared in the test, and the sims mentioned by Peter. One sim stumped me was setting up WPA2-Enterprise, given WAP and a few servers. You guys might want to familiarize that as well.


  3. BobbyBlue says:

    Just passed. I recommend you go through all 500 questions on here and don’t just memorize, realize. For the simulation questions I agree with Peter, most of the questions simulation questions were exactly the same as the ones he mentioned.
    good luck!


    1. unda says:

      I just took the exam and passed on 7/26/17. These questions are really helpful, and some of them did show up; your mileage may vary. Also, the specific simulation questions Peter mentioned were spot on for me.


        1. unda says:

          Not everything from this list was on my test. Yours will be different. I only looked through this list of questions, but I’m sure the other versions are good practice as well. Know the material; be able to apply it to specific scenarios. As long as you can do that, you’ll be fine. Don’t stress out!


  4. Vke says:

    Hey guys !
    I have passed my Security+ exam . Thank you all !

    There was 70 question with 2 sim.

    All questions u can find here , ther is a mixxed questions from v1,v2,v3 …etc …. also sim question exactly same that provide Peter (thank you)

    But I find some question that i have never seen before ….to avoide that situation read books .


  5. Sophia says:

    Hello, 2017 August New SY0-401 exam questions has been updated today!
    A security administrator wishes to increase the security of the wireless network. Which of the following BEST addresses this concern?

    A. Change the encryption from TKIP-based to CCMP-based.
    B. Set all nearby access points to operate on the same channel.
    C. Configure the access point to use WEP instead of WPA2.
    D. Enable all access points to broadcast their SSIDs.

    Answer: A
    CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector.
    This initialization vector makes cracking a bit more difficult.

    The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption.
    Which of the following would be configured to provide more secure connections?

    A. WEP
    B. WPA2 CCMP
    C. Disable SSID broadcast and increase power levels
    D. MAC filtering

    Answer: B
    CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector.
    This initialization vector makes cracking a bit more difficult.

    A system administrator wants to enable WPA2 CCMP.
    Which of the following is the only encryption used?

    A. RC4
    B. DES
    C. 3DES
    D. AES

    Answer: D
    Cipher Block Chaining Message Authentication Code Protocol (CCMP) makes use of 128-bit AES encryption with a 48-bit initialization vector.

    Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point?

    A. Placement of antenna
    B. Disabling the SSID
    C. Implementing WPA2
    D. Enabling the MAC filtering

    Answer: A
    You should try to avoid placing access points near metal (which includes appliances) or near the ground. Placing them in the center of the area to be served and high enough to get around most obstacles is recommended. On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided.

    A security team has identified that the wireless signal is broadcasting into the parking lot.
    To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO).

    A. Antenna placement
    B. Interference
    C. Use WEP
    D. Single Sign on
    E. Disable the SSID
    F. Power levels

    Answer: AF
    Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.

    Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls?

    A. Implement TKIP encryption
    B. Consider antenna placement
    C. Disable the SSID broadcast
    D. Disable WPA

    Answer: B
    Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical.

    Ann, a security administrator, has concerns regarding her company’s wireless network.
    The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be.
    Which of the following would BEST alleviate Ann’s concerns with minimum disturbance of current functionality for clients?

    A. Enable MAC filtering on the wireless access point.
    B. Configure WPA2 encryption on the wireless access point.
    C. Lower the antenna’s broadcasting power.
    D. Disable SSID broadcasting.

    Answer: C
    Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.

    After reviewing the firewall logs of her organization’s wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue?

    A. Reduce the power level of the AP on the network segment
    B. Implement MAC filtering on the AP of the affected segment
    C. Perform a site survey to see what has changed on the segment
    D. Change the WPA2 encryption key of the AP in the affected segment

    Answer: A
    Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.

    An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?

    A. Dipole
    B. Yagi
    C. Sector
    D. Omni

    Answer: B
    A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna consisting of multiple parallel dipole elements in a line, usually made of metal rods. It consists of a single driven element connected to the transmitter or receiver with a transmission line, and additional parasitic elements: a so-called reflector and one or more directors. The reflector element is slightly longer than the driven dipole, whereas the directors are a little shorter. This design achieves a very substantial increase in the antenna’s directionality and gain compared to a simple dipole.

    QUESTION 100
    A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed.
    Users are now reporting random wireless disconnections and slow network connectivity.
    Which of the following is the MOST likely cause?

    A. The old APs use 802.11a
    B. Users did not enter the MAC of the new APs
    C. The new APs use MIMO
    D. A site survey was not conducted

    Answer: D
    To test the wireless AP placement, a site survey should be performed.

    More new sy0-301 exam questions from:


  6. P says:

    Thank you so much everyone for all the inputs and comments. I just passed the exam yesterday in US. Special thanks to Peter for giving the sim numbers ( I got 5 out of 6 sims (32,240,507,508,930)from the ones you mentioned)on the other site. I got at least 50% questions out of this particular version. There were at least 3 to 4 Linux based questions which I am sure I got wrong because I am not familiar with the OS at all. The material I studies was CBT nugget videos and professor messer videos. Thanks again everyone for your input.


  7. John says:

    Listen everyone, I don’t work for comptia and I don’t know anyone that does but I can tell you this. I just passed my exam recently (barely) and not 1 single question from any of these dumps regardless where you get them from were on the exam except 1 and only 1 performance based question. That was it. These dumps may have worked at one time but since Comptia has cracked down on dumps you could be rest assured that you will NOT get any questions from any dumps. If you do than your lucky. Think about it, anyone can buy a membership especially someone that may work for Comptia and adjust there exams accordingly. I’ve looked just to see what was out there for myself for what one vendor was offering vs. another and guess what there all the same dumps and no good anymore. In my opinion dumps may only be good for drilling concepts and understanding of a different way of interpreting questions but don’t think those questions you will see on an exam. I know many of you may not want to hear this, but you need to study big time, the exam is hard. I’m telling you don’t waste your hard earned $$$ on these dumps. All they are, are recycled PDF’s and test engines that don’t apply anymore. I would recommend for studying material, Professor Messer from YouTube and his book, Wikipedia believe it or not, very informative and various online websites that offer quick drills for protocols and ports numbers.


  8. DaveyBoy says:

    just passed the test today. gotta say though there was very few questions from here in it. read the books over and over. the questions here did help but only because i researched the topics they related to


  9. Rod says:

    Just passed the test today. Peter’s reference to the simulation questions were spot on (although i only got 4 in total)! They were almost exactly like it.
    Before actually taking the test i would recommend going down the list of Objectives and make sure you understand each concept and how its used in a real life scenario and you should pass. Best of luck everyone, thank you for everything.



Leave a Reply