The CompTIA Security+ certification is an internationally recognized validation of foundation-level security skills and knowledge. The SY0-401 vce will certify that the successful candidate can identify risk, participate in risk mitigation activities, and provide infrastructure, application information, and operational security. Pass4itsure will prepare you for the CompTIA Security+ SY0-401 exam, including the knowledge of security controls to maintain confidentiality, integrity, and availability.
Exam Code:SY0-401 Exam Name: CompTIA Security+ Certification Exam Exam Number：200-105 ICND2 Associated Certifications：CCNA Routing & Switching Duration：90 Minutes (45-55 questions) Available Languages：English, Japanese Register：Pearson VUE Exam Policies：Read current policies and requirements Exam Tutorial：Review type of exam questions Updated:Mar 07, 2017 Q&As: 1776 Exam Information：https://www.pass4itsure.com/sy0-401.html
SY0-401 Exam Details:
Number of questions: 90
Some questions may be beta questions put in for research purposes and they aren’t graded. However, you’ll never know which ones are beta questions and which ones are graded, so you must answer each question as though it’s a valid question.
Type of Questions: Multiple choice and performance-based
Passing score: 750 on a scale of 100 to 900
If you show up and don’t answer a single question, you’ll get a score of 100. If you ace the exam, you’ll get a score of 900.
Time limit: 90 minutes
You can check this link for prices elsewhere in the world. You can buy a voucher for the exam directly from the CompTIA marketplace, or from a testing center when you register.
How to register: Pearson Vue
You can take the exam at any Pearson Vue test center. If you know of one near you, you can call them directly to register, or you can register online. This Pearson Vue site will help you locate a Pearson Vue testing center close to you.
Time to get results: You’ll know as soon as you complete the exam if you passed or not.
2017 CompTIA SY0-401 Vce (#20-27) from Pass4itsure:
SY0-401 vceQuestion No : 19Which of the following is a step in deploying a WPA2-Enterprise wireless network? A. Install a token on the authentication server B. Install a DHCP server on the authentication server C. Install an encryption key on the authentication server D. Install a digital certificate on the authentication server Answer: D Explanation:
When setting up a wireless network, you’ll find two very different modes of Wi-Fi Protected
Access (WPA) security, which apply to both the WPA and WPA2 versions.
The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK)
mode. It doesn’t require anything beyond the wireless router or access points (APs) and
uses a single passphrase or password for all users/devices.
The other is the Enterprise mode —which should be used by businesses and
organizations—and is also known as the RADIUS, 802.1X, 802.11i, or EAP mode. It
provides better security and key management, and supports other enterprise-type
functionality, such as VLANs and NAP. However, it requires an external authentication
server, called a Remote Authentication Dial In User Service (RADIUS) server to handle the
802.1X authentication of users.
To help you better understand the process of setting up WPA/WPA2-Enterprise and
802.1X, here’s the basic overall steps:
Choose, install, and configure a RADIUS server, or use a hosted service.
Create a certificate authority (CA), so you can issue and install a digital certificate onto the
RADIUS server, which may be done as a part of the RADIUS server installation and
configuration. Alternatively, you could purchase a digital certificate from a public CA, such
as GoDaddy or Verisign, so you don’t have to install the server certificate on all the clients.
If using EAP-TLS, you’d also create digital certificates for each end-user.
On the server, populate the RADIUS client database with the IP address and shared secret
for each AP.
On the server, populate user data with usernames and passwords for each end-user.
On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS
server IP address and the shared secret you created for that particular AP.
On each Wi-Fi computer and device, configure the security for WPA/WPA2-Enterprise and
set the 802.1X authentication settings.
SY0-401 vce Question No : 20 A system administrator attempts to ping a hostname and the response is
Which of the following replies has the administrator received? A. The loopback address B. The local MAC address C. IPv4 address D. IPv6 address Answer: D Explanation: IPv6 addresses are 128-bits in length. An IPv6 address is represented as eight groups of
four hexadecimal digits, each group representing 16 bits (two octets). The groups are
separated by colons (:). The hexadecimal digits are case-insensitive, but IETF
recommendations suggest the use of lower case letters. The full representation of eight 4-
digit groups may be simplified by several techniques, eliminating parts of the
SY0-401 vceQuestion No : 21 Which of the following best practices makes a wireless network more difficult to find? A. Implement MAC filtering B. UseWPA2-PSK C. Disable SSID broadcast D. Power down unused WAPs Answer: C Explanation: Network administrators may choose to disable SSID broadcast to hide their network from
unauthorized personnel. However, the SSID is still needed to direct packets to and from the
base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID
should be disabled if the network isn’t for public use.
SY0-401 vce Question No : 22 A security team has identified that the wireless signal is broadcasting into the parking lot.
To reduce the risk of an attack against the wireless network from the parking lot, which of
the following controls should be used? (Select TWO). A. Antenna placement B. Interference C. Use WEP D. Single Sign on E. Disable the SSID F. Power levels Answer: A,F Explanation: Placing the antenna in the correct position is crucial. You can then adjust the power levels
to exclude the parking lot.
SY0-401 vce Question No : 23 Which of the following wireless security technologies continuously supplies new keys for
WEP? A. TKIP B. Mac filtering C. WPA2 D. WPA Answer: A Explanation: TKIP is a suite of algorithms that works as a “wrapper” to WEP, which allows users of
legacy WLAN equipment to upgrade to TKIP without replacing hardware. TKIP uses the
original WEP programming but “wraps” additional code at the beginning and end to
encapsulate and modify it.
SY0-401 vce Question No : 24 Matt, the IT Manager, wants to create a new network available to virtual servers on the
same hypervisor, and does not want this network to be routable to the firewall. How could
this BEST be accomplished? A. Create a VLAN without a default gateway. B. Remove the network from the routing table. C. Create a virtual switch. D. Commission a stand-alone switch. Answer: C Explanation: A Hyper-V Virtual Switch implements policy enforcement for security, isolation, and service
SY0-401 vce Question No : 25 A security administrator wishes to increase the security of the wireless network. Which of
the following BEST addresses this concern? A. Change the encryption from TKIP-based to CCMP-based. B. Set all nearby access points to operate on the same channel. C. Configure the access point to use WEP instead of WPA2. D. Enable all access points to broadcast their SSIDs. Answer: A Explanation: CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This
initialization vector makes cracking a bit more difficult.
SY0-401 vce Question No : 26 Which of the following should be deployed to prevent the transmission of malicious traffic
between virtual machines hosted on a singular physical device on a network? A. HIPS on each virtual machine B. NIPS on the network C. NIDS on the network D. HIDS on each virtual machine Answer: A Explanation:
SY0-401 vce Question No : 27 Host-based intrusion prevention system (HIPS) is an installed software package which
monitors a single host for suspicious activity by analyzing events occurring within that host.
Which of the following ports would be blocked if Pete, a security administrator, wants to
deny access to websites? A. 21 B. 25 C. 80 D. 3389 Answer: C Explanation:Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web.
Latest SY0-401 CompTIA Security+ dumps
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the SY0-401 vce objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
If you have decided to participate in the CompTIA SY0-401 exam, BraindumpStudy is here. We can help you achieve your goals. We know that you need to pass your CompTIA SY0-401 vce, we promise that provide high quality exam materials for you, Which can help you through CompTIA SY0-401 exam.
This Latest SY0-401 CompTIA Security+ dumps is what IT people are very wanted. Because it will make you pass the exam easily, since then rise higher and higher on your career path.You have seen Pass4itsure Latest SY0-401 CompTIA Security+ dumps, it is time to make a choice. You SY0-401 choose other products, but you have to know that Pass4itsure SY0-401 bring you infinite interests. Only https://www.pass4itsure.com/sy0-401.html guarantee you 100% success.