[PDF&VCE]Braindump2go Latest SY0-401 VCE Free Guarantee 100% Pass (101-110)

COMPTIA NEWS: SY0-401 Exam Questions has been Updated Today! Get Latest SY0-401 VCE and SY0-401 PDF Instantly! Welcome to Download the Newest Braindump2go SY0-401 VCE&SY0-401 PDF Dumps: http://www.braindump2go.com/sy0-401.html (1220 Q&As)

All Latest Updated Questions and Answers in Braindump2go SY0-401 Exam Dumps will not take you a lot of time to comprehend and you can easily cover up the entire CompTIA SY0-401 syllabus for your examination.Download Braindump2go Free SY0-401 Sample Questions Now, Pass SY0-401 Exam in advance!

Exam Code: SY0-401
Exam Name: CompTIA Security+
Certification Provider: CompTIA
Corresponding Certification: CompTIA Security+

SY0-401 Dump,SY0-401 PDF,SY0-401 VCE,SY0-401 Braindump,SY0-401 Study Guide,SY0-401 Study Guide PDF,SY0-401 Objectives,SY0-401 Practice Test,SY0-401 Practice Exam,SY0-401 Performance Based Questions,SY0-401 Exam Questions,SY0-401 Exam Dumps,SY0-401 Exam PDF,SY0-401 Dumps Free,SY0-401 Dumps PDF

QUESTION 101
Three of the primary security control types that can be implemented are.

A.    Supervisory, subordinate, and peer.
B.    Personal, procedural, and legal.
C.    Operational, technical, and management.
D.    Mandatory, discretionary, and permanent.

Answer: C
Explanation:
The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.

QUESTION 102
Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device?

A.    Authentication
B.    Blacklisting
C.    Whitelisting
D.    Acceptable use policy

Answer: C
Explanation:
White lists are closely related to ACLs and essentially, a white list is a list of items that are allowed.

QUESTION 103
To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?

A.    Management
B.    Administrative
C.    Technical
D.    Operational

Answer: C
Explanation:
controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection.

QUESTION 104
Which of the following is a management control?

A.    Logon banners
B.    Written security policy
C.    SYN attack prevention
D.    Access Control List (ACL)

Answer: B
Explanation:
Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment; and written security policy falls in this category.

QUESTION 105
Which of the following can result in significant administrative overhead from incorrect reporting?

A.    Job rotation
B.    Acceptable usage policies
C.    False positives
D.    Mandatory vacations

Answer: C
Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. This causes a significant administrative overhead because the reporting is what results in the false positives.

QUESTION 106
A vulnerability scan is reporting that patches are missing on a server.
After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?

A.    Application hardening
B.    False positive
C.    Baseline code review
D.    False negative

Answer: B
Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

QUESTION 107
Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast packets from the switches on the network. After investigation, she discovers that this is normal activity for her network. Which of the following BEST describes these results?

A.    True negatives
B.    True positives
C.    False positives
D.    False negatives

Answer: C
Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

QUESTION 108
Which of the following is an example of a false negative?

A.    The IDS does not identify a buffer overflow.
B.    Anti-virus identifies a benign application as malware.
C.    Anti-virus protection interferes with the normal operation of an application.
D.    A user account is locked out after the user mistypes the password too many times.

Answer: A
Explanation:
With a false negative, you are not alerted to a situation when you should be alerted.

QUESTION 109
A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?

A.    Command shell restrictions
B.    Restricted interface
C.    Warning banners
D.    Session output pipe to /dev/null

Answer: C
Explanation:
Within Microsoft Windows, you have the ability to put signs (in the form of onscreen pop-up banners) that appear before the login telling similar information–authorized access only, violators will be prosecuted, and so forth. Such banners convey warnings or regulatory information to the user that they must “accept” in order to use the machine or network.
You need to make staff aware that they may legally be prosecuted and a message is best given via a banner so that all staff using workstation will get notification.

QUESTION 110
Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).

A.    Acceptable use policy
B.    Risk acceptance policy
C.    Privacy policy
D.    Email policy
E.    Security policy

Answer: AC
Explanation:
Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.


SY0-401 Updated Questions are 2015 Latest Released Which 100% will Meet in Your SY0-401 Test! Braindump2go New Released SY0-401 Exam Dumps Contain All New Added Questions Which Will Help you Have A Totally Success in 2015 New Tear! Download our 100% Pass Guaranteed SY0-401 Exam Dumps Full Version, special 10% Off Discount enjoyed!


FREE DOWNLOAD: NEW UPDATED SY0-401 PDF Dumps & SY0-401 VCE Dumps from Braindump2go: http://www.braindump2go.com/sy0-401.html (1220 Q&A)

         

Braindump2go Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99/$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back