2016/08 SY0-401: CompTIA Security+ Certification Exam Questions New Updated Today!

Free Instant Download SY0-401 Exam Dumps(PDF & VCE) 1867Q&As from Braindump2go.com!
100% Real Exam Questions!     100% Exam Pass Guaranteed!

NEW QUESTION 61 – NEW QUESTION 70:

1.|2016/08 SY0-401 Exam Dumps(PDF & VCE) 1867Q&As Download:http://www.braindump2go.com/sy0-401.html

2.|2016/08 SY0-401 Exam Questions & Answers:https://drive.google.com/folderview?id=0B75b5xYLjSSNTldvc1ZkQlNUc0k&usp=sharing

QUESTION 61
Which of the following technologies can store multi-tenant data with different security requirements?

A.    Data loss prevention
B.    Trusted platform module
C.    Hard drive encryption
D.    Cloud computing

Answer: D
Explanation:
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

QUESTION 62
Multi-tenancy is a concept found in which of the following?

A.    Full disk encryption
B.    Removable media
C.    Cloud computing
D.    Data loss prevention

Answer: C
Explanation:
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

QUESTION 63
Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

A.    Protocol filter
B.    Load balancer
C.    NIDS
D.    Layer 7 firewall

Answer: D
Explanation:
An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted.
This type of firewall operates at the Application layer (Layer 7) of the OSI model.

QUESTION 64
Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of:

A.    Redundant systems.
B.    Separation of duties.
C.    Layered security.
D.    Application control.

Answer: C
Explanation:
Layered security is the practice of combining multiple mitigating security controls to protect resources and data.

QUESTION 65
A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

A.    IPsec
B.    SFTP
C.    BGP
D.    PPTP

Answer: A
Explanation:
Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.
L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

QUESTION 66
Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host?

A.    TCP port 443 and IP protocol 46
B.    TCP port 80 and TCP port 443
C.    TCP port 80 and ICMP
D.    TCP port 443 and SNMP

Answer: B
Explanation:
HTTP and HTTPS, which uses TCP port 80 and TCP port 443 respectively, is necessary for Communicating with Web servers. It should therefore be allowed through the firewall.

QUESTION 67
Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?

A.    21/UDP
B.    21/TCP
C.    22/UDP
D.    22/TCP

Answer: D
Explanation:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.

QUESTION 68
A network administrator is asked to send a large file containing PII to a business associate.
Which of the following protocols is the BEST choice to use?

A.    SSH
B.    SFTP
C.    SMTP
D.    FTP

Answer: B
Explanation:
SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server.

QUESTION 69
Which of the following is a difference between TFTP and FTP?

A.    TFTP is slower than FTP.
B.    TFTP is more secure than FTP.
C.    TFTP utilizes TCP and FTP uses UDP.
D.    TFTP utilizes UDP and FTP uses TCP.

Answer: D
Explanation:
FTP employs TCP ports 20 and 21 to establish and maintain client-to-server communications, whereas TFTP makes use of UDP port 69.

QUESTION 70
Which of the following is the default port for TFTP?

A.    20
B.    69
C.    21
D.    68

Answer: B
Explanation:
TFTP makes use of UDP port 69.


!!!RECOMMEND!!!

1.|2016/08 SY0-401 PDF Dumps & VCE Dumps 1867Q&As Download:

http://www.braindump2go.com/sy0-401.html

 

2.|2016/08 SY0-401 Questions & Answers:

 https://drive.google.com/folderview?id=0B75b5xYLjSSNTldvc1ZkQlNUc0k&usp=sharing