401 SEC+ Exam Guaranteed Pass: Comprehensive
Solutions & In-Depth Analysis Certified for High
Academic Standards
Ann, the network administrator, is receiving reports regarding a particular wireless network
in the building. The network was implemented for specific machines issued to the
developer department, but the developers are stating that they are having connection
issues as well as slow bandwidth. Reviewing the wireless router's logs, she sees that
devices not belonging to the developers are connecting to the access point. Which of the
following would BEST alleviate the developer's reports?
A. Configure the router so that wireless access is based upon the connecting device's
hardware address.
B. Modify the connection's encryption method so that it is using WEP instead of WPA2.
C. Implement connections via secure tunnel with additional software on the developer's
computers.
D. Configure the router so that its name is not visible to devices scanning for wireless
networks. - -correct ans- -Answer: A
Explanation:
MAC addresses are also known as an Ethernet hardware address (EHA), hardware address
or physical address. Enabling MAC filtering would allow for a WAP to restrict or allow
access based on the hardware address of the device.
An organization recently switched from a cloud-based email solution to an in-house email
server. The firewall needs to be modified to allow for sending and receiving email. Which of
the following ports should be open on the firewall to allow for email traffic? (Select THREE).
A. TCP 22
B. TCP 23
C. TCP 25
D. TCP 53
,E. TCP 110
F. TCP 143
G. TCP 445 - -correct ans- -Answer: C,E,F
Explanation:
Port 25 is used by Simple Mail Transfer Protocol (SMTP) for routing e-mail between mail
servers.
Port 110 is used for Post Office Protocol v3 (POP3), which is an application-layer Internet
standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a
TCP/IP connection.
Port 143 is used by Internet Message Access Protocol (IMAP) for the management of email
messages.
A technician wants to securely collect network device configurations and statistics through
a scheduled and automated process. Which of the following should be implemented if
configuration integrity is most important and a credential compromise should not allow
interactive logons?
A. SNMPv3
B. TFTP
C. SSH
D. TLS - -correct ans- -Answer: A
Explanation:
SNMPv3 provides the following security features:
Message integrity--Ensures that a packet has not been tampered with in transit.
Authentication--Determines that the message is from a valid source.
Encryption--Scrambles the content of a packet to prevent it from being learned by an
unauthorized source.
, A security administrator is tasked with ensuring that all devices have updated virus
definition files before they are allowed to access network resources. Which of the following
technologies would be used to accomplish this goal?
A. NIDS
B. NAC
C. DLP
D. DMZ
E. Port Security - -correct ans- -Answer: B
Explanation:
Network Access Control (NAC) means controlling access to an environment through strict
adherence to and implementation of security policies
The loss prevention department has purchased a new application that allows the
employees to monitor the alarm systems at remote locations. However, the application
fails to connect to the vendor's server and the users are unable to log in. Which of the
following are the MOST likely causes of this issue? (Select TWO).
A. URL filtering
B. Role-based access controls
C. MAC filtering
D. Port Security
E. Firewall rules - -correct ans- -Answer: A,E
Explanation:
A URL filter is used to block URLs (websites) to prevent users accessing the website.
Solutions & In-Depth Analysis Certified for High
Academic Standards
Ann, the network administrator, is receiving reports regarding a particular wireless network
in the building. The network was implemented for specific machines issued to the
developer department, but the developers are stating that they are having connection
issues as well as slow bandwidth. Reviewing the wireless router's logs, she sees that
devices not belonging to the developers are connecting to the access point. Which of the
following would BEST alleviate the developer's reports?
A. Configure the router so that wireless access is based upon the connecting device's
hardware address.
B. Modify the connection's encryption method so that it is using WEP instead of WPA2.
C. Implement connections via secure tunnel with additional software on the developer's
computers.
D. Configure the router so that its name is not visible to devices scanning for wireless
networks. - -correct ans- -Answer: A
Explanation:
MAC addresses are also known as an Ethernet hardware address (EHA), hardware address
or physical address. Enabling MAC filtering would allow for a WAP to restrict or allow
access based on the hardware address of the device.
An organization recently switched from a cloud-based email solution to an in-house email
server. The firewall needs to be modified to allow for sending and receiving email. Which of
the following ports should be open on the firewall to allow for email traffic? (Select THREE).
A. TCP 22
B. TCP 23
C. TCP 25
D. TCP 53
,E. TCP 110
F. TCP 143
G. TCP 445 - -correct ans- -Answer: C,E,F
Explanation:
Port 25 is used by Simple Mail Transfer Protocol (SMTP) for routing e-mail between mail
servers.
Port 110 is used for Post Office Protocol v3 (POP3), which is an application-layer Internet
standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a
TCP/IP connection.
Port 143 is used by Internet Message Access Protocol (IMAP) for the management of email
messages.
A technician wants to securely collect network device configurations and statistics through
a scheduled and automated process. Which of the following should be implemented if
configuration integrity is most important and a credential compromise should not allow
interactive logons?
A. SNMPv3
B. TFTP
C. SSH
D. TLS - -correct ans- -Answer: A
Explanation:
SNMPv3 provides the following security features:
Message integrity--Ensures that a packet has not been tampered with in transit.
Authentication--Determines that the message is from a valid source.
Encryption--Scrambles the content of a packet to prevent it from being learned by an
unauthorized source.
, A security administrator is tasked with ensuring that all devices have updated virus
definition files before they are allowed to access network resources. Which of the following
technologies would be used to accomplish this goal?
A. NIDS
B. NAC
C. DLP
D. DMZ
E. Port Security - -correct ans- -Answer: B
Explanation:
Network Access Control (NAC) means controlling access to an environment through strict
adherence to and implementation of security policies
The loss prevention department has purchased a new application that allows the
employees to monitor the alarm systems at remote locations. However, the application
fails to connect to the vendor's server and the users are unable to log in. Which of the
following are the MOST likely causes of this issue? (Select TWO).
A. URL filtering
B. Role-based access controls
C. MAC filtering
D. Port Security
E. Firewall rules - -correct ans- -Answer: A,E
Explanation:
A URL filter is used to block URLs (websites) to prevent users accessing the website.
