CompTIA Security+

Here you have the best CompTIA SY0-401 practice exam questions

You have 1780 total questions to study from
Each page has 5 questions, making a total of 356 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on December 11, 2025
This site is not affiliated with or endorsed by CompTIA.

Question 1 of 1780

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

PAT

NAP

DNAT

NAC

Correct Answer: A

Port Address Translation (PAT) is the correct configuration. PAT, also known as NAT Overload, allows multiple devices on a local network to be mapped to a single public IP address using different port numbers. This technique is used to conserve public IP addresses and is ideal for scenarios where many internal devices need to communicate with external networks using a single public IP address.

Question 2 of 1780

Which of the following devices is MOST likely being used when processing the following?
1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY

Firewall

NIPS

Load balancer

URL filter

Correct Answer: A

Question 3 of 1780

The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC companys security administrator is unable to determine the origin of the attack?

A NIDS was used in place of a NIPS.

The log is not in UTC.

The external party uses a firewall.

ABC company uses PAT.

Correct Answer: D

ABC company uses Port Address Translation (PAT), which allows multiple devices on a local network to be mapped to a single public IP address but with a different port number for each session. The log entries show the same IP address but different port numbers, implying PAT is in use. This makes it difficult for the security administrator to determine the exact origin of the attacks within the company's internal network, as the external logs only furnish the translated IP address and ports without revealing the specific internal devices involved.

Question 4 of 1780

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

Sniffer

Router

Firewall

Switch

Correct Answer: C

IP tables are a user-space utility tool in Linux that enables system administrators to configure the IP packet filter rules of the Linux kernel firewall. Through IP tables, a Linux-based computer can inspect, filter, and modify network traffic, effectively functioning as a firewall. While sniffers and switches have different roles related to packet monitoring and network segment interconnection respectively, and routers manage traffic between separate networks, the primary purpose of IP tables is aligned with firewall functionality.

Question 5 of 1780

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

Packet Filter Firewall

Stateful Firewall

Proxy Firewall

Application Firewall

Correct Answer: B