Latest CompTIA JK0-018 Real Exam Download 221-240

Ensurepass

QUESTION 221

A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company’s wireless network? (Select TOO).

A. Static IP addresses

B. Wireless encryption

C. MAC filtering

D. Antenna placement

E. Power levels

Correct Answer: DE


QUESTION 222

Pete is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?

A. Network firewall

B. Port 25 restriction

C. Spam fitters

D. URL filters

Correct Answer: C


QUESTION 223

Which of the following network devices will prevent port scans?

A. Firewall

B. Load balancers

C. NIDS

D. Sniffer

Correct Answer: A


QUESTION 224

Which of the following multifactor authentication methods uses biometrics?

A. Somewhere you are

B. Something you have

C. Something you know

D. Something you are

Correct Answer: D


QUESTION 225

Marketing creates a new folder and requests the following access be assigned:

Sales Department – Read Marketing Department – Full Control Inside Sales – Read Write

This is an example of which of the following?

A. RBAC

B. MAC

C. RSA

D. DAC

Correct Answer: A


QUESTION 226

Sara, the software security engineer, is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help Sara automate this detection?

A. Input validation

B. Exception handling

C. Fuzzing

D. Code review

Correct Answer: C


QUESTION 227

Which of the following control types is video monitoring?

A. Detective

B. Management

C. Preventative

D. Access

Correct Answer: A


QUESTION 228

Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something

happens to Pete?

A. Succession planning

B. Disaster recovery

C. Separation of duty

D. Removing single loss expectancy

Correct Answer: A


QUESTION 229

Which of the following allows a server to request a website on behalf of Jane, a user?

A. Sniffers

B. Proxies

C. Load balancers

D. Firewall

Correct Answer: B


QUESTION 230

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential- type authentication method BEST fits these requirements?

A. EAP-TLS

B. EAP-FAST

C. PEAP-CHAP

D. PEAP-MSCHAPv2

Correct Answer: D


QUESTION 231

Sara, a security administrator, has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?

A. Install both the private and the public key on the client machine.

B. Install both the private and the public key on the web server.

C. Install the public key on the web server and the private key on the client machine.

D. Install the public key on the client machine and the private key on the web server.

Correct Answer: B


QUESTION 232

Pete, a security administrator, would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of the following is this an example of?

A. Risk avoidance

B. Risk deterrence

C. Risk acceptance

D. Risk transference

Correct Answer: D


QUESTION 233

Matt, a security administrator, needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Matt to change the configurations?

A. 23

B. 125

C. 143

D. 3389

Correct Answer: A


QUESTION 234

The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?

A. Analyze the vulnerability results from the scan.

B. Mitigate risk and develop a maintenance plan.

C. Ignore risk and document appropriately to address at a later time.

D. Transfer risk to web application developers.

Correct Answer: B


QUESTION 235

Which of the following elements makes up the standard equation used to define risk? (Select TWO).

A. Confidence

B. Reproducibility

C. Impact

D. Likelihood

E. Exploitability

Correct Answer: CD


QUESTION 236

Matt’s CRL is over six months old. Which of the following could Matt do in order to ensure he has the current information? (Select TWO).

A. Update the CRL

B. Change the trust model

C. Deploy a key escrow

D. Query the intermediate CA

E. Deploy a recovery agent

F. Deploy OCSP

Correct Answer: AF


QUESTION 237

Matt, the security administrator, notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks on to the database?

A. OS hardening

B. Application patch management

C. Error and exception handling

D. Input validation

Correct Answer: D


QUESTION 238

Jane’s guest, Pete, comes to her office to meet her for lunch. She uses her encoded badge to enter, and

he follows in behind her. This is an example of which of the following?

A. Tailgating

B. Least privilege

C. Whaling

D. Vishing

Correct Answer: A


QUESTION 239

A vulnerability has been found in a service that is unnecessary for the corporate environment. Which of the following is the BEST way to mitigate this vulnerability?

A. Issue a hotfix to lower the vulnerability risk on the network

B. Issue a group policy to disable the service on the network.

C. Issue a service pack to ensure the service is current with all available patches

D. Issue a patch to ensure the service has a lower level of risk if compromised.

Correct Answer: B


QUESTION 240

Broadcast traffic is having a negative impact on network performance. Which of the following might help minimize this issue?

A. Use NAT to hide the IPs of each of the workstations.

B. Separate the network onto a number of different switches.

C. Separate the network into a number of different VLANs.

D. Route all the Unicast traffic through the proxy server.

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.