Latest CompTIA JK0-018 Real Exam Download 281-300

Ensurepass

QUESTION 281

Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).

A. Virtual switch

B. NAT

C. System partitioning

D. Access-list

E. Disable spanning tree

F. VLAN

Correct Answer: AF


QUESTION 282

Sara, an IT manager, wants to change the firewall rules to allow RemoteOfficeB to connect to the corporate network using SSH. Which of the following rules would only allow necessary access?

A. Permit RemoteOfficeB any port 69

B. Permit RemoteOfficeB any all

C. Permit RemoteOfficeB any port 22

D. Permit any corporate port 443

Correct Answer: C


QUESTION 283

Which of the following attacks is characterized by someone following a staff member who is entering a corporate facility?

A. Evil twin

B. Tailgating

C. Shoulder surfing

D. Impersonation

Correct Answer: B


QUESTION 284

Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts?

A. Two factor authentication

B. Identification and authorization

C. Single sign-on

D. Single factor authentication

Correct Answer: A


QUESTION 285

Jane, a corporate user, is trying to secure her laptop from drive-by download before she leaves for a

computer conference. Which of the following should be installed to keep Jane’s laptop secure from these attacks?

A. Full disk encryption

B. Host based firewall

C. Antivirus system

D. Network based firewall

Correct Answer: C


QUESTION 286

Which of the following detection methods may generate an alert when Matt, an employee, accesses a server during non-business hours?

A. Signature

B. Time of Day restrictions

C. Heuristic

D. Behavioral

Correct Answer: D


QUESTION 287

Which of the following data is typically left unencrypted in software based full disk encryption?

A. OS registry

B. Extended partition

C. BIOS

D. MBR

Correct Answer: D


QUESTION 288

Which of the following is an authentication service that uses symmetrical keys and tickets?

A. RADIUS

B. TACACS+

C. Kerberos

D. LDAP

Correct Answer: C


QUESTION 289

Which of the following application attacks is identified by use of the <SCRIPT> tag?

A. XSS

B. Buffer overflow

C. Directory traversal

D. Zero day

Correct Answer: A


QUESTION 290

Jane, a security architect, is working on setting up a secure email solution between internal employees and external customers. Which of the following would BEST meet her goal?

A. Public key infrastructure

B. Key escrow

C. Internal certificate authority

D. Certificate revocation list

Correct Answer: A


QUESTION 291

Which of the following allows multiple internal IP addresses to be mapped to one specific external IP address?

A. VLAN

B. NAT

C. NAC

D. PAT

Correct Answer: B


QUESTION 292

Which of the following would Jane, a security administrator, use to encrypt transmissions from streaming video transmissions, keeping in mind that each bit must be encrypted as it comes across the network?

A. IDEA

B. AES

C. RC4

D. 3DES

Correct Answer: C


QUESTION 293

Matt, a user, finds a flash drive in the parking lot and decides to see what is on it by using his company laptop. A few days later Matt reports his laptop is running slow and is unable to perform simple tasks. The security administrator notices several unauthorized applications have been installed. CPU usage is unusually high, and a collection of screenshots of Matt’s recent activity has been transmitted over the network .This is an example of which of the following?

A. Backdoor

B. Logic bomb

C. Rootkit

D. Spyware

Correct Answer: D


QUESTION 294

Pete, the security administrator, found that several of the company’s workstations are infected with a program aimed at stealing users’ cookies and reporting them back to the malicious user. Which of the following attack types is the malicious user MOST likely to carry out with this information?

A. Man-in-the-middle

B. Session hijacking

C. Command injection

D. Trojan infection

Correct Answer: B


QUESTION 295

Sara, a security administrator, is implementing remote management for network infrastructure using SNMP. Which of the following statements is true about SNMP?

A. Read communities allow write permissions

B. Relays mail based on domain keys and access headers

C. SNMP communities are encrypted using PKI

D. Write communities allow both read and write permissions

Correct Answer: D


QUESTION 296

Which of the following mitigation techniques is Pete, a security administrator, MOST likely to implement after the software has been released to the public?

A. Error and exception handling

B. Fuzzing

C. Secure coding

D. Patch management

Correct Answer: D


QUESTION 297

Which of the following BEST defines risk?

A. A threat will have a larger impact than anticipated

B. Remediation of a known vulnerability is cost prohibitive

C. A degree of probability of loss

D. A user leaves a system unsecure

Correct Answer: C


QUESTION 298

Companies allowing remote access to internal systems or systems containing sensitive data should provide access using:

A. dial-up or broadband networks using passwords.

B. wireless networks using WPA encryption.

C. VPN with two factor authentication.

D. carrier based encrypted data networks

Correct Answer: C


QUESTION 299

Which of the following is the proper order for incident response?

A. Detection, preparation, containment, eradication, recovery

B. Preparation, detection, containment, eradication, recovery

C. Preparation, detection, recovery, eradication, containment

D. Detection, containment, eradication, recovery, preparation

Correct Answer: B


QUESTION 300

Which of the following is considered the MOST secure wireless encryption measure to implement?

A. TKIP

B. CCMP

C. WPA2

D. WEP

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.