Latest CompTIA JK0-018 Real Exam Download 361-380

Ensurepass

QUESTION 361

Certificates are used for: (Select TWO).

A. client authentication

B. WEP encryption

C. access control lists

D. code signing

E. password hashing

Correct Answer: AD


QUESTION 362

Which of the following is a hardware based encryption device?

A. EFS

B. TrueCrypt

C. TPM

D. SLE

Correct Answer: C


QUESTION 363

Which of the following BEST describes a protective countermeasure for SQL injection?

A. Eliminating cross-site scripting vulnerabilities

B. Installing an IDS to monitor network traffic

C. Validating user input in web applications

D. Placing a firewall between the Internet and database servers

Correct Answer: C


QUESTION 364

Which of the following MOST interferes with network-based detection techniques?

A. Mime-encoding

B. SSL

C. FTP

D. Anonymous email accounts

Correct Answer: B


QUESTION 365

A certificate authority takes which of the following actions in PKI?

A. Signs and verifies all infrastructure messages

B. Issues and signs all private keys

C. Publishes key escrow lists to CRLs

D. Issues and signs all root certificates

Correct Answer: D


QUESTION 366

Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?

A. Malicious code on the local system

B. Shoulder surfing

C. Brute force certificate cracking

D. Distributed dictionary attacks

Correct Answer: A


QUESTION 367

Separation of duties is often implemented between developers and administrators in order to separate which of the following?

A. More experienced employees from less experienced employees

B. Changes to program code and the ability to deploy to production

C. Upper level management users from standard development employees

D. The network access layer from the application access layer

Correct Answer: B


QUESTION 368

A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?

A. The request needs to be sent to the incident management team.

B. The request needs to be approved through the incident management process.

C. The request needs to be approved through the change management process.

D. The request needs to be sent to the change management team.

Correct Answer: C


QUESTION 369

Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described?

A. Phishing

B. Tailgating

C. Pharming

D. Vishing

Correct Answer: D


QUESTION 370

The security administrator wants each user to individually decrypt a message but allow anybody to encrypt it. Which of the following MUST be implemented to allow this type of authorization?

A. Use of CA certificate

B. Use of public keys only

C. Use of private keys only

D. Use of public and private keys

Correct Answer: D


QUESTION 371

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?

A. Account lockout policy

B. Account password enforcement

C. Password complexity enabled

D. Separation of duties

Correct Answer: D


QUESTION 372

An employee is granted access to only areas of a network folder needed to perform their job. Which of the following describes this form of access control?

A. Separation of duties

B. Time of day restrictions

C. Implicit deny

D. Least privilege

Correct Answer: D


QUESTION 373

A CRL is comprised of:

A. malicious IP addresses

B. trusted CA’s

C. untrusted private keys

D. public keys

Correct Answer: D


QUESTION 374

Which of the following may significantly reduce data loss if multiple drives fail at the same time?

A. Visualization

B. RAID

C. Load balancing

D. Server clustering

Correct Answer: B


QUESTION 375

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

A. CCTV

B. Environmental monitoring

C. Multimode fiber

D. EMI shielding

Correct Answer: D


QUESTION 376

To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?

A. Management

B. Administrative

C. Technical

D. Operational

Correct Answer: C


QUESTION 377

Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO).

A.

10.4.4.125

B.

10.4.4.158

C.

10.4.4.165

D.

10.4.4.189

E.

10.4.4.199

Correct Answer: CD


QUESTION 378

Which of the following algorithms has well documented collisions? (Select TWO).

A. AES

B. MD5

C. SHA

D. SHA-256

E. RSA

Correct Answer: BC


QUESTION 379

Jane, the security administrator, needs to be able to test malicious code in an environment where it will not harm the rest of the network. Which of the following would allow Jane to perform this kind of testing?

A. Local isolated environment

B. Networked development environment

C. Infrastructure as a Service

D. Software as a Service

Correct Answer: A


QUESTION 380

A company is sending out a message to all users informing them that all internal messages need to be digitally signed. This is a form of which of the following concepts?

A. Availability

B. Non-repudiation

C. Authorization

D. Cryptography

Correct Answer: B

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.