Latest CompTIA JK0-018 Real Exam Download 381-400

Ensurepass

QUESTION 381

Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?

A. SSLv2

B. SSHv1

C. RSA

D. TLS

Correct Answer: D


QUESTION 382

Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

A. Incident management

B. Clean desk policy

C. Routine audits

D. Change management

Correct Answer: D


QUESTION 383

A server containing critical data will cost the company $200/hour if it were to be unavailable due to DoS attacks. The security administrator expects the server to become unavailable for a total of two days next year. Which of the following is true about the ALE?

A. The ALE is $48.

B. The ALE is $400.

C. The ALE is $4,800.

D. The ALE is $9,600.

Correct Answer: D


QUESTION 384

To reduce an organization’s risk exposure by verifying compliance with company policy, which of the following should be performed periodically?

A. Qualitative analysis

B. Quantitative analysis

C. Routine audits

D. Incident management

Correct Answer: C


QUESTION 385

Which of the following is a difference between TFTP and FTP?

A. TFTP is slower than FTP.

B. TFTP is more secure than FTP.

C. TFTP utilizes TCP and FTP uses UDP.

D. TFTP utilizes UDP and FTP uses TCP.

Correct Answer: D


QUESTION 386

A system administrator decides to use SNMPv3 on the network router in AuthPriv mode. Which of the following algorithm combinations would be valid?

A. AES-RC4

B. 3DES-MD5

C. RSA-DSA

D. SHA1-HMAC

Correct Answer: B


QUESTION 387

Which of the following are encryption algorithms that can use a 128-bit key size? (Select TWO).

A. AES

B. RC4

C. Twofish

D. DES

E. SHA2

Correct Answer: AC


QUESTION 388

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

A. Spam filter

B. Protocol analyzer

C. Web application firewall

D. Load balancer

Correct Answer: B


QUESTION 389

Which of the following specifications would Sara, an administrator, implement as a network access control?

A. 802.1q B. 802.3 C. 802.11n D. 802.1x

Correct Answer: D


QUESTION 390

Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?

A. Whaling

B. Impersonation

C. Privilege escalation

D. Spear phishing

Correct Answer: A


QUESTION 391

Which of the following defines when Pete, an attacker, attempts to monitor wireless traffic in order to perform malicious activities?

A. XSS

B. SQL injection

C. Directory traversal

D. Packet sniffing

Correct Answer: D


QUESTION 392

Which of the following provides the MOST protection against zero day attacks via email attachments?

A. Anti-spam

B. Anti-virus

C. Host-based firewalls

D. Patch management

Correct Answer: A


QUESTION 393

Which of the following access controls enforces permissions based on data labeling at specific levels?

A. Mandatory access control

B. Separation of duties access control

C. Discretionary access control

D. Role based access control

Correct Answer: A


QUESTION 394

A username provides which of the following?

A. Biometrics

B. Identification

C. Authorization

D. Authentication

Correct Answer: B


QUESTION 395

Use of group accounts should be minimized to ensure which of the following?

A. Password security

B. Regular auditing

C. Baseline management

D. Individual accountability

Correct Answer: D


QUESTION 396

Privilege creep among long-term employees can be mitigated by which of the following procedures?

A. User permission reviews

B. Mandatory vacations

C. Separation of duties

D. Job function rotation

Correct Answer: A


QUESTION 397

In which of the following scenarios is PKI LEAST hardened?

A. The CRL is posted to a publicly accessible location.

B. The recorded time offsets are developed with symmetric keys.

C. A malicious CA certificate is loaded on all the clients.

D. All public keys are accessed by an unauthorized user.

Correct Answer: C


QUESTION 398

Configuring the mode, encryption methods, and security associations are part of which of the following?

A. IPSec

B. Full disk encryption C. 802.1x

D. PKI

Correct Answer: A


QUESTION 399

Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?

A. Code review

B. Penetration test

C. Protocol analyzer

D. Vulnerability scan

Correct Answer: B


QUESTION 400

Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?

A. Penetration test

B. Code review

C. Vulnerability scan

D. Brute Force scan

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.