Latest CompTIA JK0-018 Real Exam Download 401-420

Ensurepass

QUESTION 401

Which of the following is used to certify intermediate authorities in a large PKI deployment?

A. Root CA

B. Recovery agent

C. Root user

D. Key escrow

Correct Answer: A


QUESTION 402

Which of the following components MUST be trusted by all parties in PKI?

A. Key escrow

B. CA

C. Private key

D. Recovery key

Correct Answer: B


QUESTION 403

When checking his webmail, Matt, a user, changes the URL’s string of characters and is able to get into another user’s inbox. This is an example of which of the following?

A. Header manipulation

B. SQL injection

C. XML injection

D. Session hijacking

Correct Answer: D


QUESTION 404

Elliptic curve cryptography: (Select TWO)

A. is used in both symmetric and asymmetric encryption.

B. is used mostly in symmetric encryption.

C. is mostly used in embedded devices.

D. produces higher strength encryption with shorter keys.

E. is mostly used in hashing algorithms.

Correct Answer: CD


QUESTION 405

Which of the following would an antivirus company use to efficiently capture and analyze new and unknown malicious attacks?

A. Fuzzer

B. IDS

C. Proxy

D. Honeynet

Correct Answer: D


QUESTION 406

Why is it important for a penetration tester to have established an agreement with management as to which systems and processes are allowed to be tested?

A. Penetration test results are posted publicly, and some systems tested may contain corporate secrets.

B. Penetration testers always need to have a comprehensive list of servers, operating systems, IP subnets, and department personnel prior to ensure a complete test.

C. Having an agreement allows the penetration tester to look for other systems out of scope and test them for threats against the in-scope systems.

D. Some exploits when tested can crash or corrupt a system causing downtime or data loss.

Correct Answer: D


QUESTION 407

A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?

A. RADIUS

B. TACACS+

C. Kerberos

D. LDAP

Correct Answer: B


QUESTION 408

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. Which of the following strategies would the administrator MOST likely implement?

A. Full backups on the weekend and incremental during the week

B. Full backups on the weekend and full backups every day

C. Incremental backups on the weekend and differential backups every day

D. Differential backups on the weekend and full backups every day

Correct Answer: A


QUESTION 409

Which of the following can be used in code signing?

A. AES

B. RC4

C. GPG

D. CHAP

Correct Answer: C


QUESTION 410

Which of the following can use RC4 for encryption? (Select TWO).

A. CHAP

B. SSL

C. WEP

D. AES

E. 3DES

Correct Answer: BC


QUESTION 411

Which of the following defines a business goal for system restoration and acceptable data loss?

A. MTTR

B. MTBF

C. RPO

D. Warm site

Correct Answer: C


QUESTION 412

Which of the following defines an organization goal for acceptable downtime during a disaster or other contingency?

A. MTBF

B. MTTR

C. RTO

D. RPO

Correct Answer: C


QUESTION 413

Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access?

A. CCTV system access

B. Dial-up access

C. Changing environmental controls

D. Ping of death

Correct Answer: C


QUESTION 414

An ACL placed on which of the following ports would block IMAP traffic?

A.

110

B.

143

C.

389

D.

465

Correct Answer: B


QUESTION 415

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

A. Disabling SSID broadcast

B. MAC filtering

C. WPA2

D. Packet switching

Correct Answer: C


QUESTION 416

Which of the following controls should be used to verify a person in charge of payment processing is not colluding with anyone to pay fraudulent invoices?

A. Least privilege

B. Security policy

C. Mandatory vacations

D. Separation of duties

Correct Answer: C


QUESTION 417

Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?

A. Recovery agent

B. Certificate authority

C. Trust model

D. Key escrow

Correct Answer: A


QUESTION 418

Please be aware that if you do not accept these terms you will not be allowed to take this CompTIA exam and you will forfeit the fee paid.

A. RETURN TO EXAM

B. EXIT EXAM

Correct Answer: A


QUESTION 419

Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?

A. Single sign on

B. IPv6

C. Secure zone transfers

D. VoIP

Correct Answer: C


QUESTION 420

Which of the following anti-malware solutions can be implemented to mitigate the risk of phishing?

A. Host based firewalls

B. Anti-spyware

C. Anti-spam

D. Anti-virus

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.