Latest CompTIA JK0-018 Real Exam Download 601-620

Ensurepass

QUESTION 601

Pete, the security administrator, wants to implement password controls to mitigate attacks based on password reuse. Which of the following password controls used together BEST accomplishes this? (Select TWO).

A. Minimum password age and password history

B. Password complexity and password history

C. Password history and password expiration

D. Password complexity and password expiration

E. Maximum password age and password expiration

Correct Answer: AC


QUESTION 602

A company that trains their users to lock the doors behind them is MOST likely trying to prevent:

A. Vishing attacks

B. Dumpster diving

C. Shoulder surfing

D. Tailgating

Correct Answer: D


QUESTION 603

Which of the following security controls would be applied on individual hosts to monitor suspicious activities, by actively analyzing events occurring within that host, and blocking any suspicious or abnormal activity?

A. HIPS

B. Spam filter

C. HIDS

D. Firewall

Correct Answer: A


QUESTION 604

Jane, a security administrator, forgets his card to access the server room. Jane asks Matt if she could use his card for the day. Which of the following is Jane using to gain access to the server room?

A. Man-in-the-middle

B. Tailgating

C. Impersonation

D. Spoofing

Correct Answer: C


QUESTION 605

During a forensic investigation, which of the following information is compared to verify the contents of a hard drive image match the original drive and have not been changed by the imaging process?

A. Hash values

B. Chain of custody

C. Order of volatility

D. Time offset

Correct Answer: A


QUESTION 606

Jane brought a laptop in from home and connected the Ethernet interface on the laptop to a wall jack with

a patch cable. Jane was unable to access any network resources. Which of the following is the MOST likely cause?

A. Flood guards were enabled on the switch.

B. Loop protection prevented the laptop from accessing the network.

C. Port security was enabled on the switch.

D. Router access control lists prevented the laptop from accessing the network.

Correct Answer: C


QUESTION 607

Matt, a new employee, installed an application on his workstation that allowed Internet users to have access to his workstation. Which of the following security related training could have mitigated this action?

A. Use of proper password procedures

B. Use of personally owned devices

C. Use of social networking and P2P networks

D. Use of clean desk policies

Correct Answer: C


QUESTION 608

Which of the following threats can result from a lack of controls for personal webmail?

A. Bandwidth exhaustion

B. Cross-site request forgery

C. Data leakage

D. Least privilege

Correct Answer: C


QUESTION 609

Which of the following is identified by the command: INSERT INTO users ("admin", "admin");’?

A. SQL Injection

B. Directory traversal

C. LDAP injection

D. Session hijacking

Correct Answer: A


QUESTION 610

Which of the following attacks is MOST likely to be performed against an FTP server?

A. DLL injection

B. SQL injection

C. LDAP injection

D. Command injection

Correct Answer: D


QUESTION 611

After performing a port scan, Sara, a network administrator, observes that port 443 is open. Which of the following services is MOST likely running?

A. SSL

B. FTP

C. TELNET

D. SSH

Correct Answer: A


QUESTION 612

Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?

A. Fault tolerance

B. Succession planning

C. Business continuity testing

D. Recovery point objectives

Correct Answer: B


QUESTION 613

Matt, a security administrator, conducted a scan and generated a vulnerability report for the Chief Executive Officer (CEO). The vulnerability report indicated several vulnerabilities but the CEO has decided that cost and operational impact outweigh the risk. This is an example of which of the following?

A. Risk transference

B. Risk acceptance

C. Risk avoidance

D. Risk mitigation

Correct Answer: B


QUESTION 614

A good password policy should contain which of the following rules? (Select THREE)

A. Length

B. Expiration

C. Tokens

D. Smart card

E. Enrollment

F. Complexity

G. Biometrics

Correct Answer: ABF


QUESTION 615

Jane, a security administrator, identifies a WEP-encrypted WAP on the network that is located at the end of the building. Jane has noticed that it is the most utilized WAP on the network. When trying to manage the WAP, she is unable to gain access. Which of the following has MOST likely happened to the WAP?

A. The WAP is under an IV attack

B. The WAP’s MAC address has been spoofed

C. The WAP is a rogue access point

D. The WAP was victim to a bluejacking attack

Correct Answer: C


QUESTION 616

Jane, a human resources employee, receives an email from a family member stating there is a new virus going around. In order to remove the virus, a user must delete the Boot.ini file from the system immediately. This is an example of which of the following?

A. Hoax

B. Spam

C. Whaling

D. Phishing

Correct Answer: A


QUESTION 617

A network IPS is used for which of the following?

A. To identify and document network based intrusions and network traffic

B. To document and analyze network visualization threats and performance

C. To identify and prevent network based intrusions or unwanted network traffic

D. To document and analyze malware and viruses on the Internet

Correct Answer: C


QUESTION 618

A risk is identified that an attacker, given the right credentials, could potentially connect to the corporate network from a nearby business’s parking lot. Which of the following controls can be put in place to reduce the likelihood of this occurring? (Select TWO).

A. TKIP

B. Antenna placement

C. Power level controls

D. WPA

E. WPA2

F. Disable SSID broadcasting

Correct Answer: EF


QUESTION 619

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website’s address."

A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

B. The website is using a wildcard certificate issued for the company’s domain,

C. HTTPS://127.0.01 was used instead of HTTPS://localhost.

D. The website is using an expired self signed certificate.

Correct Answer: C


QUESTION 620

Sara, an administrator, is hardening email application communication to improve security. Which of the following could be performed?

A. Remove gateway settings from the route table

B. Password protect the server BIOS

C. Disabling high I/O services

D. Require TLS when using SMTP

Correct Answer: D

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.