Latest CompTIA JK0-018 Real Exam Download 741-760

Ensurepass

QUESTION 741

Which of the following security tools can Jane, an administrator, implement to mitigate the risks of theft?

A. Visualization

B. Host based firewalls

C. HIPS

D. Device encryption

Correct Answer: D


QUESTION 742

Matt, an attacker, drops a USB flash drive labeled "CEO’s music collection" in the reception area of a bank hoping an employee will find it. The drive actually contains malicious code. Which of the following attacks is this?

A. Vishing

B. Social engineering

C. Spim

D. Impersonation

Correct Answer: B


QUESTION 743

Sara, an employee, visits a website and downloads the PDF application to officially become a member.

The network administrator notices large amounts of bandwidth at night from Sara’s workstation. Which of the following attacks does this describe?

A. Adware

B. Botnets

C. Logic bomb

D. Spyware

Correct Answer: B


QUESTION 744

Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test?

A. The security company is provided with all network ranges, security devices in place, and logical maps of the network.

B. The security company is provided with no information about the corporate network or physical locations.

C. The security company is provided with limited information on the network, including all network diagrams.

D. The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

Correct Answer: B


QUESTION 745

If Pete, an administrator, is blocking port 22, which of the following protocols will this affect? (Select TWO)

A. SNMP

B. SSH

C. SMTP

D. FTP

E. Telnet

F. SCP

Correct Answer: BF


QUESTION 746

Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?

A. Port scanning

B. Penetration testing

C. Vulnerability scanning

D. Performing risk analysis

Correct Answer: B


QUESTION 747

Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?

A. LDAP injection

B. SQL injection

C. Error and exception handling

D. Cross-site scripting

Correct Answer: D


QUESTION 748

A recent virus outbreak has finally been contained and now several users are reporting latency issues. A vulnerability scan was performed and no backdoors were found. Upon further investigation, Matt, the security administrator, notices that websites are being redirected to unauthorized sites. This is an example of which of the following?

A. Botnet

B. Rootkits

C. Trojan

D. Spyware

Correct Answer: D


QUESTION 749

Which of the following is BEST used to control access to the LAN?

A. DMZ

B. NAC

C. NAT

D. Remote access

Correct Answer: B


QUESTION 750

Which of the following is a technical preventive control?

A. IDS

B. Data backup

C. Audit logs

D. ACLs

Correct Answer: D


QUESTION 751

When deploying virtualized servers, which of the following should a company be the MOST concerned with?

A. Integrity

B. Non-repudiation

C. Power consumption

D. Availability

Correct Answer: D


QUESTION 752

The main difference between symmetric and asymmetric encryption is that:

A. Symmetric encryption uses the same key for encryption and decryption, while asymmetric encryption uses one key to encrypt and one to decrypt.

B. In symmetric encryption the encryption key must be of even number length so that it can be split in two, where one part is used for encryption and the other is used for decryption.

C. Asymmetric encryption uses the same key for encryption and decryption, while symmetric encryption uses one key to encrypt and one to decrypt.

D. In asymmetric encryption the same key is given to one user in a hashed format and used for encryption, and to another used in plain text and used for decryption

Correct Answer: A


QUESTION 753

Jane, an information security manager, often receives reports about the sharing of cipher lock codes to gain access to secure areas. Jane would like to implement a new control that would prevent the sharing of codes and limit access points to only key employees. Which of the following security controls would BEST mitigate this issue?

A. Use ACLs

B. Separation of duties

C. Install proximity readers

D. Time of day restrictions

Correct Answer: C


QUESTION 754

Jane, a security administrator, has been tasked with explaining access control aspects to a peer. Which of the following is a directory service supporting both Windows and Linux authentication?

A. LDAP

B. Trusted OS

C. TACACS+

D. PAM

Correct Answer: A


QUESTION 755

Pete, a system administrator, has concerns regarding his users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern?

A. Create conduct policies prohibiting sharing credentials.

B. Enforce a policy shortening the credential expiration timeframe.

C. Implement biometric readers on laptops and restricted areas.

D. Install security cameras in areas containing sensitive systems.

Correct Answer: C


QUESTION 756

Which of the following is the MOST secure solution for connecting remote sites to the corporate headquarters?

A. PPTP

B. L2TP

C. HTTP

D. IPSec

Correct Answer: D


QUESTION 757

Which of the following is the BEST method to use when preventing a cross-site scripting attack on a Human Resource system?

A. Require all data be filtered through a web application firewall.

B. Restrict permitted HTML encoding to a limited subset of tags and attributes.

C. Provide user education on the threat of cross-site scripting.

D. Input validation upon arrival at the server.

Correct Answer: D


QUESTION 758

Jane’s, a user, word processing software is exhibiting strange behavior, opening and closing itself at random intervals. There is no other strange behavior on the system. Which of the following would mitigate this problem in the future?

A. Install application updates

B. Encrypt the file system

C. Install HIDS

D. Install anti-spam software

Correct Answer: A


QUESTION 759

Jane, a user, has an IP address of 172.16.24.43 and visits a website which states that she has an IP address of 204.211.38.89. Which of the following is being used on the network? (Select TWO).

A. NAT

B. NAC

C. Spoofing

D. DMZ

E. VLANs

F. PAT

Correct Answer: AF


QUESTION 760

Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?

A. Visualization

B. Patch management

C. Full disk encryption

D. Database encryption

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.