Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?
A. Least privilege access
B. Separation of duties
C. Mandatory access control
D. Mandatory vacations
Correct Answer: D
A mandatory vacation policy requires all users to take time away from work to refresh. Mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels. Mandatory vacations also provide an opportunity to discover fraud. In this case mandatory vacations can prevent the two members from colluding to steal the information that they have access to.
Incorrect Answers:
A: A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more. This is not preventing employees with legitimate access to information from colluding to steal the information.
B: A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization. Much like job rotation and it will not prevent two employees with legitimate access to information from working together to steal information.
C: Mandatory access control means all access is pre-defined by methods for how information access is permitted. In a MAC environment, all access capabilities are pre-defi ned. Users can't share information unless their rights to share it are established by administrators. Consequently, administrators must make any changes that need to be made to such rights. But in this case the users both have legitimate access to the information.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 25
Question 1062:
Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company?
A. Privacy Policy
B. Least Privilege
C. Acceptable Use
D. Mandatory Vacations
Correct Answer: D
A mandatory vacation policy requires all users to take time away from work to refresh. But not only does mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels as well as an opportunity to discover fraud.
Incorrect Answers:
A: Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured
B: Least privilege is usually employed to assign users only the required permissions to do only their duties and no more.
C: Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 25
Question 1063:
Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?
A. To ensure that false positives are identified
B. To ensure that staff conform to the policy
C. To reduce the organizational risk
D. To require acceptable usage of IT systems
Correct Answer: C
Once risks has been identified and assessed then there are five possible actions that should be taken. These are: Risk avoidance, Risk transference, Risk mitigation, Risk deterrence and Risk acceptance. Anytime you engage in steps to reduce risk, you are busy with risk mitigation and implementing IT security policy is a risk mitigation strategy.
Incorrect Answers:
A: False positives are events that are not really incidents. Thus to ensure that false positives are identified is not the main concern of implementing IT security policy.
B: Conforming to policy is only possible if policy is in place.
D: Acceptable use policy I concerned mainly with how a company allows their computers to b eused within the company.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 9-10, 28
Question 1064:
A major security risk with co-mingling of hosts with different security requirements is:
A. Security policy violations.
B. Zombie attacks.
C. Password compromises.
D. Privilege creep.
Correct Answer: A
The entire network is only as strong as the weakest host. Thus with the co-mingling of hosts with different security requirements would be risking security policy violations.
Incorrect Answers:
B: Zombie attacks are the same as botnets and it affects software. Bots itself is software that runs automatically and autonomously and as such is viewed as malicious software.
C: Password compromises on any account would not be best practice and also amounts to a security incident.
D: Privilege creep is usually uncovered during a privilege audit.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 220, 309
Question 1065:
Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?
A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.
B. Tell the application development manager to code the application to adhere to the company's password policy.
C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.
D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.
Correct Answer: B
Since the application is violating the security policy it should be coded differently to comply with the password policy.
Incorrect Answers:
A: Changing the password policy to make the application compliant would be the same as creating an incident because any attempt to violate a security policy is considered an incident.
C: Requesting to change to the risk acceptance is not best practice and it basically amounts to incident response.
D: Reprimanding the developers will nor result in the application complying with the security policy.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 445
Question 1066:
Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company's information systems?
A. Acceptable Use Policy
B. Privacy Policy
C. Security Policy
D. Human Resource Policy
Correct Answer: A
Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Incorrect Answers:
B: Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment.
C: Security policies define what controls are required to implement and maintain the security of systems, users, and networks.
D: Human resources policy does not address issues regarding which website are prohibited.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 24 http://en.wikipedia.org/wiki/Acceptable_use_policy
Question 1067:
Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).
A. Acceptable use policy
B. Risk acceptance policy
C. Privacy policy
D. Email policy
E. Security policy
Correct Answer: AC
Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Incorrect Answers:
B: Risk Acceptance policy refers to the choice that must be made when the cost of implementing any of the choices exceeds the value of harm that would occur if the risk actually came to happen.
D: Email is not bound to any one type of policy when it comes to risk mitigation, etc. email policy and regulations can be found in acceptable use policy as well as privacy policy which best describes what Joe is doing.
E: Security policies define what controls are required to implement and maintain the security of systems, users, and networks.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 10, 24-25
Question 1068:
A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?
A. Command shell restrictions
B. Restricted interface
C. Warning banners
D. Session output pipe to /dev/null
Correct Answer: C
Within Microsoft Windows, you have the ability to put signs (in the form of onscreen pop-up banners) that appear before the login telling similar information-- authorized access only, violators will be prosecuted, and so forth. Such banners convey warnings or regulatory information to the user that they must "accept" in order to use the machine or network. You need to make staff aware that they may legally be prosecuted and a message is best given via a banner so that all staff using workstation will get notification.
Incorrect Answers:
A: Command shell restrictions are not used to make everyone aware that they may be prosecuted. It is rather used to implement the actual restriction.
B: A restricted interface will just hamper staff in their execution of their duties. Prosecution can only be done when the staff is made aware of the prohibitions and accept the terms.
D: Configuring the session output pipe tp /dev/null is applying the restriction and not making staff aware of the prohibitions.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 374
Question 1069:
Which of the following is an example of a false negative?
A. The IDS does not identify a buffer overflow.
B. Anti-virus identifies a benign application as malware.
C. Anti-virus protection interferes with the normal operation of an application.
D. A user account is locked out after the user mistypes the password too many times.
Correct Answer: A
With a false negative, you are not alerted to a situation when you should be alerted.
Incorrect Answers:
B, C, D: This would be an example of a false positive. False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 28
Question 1070:
Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast packets from the switches on the network. After investigation, she discovers that this is normal activity for her network. Which of the following BEST describes these results?
A. True negatives
B. True positives
C. False positives
D. False negatives
Correct Answer: C
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.
Incorrect Answers:
A: True negatives would be non-events.
B: True positives would be real alerts and alarms.
D: With a false negative, you are not alerted to a situation when you should be alerted - The opposite of false negatives.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 28
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.