A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?
A. Application hardening
B. False positive
C. Baseline code review
D. False negative
Correct Answer: B
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.
Incorrect Answers:
A: The term hardening is usually applied to operating systems. The idea is to "lock down" the operating system as much as is practical. For example, ensure that all unneeded services are turned off, all unneeded software is uninstalled, patches are updated, user accounts are checked for security, and so forth. Hardening is a general process of making certain that the operating system itself is as secure as it can be.
C: A baseline represents a secure state and a review of the baseline code is not a vulnerability report that security patches are missing as stated in the scenario.
D: A False negative is exactly the opposite of a false positive. With a false negative, you are not alerted to a situation when you should be alerted.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 28, 52 http://www.cgisecurity.com/questions/falsepositive.shtml
Question 1072:
Which of the following can result in significant administrative overhead from incorrect reporting?
A. Job rotation
B. Acceptable usage policies
C. False positives
D. Mandatory vacations
Correct Answer: C
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. This causes a significant administrative overhead because the reporting is what results in the false positives.
Incorrect Answers:
A: Job rotation is a strategy employed to provide redundancy in employees' abilities in addition to being an access control method.
B: Acceptable use policies describe how employees are allowed to use company systems and resources.
D: Mandatory vacations are strategies employed to that the company can fill in any gaps in skills and satisfies the need to have replication and duplication of skills, not necessarily administrative overhead but rather redundancy in human resources.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 28, 413 http://www.networkworld.com/article/2327896/lan-wan/what-is-a-false-positive-.html
Question 1073:
Which of the following is a management control?
A. Logon banners
B. Written security policy
C. SYN attack prevention
D. Access Control List (ACL)
Correct Answer: B
Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment; and written security policy falls in this category.
Incorrect Answers:
A: Logon banners are configuration management which is an operational control type.
C: SYN attack prevention is done by exercising technical control measures.
D: ACLs are technical control measures.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 27
Question 1074:
To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?
A. Management
B. Administrative
C. Technical
D. Operational
Correct Answer: C
controls such as preventing unauthorized access to PC's and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection.
Incorrect Answers:
A: Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment.
B: Administrative tools are used when applying technical control types.
D: Operational control types include Personnel Security, Physical and Environmental Protection, Contingency planning, Configuration Management, Maintenance, System and Information Integrity, Media Protection, Incident Response and
Awareness and Training.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 27
Question 1075:
Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device?
A. Authentication
B. Blacklisting
C. Whitelisting
D. Acceptable use policy
Correct Answer: C
White lists are closely related to ACLs and essentially, a white list is a list of items that are allowed. Incorrect Answers:
A: Authentication is always required when applications are installed and uninstalled and to log in to an application.
B: Black lists are exactly the opposite of white lists in that it is essentially a list of items that are not allowed.
D: Acceptable use policy describe how the employees in an organization can use company systems and resources, both software and hardware.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 24, 221 http://searchsecurity.techtarget.com/definition/application-whitelisting
Question 1076:
Three of the primary security control types that can be implemented are.
A. Supervisory, subordinate, and peer.
B. Personal, procedural, and legal.
C. Operational, technical, and management.
D. Mandatory, discretionary, and permanent.
Correct Answer: C
The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.
Incorrect Answers:
A: Supervisory, subordinate and peer are not primary security control types.
B: Personal, procedural and legal controls are subsections of managerial control types.
D: Mandatory, discretionary and permanent control types are methods of access control that can be implemented.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 26-27 http://www.professormesser.com/security-plus/sy0-401/control-types-2/
Question 1077:
A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity. Which of the following is the MOST likely cause?
A. The old APs use 802.11a
B. Users did not enter the MAC of the new APs
C. The new APs use MIMO
D. A site survey was not conducted
Correct Answer: D
To test the wireless AP placement, a site survey should be performed.
Incorrect Answers:
A: 802.11a operates in the 5 GHz frequency spectrum, and is therefore less likely to have disconnections and slow network connectivity.
B: Entering the MAC address will not prevent disconnections, or speed up network connectivity.
C: This cannot be the cause because MIMO would increase network availability.
An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?
A. Dipole
B. Yagi
C. Sector
D. Omni
Correct Answer: B
A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna consisting of multiple parallel dipole elements in a line, usually made of metal rods. It consists of a single driven element connected to the transmitter or receiver with a transmission line, and additional parasitic elements: a so-called reflector and one or more directors. The reflector element is slightly longer than the driven dipole, whereas the directors are a little shorter. This design achieves a very substantial increase in the antenna's directionality and gain compared to a simple dipole.
Incorrect Answers:
A: The 15 cm long vertical element you see on most Wi-Fi equipment is actually a dipole antenna. It consists of two elements and is popular because of its omnidirectional radiation pattern.
C: A sector antenna is a type of directional microwave antenna with a sector-shaped radiation pattern. The word "sector" is used in the geometric sense; some portion of the circumference of a circle measured in degrees of arc. 60? 90?and 120?designs are typical, often with a few degrees 'extra' to ensure overlap and mounted in multiples when wider or full-circle coverage is required.
D: An omnidirectional antenna is designed to provide a 360-degree pattern and an even signal in all directions
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 178.
Question 1079:
After reviewing the firewall logs of her organization's wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue?
A. Reduce the power level of the AP on the network segment
B. Implement MAC filtering on the AP of the affected segment
C. Perform a site survey to see what has changed on the segment
D. Change the WPA2 encryption key of the AP in the affected segment
Correct Answer: A
Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.
Incorrect Answers:
B: MAC filtering is an option further down the line. If reducing the amount of output resolves the issue, the administrative effort will be much less that have to compile a list of the MAC addresses associated with users' computers and then entering those addresses.
C: A site survey is recommended when laying out a network.
D: The fact that Ann has found failed authentication attempts shows that the WPA2 encryption is not the real issue.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 177, 178.
Question 1080:
Ann, a security administrator, has concerns regarding her company's wireless network. The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be.
Which of the following would BEST alleviate Ann's concerns with minimum disturbance of current functionality for clients?
A. Enable MAC filtering on the wireless access point.
B. Configure WPA2 encryption on the wireless access point.
C. Lower the antenna's broadcasting power.
D. Disable SSID broadcasting.
Correct Answer: C
Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.
Incorrect Answers:
A: This would require clients to furnish the security administrator with their device's MAC address.
B: This would require clients to ask for Wi-Fi access.
D: Clients would not be able to detect the Wi-Fi network.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 172, 177, 178, 183.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.