CompTIA CompTIA Security+ JK0-022 Questions & Answers

• Question 351:

  A system administrator has been instructed by the head of security to protect their data at-rest. Which of the following would provide the strongest protection?

  A. Prohibiting removable media

  B. Incorporating a full-disk encryption system

  C. Biometric controls on data center entry points

  D. A host-based intrusion detection system

  Correct Answer: B

  Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the entire volume is encrypted, the data is not accessible to someone who might boot another operating system in an attempt to bypass the

  computer's security. Full disk encryption is sometimes referred to as hard drive encryption.

  This would be best to protect data that is at rest.

  Incorrect Answers:

  A: Prohibiting removable media is not working with data at rest.

  C: Biometrics are used mainly as a physical security control and to control access to resources. Data at rest is best protected with a full-disk encryption system.

  D: Intrusion detection systems are used as a physical security measure and not a data protection measure.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 290

• Question 352:

  An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions.

  Which of the following database designs provides the BEST security for the online store?

  A. Use encryption for the credential fields and hash the credit card field

  B. Encrypt the username and hash the password

  C. Hash the credential fields and use encryption for the credit card field

  D. Hash both the credential fields and the credit card field

  Correct Answer: C

  Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed.

  Incorrect Answers:

  A: Encryption should be used on the credit card field because the customers could be making many separate transactions using the same credit card. The credential field should be hashed and not encrypted because anyone customer would most likely use a credit card to make purchases and not many credit cards to make purchases at the same online store.

  B: Credit card customers would not be using usernames and passwords to make purchases from an online store.

  D: Hashing the credit card field will limit the customers to one transaction only and not multiple separate transactions.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 255, 291

• Question 353:

  Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device's removable media in the event that the device is lost or stolen?

  A. Hashing

  B. Screen locks

  C. Device password

  D. Encryption

  Correct Answer: D

  Encryption is used to ensure the confidentiality of information.

  Incorrect Answers:

  A: Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables.

  B: You can secure your phone or tablet by setting a screen lock. Each time you turn on your device or wake up the screen, you'll be asked to unlock your device. But this does not mean that your sensitive data is safe. You should still encrypt your sensitive data.

  C: Device passwords are only meant to unlock screen lock on your mobile device.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 255, 291

• Question 354:

  Customers' credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?

  A. Application firewalls

  B. Manual updates

  C. Firmware version control

  D. Encrypted TCP wrappers

  Correct Answer: D

  Wrapping sensitive systems with a specific control is required when protecting data in transit. TCP wrappers are also security controls. TCP Wrapper is a host- based networking ACL system, used to filter network access to Internet Protocol servers on (Unix-like) operating systems such as Linux or BSD. It allows host or subnetwork IP addresses, names and/or inetd query replies, to be used as tokens on which to filter for access control purposes. TCP Wrapper should not be considered a replacement for a properly configured firewall. Instead, TCP Wrapper should be used in conjunction with a firewall and other security enhancements in order to provide another layer of protection in the implementation of a security policy.

  Incorrect Answers:

  A: Application firewalls are usually better protection for database servers or web servers than are other types of firewalls. Application firewalls, in addition to packet filtering, filter specific application related content.

  B: Manual updates will not be practical considering that data is in transit when it gets stolen.

  C: Firmware version control is closely related to updating the firmware. You should always be sure that each device is using the correct version of firmware since viruses may specifically target the firmware in routers and switches if you do not update these.

  References: https://www.freebsd.org/doc/handbook/tcpwrappers.html Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 421

• Question 355:

  After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Joe's desktop remain encrypted when moved to external media or other network based storage?

  A. Whole disk encryption

  B. Removable disk encryption

  C. Database record level encryption

  D. File level encryption

  Correct Answer: D

  Encryption is used to ensure the confidentiality of information. In this case you should make use of file level encryption. File level encryption is a form of disk encryption where individual files or directories are encrypted by the file system itself. This is in contrast to full disk encryption where the entire partition or disk, in which the file system resides, is encrypted.

  Incorrect Answers:

  A: Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the entire volume is encrypted, the data is not accessible to someone who might boot another operating system in an attempt to bypass the computer's security. Full disk encryption is sometimes referred to as hard drive encryption. This would be best to protect data that is at rest.

  B: Removable disk encryption will be used to prevent unauthorized access to data storage, but is does not replace file encryption in all situations.

  C: Database record level encryption is not going to ensure that Joe's desktop's documents will remain encrypted when moved since Joe might have many other types of files other than database files.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 59, 237, 290

• Question 356:

  Which of the following is the BEST concept to maintain required but non-critical server availability?

  A. SaaS site

  B. Cold site

  C. Hot site

  D. Warm site

  Correct Answer: D

  Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. Another term for a warm site/reciprocal site is active/active model.

  Incorrect Answers:

  A: With a SaaS site you use applications as provided by a cloud provider over the internet.

  B: A cold site is a facility that isn't immediately ready to use. The organization using it must bring along its equipment and network. A cold site may provide network capability, but this isn't usually the case; the site provides a place for operations to resume, but it doesn't provide the infrastructure to support those operations.

  C: A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 443-444

• Question 357:

  The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly restored, in case of a catastrophic failure of the primary datacenter's HVAC. Which of the following can be implemented?

  A. Cold site

  B. Load balancing

  C. Warm site

  D. Hot site

  Correct Answer: C

  Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement.

  Incorrect Answers: A: A cold site is a facility that isn't immediately ready to use. The organization using it must bring along its equipment and network. A cold site may provide network capability, but this isn't usually the case; the site provides a place for operations to resume, but it doesn't provide the infrastructure to support those operations.

  B: Load balancing is a way of providing high availability by splitting the workload across multiple computers.

  D: A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 235, 443-444

• Question 358:

  A company wants to ensure that its hot site is prepared and functioning. Which of the following would be the BEST process to verify the backup datacenter is prepared for such a scenario?

  A. Site visit to the backup data center

  B. Disaster recovery plan review

  C. Disaster recovery exercise

  D. Restore from backup

  Correct Answer: C

  A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. This means that an actual exercise run would test the abilities of your hot site best.

  Incorrect Answers:

  A: A site visit is not the same as actual testing that the site can act as a hot site, you need to run a disaster recovery exercise to test the hot site ability.

  B: A review is not actual testing of the disaster recovery plan.

  D: Restoring from backups can be done on any other type of site as well.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 443-444

• Question 359:

  Which of the following disaster recovery strategies has the highest cost and shortest recovery time?

  A. Warm site

  B. Hot site

  C. Cold site

  D. Co-location site

  Correct Answer: B

  A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. Databases can be kept up-to-date using network connections. These types of facilities are expensive, and they're primarily suitable for short-term situations.

  Incorrect Answers:

  A: A warm site provides some of the capabilities of a hot site, but it requires the customer to do more work to become operational. Warm sites provide computer systems and compatible media capabilities.

  C: A cold site is a facility that isn't immediately ready to use. The organization using it must bring along its equipment and network. A cold site may provide network capability, but this isn't usually the case; the site provides a place for operations to resume, but it doesn't provide the infrastructure to support those operations.

  D: A co-location site is type of site where your web hosting is done, e.g. an ISP, or a web hosting company where many different customers host their web presence.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 443-444

• Question 360:

  A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?

  A. Confidentiality

  B. Availability

  C. Succession planning

  D. Integrity

  Correct Answer: B

  Simply making sure that the data and systems are available for authorized users is what availability is all about. Data backups, redundant systems, and disaster recovery plans all support availability. And creating a hot site is about providing availability.

  Incorrect Answers:

  A: Confidentiality means preventing unauthorized users from accessing data. Passwords, hard drive encryption, and access control all support confidentiality.

  C: Succession planning outlines those internal to the company who has the ability to step into position when they open.

  D: Integrity means ensuring that data has not been altered.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 414, 443-444, 454