The use of social networking sites introduces the risk of:
A. Disclosure of proprietary information
B. Data classification issues
C. Data availability issues
D. Broken chain of custody
Correct Answer: A
People and processes must be in place to prevent the unauthorized disclosure or proprietary information and sensitive information s these pose a security risk to companies. With social networking your company can be exposed to as many threats as the amount of users that make use of social networking and are not advised on security policy regarding the use of social networking.
Incorrect Answers:
B: Data classification refers to the categories that data can be divided into and of more concern would be the disclosure of proprietary information when using social networking sites.
C: Availability would not be the issue here, but rather the over exposure/over availability of your data.
D: Chain of custody issues is part of basic forensic procedures.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 335, 409- 410
Question 432:
Which of the following has serious security implications for large organizations and can potentially allow an attacker to capture conversations?
A. Subnetting
B. NAT
C. Jabber
D. DMZ
Correct Answer: C
Jabber is a new unified communications application and could possible expose you to attackers that want to capture conversations because Jabber provides a single interface across presence, instant messaging, voice, video messaging, desktop sharing and conferencing.
Incorrect Answers:
A: Subnetting means that you make use of a subnet mask value to divide a network into smaller components. In essence this gives you more networks, but a smaller number of hosts available on each, thus making your network more secure
and manageable.
B: Network Address Translation is meant to extend the number of usable internet addresses sin that it allows a company to present a single address to the Internet for all computer connections. But NAT also acts a a fire wall and effectively
hides your network from the world.
D: A DMZ (demilitarized zone) is an area in a network that allows restrictive access to untrusted users and isolates the internal network from access by external users and systems. It does so by using routers and firewalls to limit access to
sensitive network resources.
References:
http://www.cisco.com/web/about/ac49/ac0/ac1/ac258/JabberInc.html Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 87-88, 93
Question 433:
Which of the following is a security risk regarding the use of public P2P as a method of collaboration?
A. Data integrity is susceptible to being compromised.
B. Monitoring data changes induces a higher cost.
C. Users are not responsible for data usage tracking.
D. Limiting the amount of necessary space for data storage.
Correct Answer: A
Peer-to-peer (P2P) networking is commonly used to share files such as movies and music, but you must not allow users to bring in devices and create their own little networks. All networking must be done through administrators and not on a P2P basis. Data integrity can easily be compromised when using public P2P networking.
Incorrect Answers:
B: Data changes occur whether using P2P or any other type of networking where data files are concerned.
C: Users are not responsible for this task, rather the security administrators are.
D: Limiting storage space is not a security risk when making use of public P2P collaboration.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 404
Question 434:
Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?
A. No competition with the company's official social presence
B. Protection against malware introduced by banner ads
C. Increased user productivity based upon fewer distractions
D. Elimination of risks caused by unauthorized P2P file sharing
Correct Answer: B
Banner, or header information messages sent with data to find out about the system(s) does happen. Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it.
Incorrect Answers:
A: Competition with a company's social presence is not a security risk or benefit.
C: Many companies allow full use of social media in the workplace, believing that the marketing opportunities it holds outweigh any loss in productivity. But it is still a distraction.
D: Social media web sites is by definition not P2P connections, it is mass distribution of data.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 344, 406
Question 435:
The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?
A. Rainbow tables attacks
B. Brute force attacks
C. Birthday attacks
D. Cognitive passwords attacks
Correct Answer: D
Social Networking Dangers are `amplified' in that social media networks are designed to mass distribute personal messages. If an employee reveals too much personal information it would be easy for miscreants to use the messages containing the personal information to work out possible passwords.
Incorrect Answers:
A: A rainbow table attack focuses on identifying a stored value. By using values in an existing table of hashed phrases or words (think of taking a word and hashing it every way you can imagine) and comparing them to values found.
B: A brute-force attack is an attempt to guess passwords until a successful guess occurs.
C: Birthday Attack is built on a simple premise. If 25 people are in a room, there is some probability that two of those people will have the same birthday. The probability increases as additional people enter the room. It's important to remember that probability doesn't mean that something will occur, only that it's more likely to occur. To put it another way, if you ask if anyone has a birthday of March 9th, the odds are 1 in 365 (or 25/365 given the number of people in the room), but if you ask if anyone has the same birthday as any other individual, the odds of there being a match increase significantly. This makes guessing the possible password easily.
References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 328
Question 436:
A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?
A. Peer to Peer
B. Mobile devices
C. Social networking
D. Personally owned devices
Correct Answer: C
There many companies that allow full use of social media in the workplace, believing that the marketing opportunities it holds outweigh any loss in productivity. What they are unknowingly minimizing are the threats that exist. Rather than being all new threats, the social networking/media threats tend to fall in the categories of the same old tricks used elsewhere but in a new format. A tweet can be sent with a shortened URL so that it does not exceed the 140- character limit set by Twitter; unfortunately, the user has no idea what the shortened URL leads to. This makes training your employees regarding the risks social networking entails essential.
Incorrect Answers:
A: Peer-to-peer training is not going to mitigate security risks that are meant for mass distribution as social networking is designed to do.
B: Mobile devices are used to produce and send personal messages on a mass distribution basis as is facilitated by twitter, etc. these are social networking and to mitigate risks with this media your employees must be trained in the dangers that social networking poses. You cannot expect of your employees to leave their cell phones, etc. some other place when they are at work.
D: Personally owned devices can lead to company information getting intermingled with personal information that employees can put at risk not media that allows for mass distribution of personal comments.
References:
Dul Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 404, 406 http://whatis.techtarget.com/definition/social-media
Question 437:
A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature?
A. TCP/IP socket design review
B. Executable code review
C. OS Baseline comparison
D. Software architecture review
Correct Answer: C
Zero-Day Exploits begin exploiting holes in any software the very day it is discovered. It is very difficult to respond to a zero-day exploit. Often, the only thing that you as a security administrator can do is to turn off the service. Although this can be a costly undertaking in terms of productivity, it is the only way to keep the network safe. In this case you want to check if the executable file is malicious. Since a baseline represents a secure state is would be possible to check the nature of the executable file in an isolated environment against the OS baseline.
Incorrect Answers:
A: A socket is a combination of IP address and port number. A TCP/IP socket design review is useful since sockets are the primary method used to communicate with services and applications such as the Web and Telnet. It is not used to check if an underused server may have a zero-day exploitable file.
B: Executable code review. Executable scripts often run at elevated permission levels and infect more components in your network. This is best done with the underused server in isolation. The purpose of code review is to look at all custom written code for holes that may exist. The review needs also to examine changes that the code--most likely in the form of a finished application-- may make: configuration files, libraries, and the like. This could be unwise to run if you suspect a zero-day exploit.
D: Software architecture review is not the way to check if an existing file on a server is malicious nor not. Comparing the existing files to a baseline would be a better option.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 338, 345-346 http://www.techrepublic.com/blog/software-engineer/reverse-engineering-your-net-applications/
Question 438:
Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company's security device. Which of the following might the administrator do in the short term to prevent the emails from being received?
A. Configure an ACL
B. Implement a URL filter
C. Add the domain to a block list
D. Enable TLS on the mail server
Correct Answer: C
Blocking e-mail is the same as preventing the receipt of those e-mails and this is done by applying a filter. But the filter must be configured to block it. Thus you should add that specific domain from where the e-mails are being sent to the list of addresses that is to be blocked.
Incorrect Answers:
A: ACLs enable devices in your network to ignore requests from specified users or systems or to grant them access to certain network capabilities.
B: URL filtering involves blocking websites (or sections of websites) based solely on the URL, restricting access to specified websites and certain web-based applications.
D: TLS is a security protocol that further enhances SSL and though this is also a solution to establish a secure communication connection between two TCP- based machines, it is not short term to prevent emails from being received.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 119, 269
Question 439:
Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network?
A. Cross-platform compatibility issues between personal devices and server-based applications
B. Lack of controls in place to ensure that the devices have the latest system patches and signature files
C. Non-corporate devices are more difficult to locate when a user is terminated
D. Non-purchased or leased equipment may cause failure during the audits of company-owned assets
Correct Answer: B
With employees who want to bring their own devices you will have to make them understand why they cannot. You do not want them plugging in a flash drive, let alone a camera, smartphone, tablet computer, or other device, on which company fi les could get intermingled with personal files. Allowing this to happen can create situations where data can leave the building that shouldn't as well as introduce malware to the system. Employees should not sync unauthorized smartphones to their work systems. Some smartphones use multiple wireless spectrums and unwittingly open up the possibility for an attacker in the parking lot to gain access through the phone to the internal network. Thus if you do not have controls in place then your network is definitely at risk.
Incorrect Answers:
A: Cross-platform compatibility issues would not be impacting on security, rather it would be of concern to the employee who wanted to connect their own devices to the company network.
C: While this may be true, why would you want to locate personally owned devices, it is not the property of the company.
D: Non-purchased and leased equipment is not a company asset.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 404 http://www.computerweekly.com/opinion/BYOD-data-protection-and-information-security- issues
Question 440:
Which of the following could a security administrator implement to mitigate the risk of tailgating for a large organization?
A. Train employees on correct data disposal techniques and enforce policies.
B. Only allow employees to enter or leave through one door at specified times of the day.
C. Only allow employees to go on break one at a time and post security guards 24/7 at each entrance.
D. Train employees on risks associated with social engineering attacks and enforce policies.
Correct Answer: D
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. Many social engineering intruders needing physical access to a site will use this method of gaining entry. Educate users to beware of this and other social engineering ploys and prevent them from happening.
Incorrect Answers:
A: Data disposal methods refers to how data is disposed off, especial by destroying the media on which it was stored, this will not safeguard the company from the risks involved with tailgating.
B: Leaving or entering a building at specified times do not prevent tailgating in fact it could facilitate tailgating in that culprits will know what times they can try to gain unlawful entry.
C: It is hugely impractical for a large corporation to only allow employees to go on a break one at a time.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 353, 405, 408
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.