CompTIA CompTIA Security+ JK0-022 Questions & Answers

• Question 661:

  Which of the following are examples of network segmentation? (Select TWO).

  A. IDS

  B. IaaS

  C. DMZ

  D. Subnet

  E. IPS

  Correct Answer: CD

  C:

  A demilitarized zone (DMZ) is a part of the network that is separated of segmented from the rest of the network by means of firewalls and acts as a buffer between the untrusted public Internet and the trusted local area network (LAN).

  D.

  IP subnets can be used to separate or segment networks while allowing communication between the network segments via routers.

  Incorrect Answers:

  A: An intrusion detection system (IDS) is an automated system that detects intrusions or security policy violations on networks or host systems. It does not feature or offer network segmentation.

  B: The Infrastructure as a Service (IaaS) model is a cloud computing business model uses virtualization, with the clients paying for resources used.

  E: An intrusion prevention system (IPS) is an automated system that attempts to prevent intrusions or security policy violations on networks or host systems. It does not feature or offer network segmentation.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 21, 26, 27-28 Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 65, 110-111

• Question 662:

  During a recent investigation, an auditor discovered that an engineer's compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. The SCADA systems cannot be modified without vendor approval which requires months of testing.

  Which of the following is MOST likely to protect the SCADA systems from misuse?

  A. Update anti-virus definitions on SCADA systems

  B. Audit accounts on the SCADA systems

  C. Install a firewall on the SCADA network

  D. Deploy NIPS at the edge of the SCADA network

  Correct Answer: D

  A supervisory control and data acquisition (SCADA) system is an industrial control system (ICS) that is used to control infrastructure processes, facility-based processes, or industrial processes.

  A network-based IPS (NIPS) is an intrusion detection and prevention system that scans network traffic in real time against a database of attack signatures. It is useful for detecting and responding to network-based attacks originating from

  outside the organization.

  Incorrect Answers:

  A: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources.

  B: Auditing accounts on the SCADA system will not likely to protect the SCADA systems as the compromised workstation is being used to connect to the SCADA systems while the engineer is not logged in.

  C: A firewall protects a system from attack by filtering network traffic to and from the system. It can be used to block ports and protocols but this would prevent the administrator from access the SCADA system.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 117, 157

• Question 663:

  Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief Information Officer (CIO) is concerned about disclosure of confidential information. Which of the following is the MOST secure method to dispose of these hard drives?

  A. Degaussing

  B. Physical Destruction

  C. Lock up hard drives in a secure safe

  D. Wipe

  Correct Answer: B

  The physical description of hard drives is the only secure means of disposing hard drives. This can include incineration, an acid bath, and crushing.

  Incorrect Answers:

  A, D. Data wiping is the process of securely removing data remnants from a storage device so that the data cannot be easily recovered. Degaussing is one method of data wiping. However, data wiping does not provide a guarantee that the

  data is completely unrecoverable.

  C: Locking hard drives in a safe still represents a risk should the attackers gain access to the safe.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 256

• Question 664:

  The act of magnetically erasing all of the data on a disk is known as:

  A. Wiping

  B. Dissolution

  C. Scrubbing

  D. Degaussing

  Correct Answer: D

  Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium.

  Incorrect Answers:

  A: Data wiping is the process of securely removing data remnants from a storage device so that the data cannot be recovered. This is usually done when a device is to be disposed or can be done remotely, when a mobile device is stolen. B, C: Dissolution and scrubbing are not related to erasing data on a disk.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 256 http://pcsupport.about.com/od/toolsofthetrade/tp/erase-hard- drive.htm

• Question 665:

  A security administrator wants to implement a solution which will allow some applications to run under the user's home directory and only have access to files stored within the same user's folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

  A. OS Virtualization

  B. Trusted OS

  C. Process sandboxing

  D. File permission

  Correct Answer: C

• Question 666:

  A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?

  A. Host-based firewall

  B. Cable locks

  C. Locking cabinets

  D. Surveillance video

  Correct Answer: C

• Question 667:

  A Human Resources user is issued a virtual desktop typically assigned to Accounting employees. A system administrator wants to disable certain services and remove the local accounting groups installed by default on this virtual machine. The system administrator is adhering to which of the following security best practices?

  A. Black listing applications

  B. Operating System hardening

  C. Mandatory Access Control

  D. Patch Management

  Correct Answer: B

• Question 668:

  Failure to validate the size of a variable before writing it to memory could result in which of the following application attacks?

  A. Malicious logic

  B. Cross-site scripting

  C. SQL injection

  D. Buffer overflow

  Correct Answer: D

• Question 669:

  Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?

  A. Spam filter

  B. URL filter

  C. Content inspection

  D. Malware inspection

  Correct Answer: B

• Question 670:

  An administrator was asked to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?

  A. A password that has not changed in 180 days

  B. A single account shared by multiple users

  C. A user account with administrative rights

  D. An account that has not been logged into since creation

  Correct Answer: C