CompTIA CompTIA Security+ JK0-022 Questions & Answers

• Question 61:

  Which of the following file systems is from Microsoft and was included with their earliest operating systems?

  A. NTFS

  B. UFS

  C. MTFS

  D. FAT

  Correct Answer: D

  File Allocation Table (FAT) is a file system created by Microsoft and used for its earliest DOS operating systems.

  Incorrect Answers:

  A: NTFS is a file system created by Microsoft but it was first used on its Windows NT Server operating systems. NTFS has file and folder level access permissions and auditing capabilities. It was not used with Microsoft's earliest operating

  systems.

  B: Unix File System (UFS) is a file system created for the Unix operating system.

  C: Multi-Threaded File System (MTFS) is a file system created for the Linux based operating systems.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 58-59 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 203 http://en.wikipedia.org/

  wiki/File_Allocation_Table http://en.wikipedia.org/wiki/Unix_File_System

• Question 62:

  Which of the following can be performed when an element of the company policy cannot be enforced by technical means?

  A. Develop a set of standards

  B. Separation of duties

  C. Develop a privacy policy

  D. User training

  Correct Answer: D

  User training is an important aspect of maintaining safety and security. It helps improve users' security awareness in terms of prevention, enforcement, and threats. It is of critical importance when element of the company policy cannot be enforced by technical means.

  Incorrect Answers:

  A: Standards are derived from policies and should provide the detail required to audit a system and ensure that the standard is being met. It does no help enforce a policy.

  B: Separation of duties is the division of administrative tasks and their assignment to different administrators. This ensures that no one user has complete access or power over an entire network, server, or system. The separation of duties can be enforced by technical means.

  C: Privacy policy describes the controls required to maintain data privacy within a system. This is an example of a policy, it does not help enforce a policy.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 21, 24, 153, 399-402 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 82,

• Question 63:

  If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?

  A. Transitive trust

  B. Public key trust

  C. Certificate authority trust

  D. Domain level trust

  Correct Answer: A

  In transitive trusts, trust between a first party and a third party flows through a second party that is trusted by both the first party and the third party.

  Incorrect Answers:

  B: Public keys are part of Public Key Infrastructure (PKI) and are used together with private keys in an asymmetrical cryptography system.

  C: A Certificate Authority (CA) is responsible for issuing, managing and maintaining certificates in a Public Key Infrastructure (PKI). The certificates are used as a means of authentication. This, however, is not a trust model.

  D: Domains exist within a single organization and represent the trust of entities within the domain. This trust is not extended to third parties.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 251- 252, 332-333 https://technet.microsoft.com/en-us/library/cc731335.aspx

• Question 64:

  Which of the following would prevent a user from installing a program on a company-owned mobile device?

  A. White-listing

  B. Access control lists

  C. Geotagging

  D. Remote wipe

  Correct Answer: A

  Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list.

  Incorrect Answers:

  B: Access Control Lists (ACLs) define the level of access logged on users have to resources. It does not prevent users from installing applications on a device.

  C: Geo-tagging is the process of embedding the GPS coordinates in image files and images taken using a smartphone or a digital camera. The geotagged information accompanying the image allows anyone to discover the precise location where the image was taken.

  D: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 236, 340 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236

• Question 65:

  The call center supervisor has reported that many employees have been playing preinstalled games on company computers and this is reducing productivity.

  Which of the following would be MOST effective for preventing this behavior?

  A. Acceptable use policies

  B. Host-based firewalls

  C. Content inspection

  D. Application whitelisting

  Correct Answer: D

  Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list.

  Incorrect Answers:

  A: An acceptable use policy is a document that defines the acceptable activity, practice, or use for equipment and resources. However, the policy must still be enforced.

  B: Firewalls are used to control inbound and outbound network communications between systems. It does not prevent the installation of applications.

  C: Content inspection is a filtering function where the contents of the application protocol payload are inspected against a blacklist of unwanted terms, addresses, or URLs.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 24, 340 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 19,

• Question 66:

  Prior to leaving for an extended vacation, Joe uses his mobile phone to take a picture of his family in the house living room. Joe posts the picture on a popular social media site together with the message: "Heading to our two weeks vacation to Italy." Upon returning home, Joe discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Joe's home address?

  A. Joe has enabled the device access control feature on his mobile phone.

  B. Joe's home address can be easily found using the TRACEROUTE command.

  C. The picture uploaded to the social media site was geo-tagged by the mobile phone.

  D. The message posted on the social media site informs everyone the house will be empty.

  Correct Answer: C

  Geo-tagging is the process of embedding the GPS coordinates in image files and images taken using a smartphone or a digital camera. The geotagged information accompanying the image allows anyone to discover the precise location where the image was taken.

  Incorrect Answers:

  A: Device access control is the process of controlling which users have access to a device. This is accomplished through the use of screen locks that require the user to enter a password or pin after a period of inactivity.

  B: TRACEROUTE is a network diagnostic tool used to trace the path from a client to a host machine. It cannot be used to determine the physical location of a house.

  D: The message posted on the social media site does inform everyone the house will be empty but it does not disclose the location of the hose. An attacker would still need to determine the location of the house.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 236, 419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 238

• Question 67:

  A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

  A. Separation of duties

  B. Least privilege

  C. Same sign-on

  D. Single sign-on

  Correct Answer: C

  Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally.

  Incorrect Answers:

  A: Separation of duties is the division of administrative tasks and their assignment to different administrators. This ensures that no one user has complete access or power over an entire network, server, or system. This is not an authentication system.

  B: The principle of least privilege is used to ensure that users are only provided with the minimum privileges and permissions that allow them to perform their duties. This is not an authentication system.

  D: Single sign-on does not require users to re-enter their credentials once they have logged on locally.

  References:

  http://blogs.technet.com/b/jeff_stokes/archive/2013/07/08/today-s-cloud-tip-same-sign-on-vs- single-sign-on.aspx Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 149-150,

  153 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 82,

• Question 68:

  Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).

  A. Disable the USB root hub within the OS.

  B. Install anti-virus software on the USB drives.

  C. Disable USB within the workstations BIOS.

  D. Apply the concept of least privilege to USB devices.

  E. Run spyware detection against all workstations.

  Correct Answer: AC

  A: The USB root hub can be disabled from within the operating system.

  C: USB can also be configured and disabled in the system BIOS.

  Incorrect Answers:

  B: Anti-virus is installed on a device, not on removable storage. Anti-virus also does not prevent the unauthorized copying of data.

  D: The principle of least privilege is used to ensure that users are only provided with the minimum privileges and permissions to resources that allow them to perform their duties.

  E: Spyware monitors a user's activity and uses network protocols to reports it to a third party without the user's knowledge. Detecting spyware does not prevent the unauthorized copying of data.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 153, 247-248, 300 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 82,

• Question 69:

  The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?

  A. The risks associated with the large capacity of USB drives and their concealable nature

  B. The security costs associated with securing the USB drives over time

  C. The cost associated with distributing a large volume of the USB pens

  D. The security risks associated with combining USB drives and cell phones on a network

  Correct Answer: A

  USB drive and other USB devices represent a security risk as they can be used to either bring malicious code into a secure system or to copy and remove sensitive data out of the system.

  Incorrect Answers:

  B, C: Cost is not a security concern and would not be raised by the security administrator.

  D: USB drives and cell phones represent separate security risks as USB drives cannot easily be inserted in cell phones.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 247

• Question 70:

  Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?

  A. Data leakage prevention

  B. Data exfiltration

  C. Data classification

  D. Data deduplication

  Correct Answer: B

  Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system.

  Incorrect Answers:

  A: Data leak prevention is designed to detect potential data breach or data exfiltration and prevent them by monitoring, detecting and blocking sensitive data.

  C: Data classification is the categorizing of data based on its sensitivity or desired level of confidentiality. This can be high, medium, low.

  D: Data deduplication is a specialized data compression technique for identifying and eliminating duplicate copies of data.

  References: http://en.wikipedia.org/wiki/Data_loss_prevention_software http://www.techopedia.com/definition/14682/data-exfiltration http://en.wikipedia.org/wiki/ Data_deduplication Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 409