CompTIA CompTIA Security+ JK0-022 Questions & Answers

• Question 81:

  Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

  A. Tethering

  B. Screen lock PIN

  C. Remote wipe

  D. Email password

  E. GPS tracking

  F. Device encryption

  Correct Answer: CF

  C: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people.

  F: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

  Incorrect Answers:

  A: Device tethering is the process of connecting one device to another over a wireless LAN (Wi- Fi) or Bluetooth connection or by using a cable. This allows the tethered devices to share an Internet connection. It does not protect the device against data loss in the event of the device being stolen.

  B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be a bit difficult for anyone else to access your data or applications. However, screen locks may have workarounds, such as accessing the phone application through the emergency calling feature.

  D: Some email applications allow users to set a password on an email that could be shared with the recipient. This does not protect against sensitive data loss if the device is stolen.

  E: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to locate the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236,

• Question 82:

  Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

  A. Screen lock

  B. Voice encryption

  C. GPS tracking

  D. Device encryption

  Correct Answer: A

  Screen-lock is a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.

  Incorrect Answers:

  B: Voice encryption is used to protect audio (voice) transmission. It cannot secure data stored on a mobile device.

  C: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information.

  D: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 237 https://

  www.ukash.com/en-SI/mobile-device-security/

• Question 83:

  Which of the following practices is used to mitigate a known security vulnerability?

  A. Application fuzzing

  B. Patch management

  C. Password cracking

  D. Auditing security logs

  Correct Answer: B

  Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from new attacks and vulnerabilities that have recently become known.

  Incorrect Answers:

  A: Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

  C: Password cracking is an attempt to find weakness in users' passwords. However, password strength and complexity would be used to mitigate against weakness in users' passwords.

  D: Security logs record information about security related events, such as user access to resource objects, users performing privileged operations, or events detected by sentry devices such as firewalls, IDS/IPS, and routers and switches.

  References: http://en.wikipedia.org/wiki/Fuzz_testing Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 220 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 202, 229, 231-232

• Question 84:

  Which of the following is the term for a fix for a known software problem?

  A. Skiff

  B. Patch

  C. Slipstream

  D. Upgrade

  Correct Answer: B

  Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. Incorrect Answers:

  A: A skiff is a small boat.

  C: Slipstreaming is the process of making an installation image of an operating system that includes the latest service packs and required applications. This is used to install new systems rather than fix software problems.

  D: Upgrades are replacement of the existing software with newer and better versions of the oftware.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 220 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 231

• Question 85:

  An administrator finds that non-production servers are being frequently compromised, production servers are rebooting at unplanned times and kernel versions are several releases behind the version with all current security fixes.

  Which of the following should the administrator implement?

  A. Snapshots

  B. Sandboxing

  C. Patch management

  D. Intrusion detection system

  Correct Answer: C

  Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities.

  Incorrect Answers:

  A: Snapshots are backups of virtual machines that can be used to quickly recover from errors or poor updates. It does not ensure that the latest kernel version with all current security fixes is installed on the system.

  B: Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from being able to cause harm to production systems. It does not ensure that the latest kernel version with all current security fixes is installed on the system.

  D: An intrusion detection system (IDS) is an automated system that detects intrusions or security policy violations on networks or host systems. It does not ensure that the latest kernel version with all current security fixes is installed on the system.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204-205, 220 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 21, 231-232, 249,

• Question 86:

  A recently installed application update caused a vital application to crash during the middle of the workday. The application remained down until a previous version could be reinstalled on the server, and this resulted in a significant loss of data and revenue.

  Which of the following could BEST prevent this issue from occurring again?

  A. Application configuration baselines

  B. Application hardening

  C. Application access controls

  D. Application patch management

  Correct Answer: D

  Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.

  Incorrect Answers:

  A: Application configuration baselining is the process of tuning the settings of an application to ensure it operates at its optimal value while providing security and vulnerability protection.

  B: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services. Hardening also involves tuning and configuring the native security features of the installed software, performing patch management.

  C: Access control or permissions determines a user's access to an object, such as a file or folder, application, and system. It does not prevent system crashed due to application updates.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 231- 232, 235 Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217, 219, 220

• Question 87:

  A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates.

  Which of the following processes could MOST effectively mitigate these risks?

  A. Application hardening

  B. Application change management

  C. Application patch management

  D. Application firewall review

  Correct Answer: C

  The question states that operating system updates are applied but not other software updates. The `other software' in this case would be applications. Software updates includes functionality updates and more importantly security updates. The process of applying software updates or `patches' to applications is known as `application patch management'. Application patch management is an effective way of mitigating security risks associated with software applications.

  Incorrect Answers:

  A: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services.

  B: Application change management is the processing of managing any changes to an application. It can include updating an application by applying patches but it also commonly includes making any configuration change in the application.

  D: Application firewall review is the process of reviewing the configuration of a software based firewall. The configuration under review is typically who can access the system and from where the system can be accessed. It does not include the installation of application patches.

  References: http://www.techopedia.com/definition/24833/hardening Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217

• Question 88:

  Which of the following describes the process of removing unnecessary accounts and services from an application to reduce risk exposure?

  A. Error and exception handling

  B. Application hardening

  C. Application patch management

  D. Cross-site script prevention

  Correct Answer: B

  Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.

  Incorrect Answers:

  A: Error handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system, and should include error and exception handling.

  C: Patch management is the process of maintaining the latest source code for applications and operating systems. This helps protect a systems from newly discovered attacks and vulnerabilities.

  D: Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217, 220 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 231

• Question 89:

  Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

  A. Application white listing

  B. Network penetration testing

  C. Application hardening

  D. Input fuzzing testing

  Correct Answer: C

  Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.

  Incorrect Answers:

  A: Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list. Including the application on the whitelist does not address the security settings that have been disabled by default.

  B: Network penetrating testing attempts to find weakness in a network by trying to hack into the network. This is not related to software.

  D: Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

  References: http://en.wikipedia.org/wiki/Fuzz_testing Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217, 218, 340 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 229

• Question 90:

  The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

  A. Stabilizing

  B. Reinforcing

  C. Hardening

  D. Toughening

  Correct Answer: C

  Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and

  disabling unnecessary services.

  Incorrect Answers:

  A, B, D: The correct term for making a system as secure as possible is hardening, not stabilizing, reinforcing, or toughening.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217