JK0-018 Exam Details

  • Exam Code
    :JK0-018
  • Exam Name
    :CompTIA Security+ E2C (2011 Edition)
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 09, 2021

CompTIA JK0-018 Online Questions & Answers

  • Question 181:

    Which of the following describes how an attacker can send unwanted advertisements to a mobile device?

    A. Man-in-the-middle
    B. Bluejacking
    C. Bluesnarfing
    D. Packet sniffing

  • Question 182:

    Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test?

    A. The security company is provided with all network ranges, security devices in place, and logical maps of the network.
    B. The security company is provided with no information about the corporate network or physical locations.
    C. The security company is provided with limited information on the network, including all network diagrams.
    D. The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

  • Question 183:

    Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?

    A. Connect the WAP to a different switch.
    B. Create a voice VLAN.
    C. Create a DMZ.
    D. Set the switch ports to 802.1q mode.

  • Question 184:

    A computer supply company is located in a building with three wireless networks. The system security team implemented a quarterly security scan and saw the following. Which of the following is this an example of? SSID State Channel Level Computer AreUs1 connected 1 70dbm Computer AreUs2 connected 5 80dbm Computer AreUs3 connected 3 75dbm Computer AreUs4 connected 6 95dbm

    A. Rouge access point
    B. Near field communication
    C. Jamming
    D. Packet sniffing

  • Question 185:

    Which of the following BEST represents the goal of a vulnerability assessment?

    A. To test how a system reacts to known threats
    B. To reduce the likelihood of exploitation
    C. To determine the system's security posture
    D. To analyze risk mitigation strategies

  • Question 186:

    A company hires outside security experts to evaluate the security status of the corporate network. All of the company's IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed?

    A. Penetration testing
    B. WAF testing
    C. Vulnerability scanning
    D. White box testing

  • Question 187:

    Which of the following types of application attacks would be used to identify malware causing security breaches that have NOT yet been identified by any trusted sources?

    A. Zero-day
    B. LDAP injection
    C. XML injection
    D. Directory traversal

  • Question 188:

    Which of the following access controls enforces permissions based on data labeling at specific levels?

    A. Mandatory access control
    B. Separation of duties access control
    C. Discretionary access control
    D. Role based access control

  • Question 189:

    The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware?

    A. TwoFish
    B. SHA-512
    C. Fuzzy hashes
    D. HMAC

  • Question 190:

    Key elements of a business impact analysis should include which of the following tasks?

    A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
    B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates.
    C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management.
    D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-018 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.