CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 91:
Which of the following is a programming interface that allows a remote computer to run programs on a local machine?
A. RPC B. RSH C. SSH D. SSL
A. RPC Remote Procedure Call (RPC) is a programming interface that allows a remote computer to run programs on a local machine. Incorrect Answers: B: The remote shell (RSH) is a command line computer program that can execute shell commands as another user and on another computer across a computer network. C: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also be used in a similar fashion on Windows. D: SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 53. http://en.wikipedia.org/wiki/Remote_Shell http://en.wikipedia.org/wiki/Secure_Shell https://www.digicert.com/ssl.htm
Question 92:
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?
A. Supervisor B. Administrator C. Root D. Director
B. Administrator The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS. Incorrect Answers: A, C: Almost every operating system in use today employs the concept of differentiation between users and groups at varying levels. As an example, there is always a system administrator (SA) account that has godlike control over everything: root in Unix/Linux, admin (or a deviation of it) in Windows, administrator in Apple OS X, supervisor in Novell NetWare, and so on. D: A director is a person from a group of managers who leads or supervises a particular area of a company, program, or project. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 107, 153. http://en.wikipedia.org/wiki/Director_(business)
Question 93:
A victim is logged onto a popular home router forum site in order to troubleshoot some router configuration issues. The router is a fairly standard configuration and has an IP address of 192.168.1.1. The victim is logged into their router administrative interface in one tab and clicks a forum link in another tab. Due to clicking the forum link, the home router reboots. Which of the following attacks MOST likely occurred?
A. Brute force password attack B. Cross-site request forgery C. Cross-site scripting D. Fuzzing
B. Cross-site request forgery Cross-Site Request Forgery--also known as XSRF, session riding, and one-click attack-- involves unauthorized commands coming from a trusted user to the website. This is often done without the user's knowledge, and it employs some type of social networking to pull it off. For example, assume that Evan and Spencer are chatting through Facebook. Spencer sends Evan a link to what he purports is a funny video that will crack him up. Evan clicks the link, but it actually brings up Evan's bank account information in another browser tab, takes a screenshot of it, closes the tab, and sends the information to Spencer. The reason the attack is possible is because Evan is a trusted user with his own bank. In order for it to work, Evan would need to have recently accessed that bank's website and have a cookie that had yet to expire. The best protection against cross-site scripting is to disable the running of scripts (and browser profi les). Incorrect Answers: A: A Brute Force attack is usually carried out by software that attempts to guess a password by sending multiple authentication requests will different passwords until authentication is successful. This is not what is described in this question. Therefore, this answer is incorrect. C: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug- in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, Cross- Site Request Forgery exploits the trust that a site has in a user's browser. Therefore, this answer is incorrect. D: Fuzz testing or fuzzing is a software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system in an attempt to make it crash. If a vulnerability is found, a tool called a fuzz tester (or fuzzer), indicates potential causes. Fuzz testing was originally developed by Barton Miller at the University of Wisconsin in 1989. This is not what is described in this question. Therefore, this answer is incorrect. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 335 http://searchsecurity.techtarget.com/definition/fuzz-testing
Question 94:
A user has plugged in a wireless router from home with default configurations into a network jack at the office. This is known as:
A. an evil twin. B. an IV attack. C. a rogue access point. D. an unauthorized entry point.
C. a rogue access point.
Question 95:
A security administrator must implement a network that is immune to ARP spoofing attacks. Which of the following should be implemented to ensure that a malicious insider will not be able to successfully use ARP spoofing techniques?
A. UDP B. IPv6 C. IPSec D. VPN
B. IPv6
Question 96:
Without validating user input, an application becomes vulnerable to all of the following EXCEPT: A. Buffer overflow.
B. Command injection.
C. Spear phishing.
D. SQL injection.
Correct Answer. C
C Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. Incorrect Answers: A: Buffer overflow is an exploit at programming error, bugs and flaws. It occurs when an application is fed more input data than it is programmed to handle. This may cause the application to terminate or to write data beyond the end of the allocated space in memory. The termination of the application may cause the system to send the data with temporary access to privileged levels in the system, while overwriting can cause important data to be lost. Proper error and exception handling and input validation will help prevent Buffer overflow exploits. B: Command injection is often used to gain access to restricted directories on a web server. Proper input validation will help prevent command injection attacks. D: SQL injection attacks use unexpected input to a web application to gain access to the database used by web application. You can protect a web application against SQL injection by implementing input validation and by limiting database account privileges for the account used by the web server and the web application. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 257, 337, 338 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 195- 196, 197, 319
Question 97:
An IT security technician is actively involved in identifying coding issues for her company.
Which of the following is an application security technique that can be used to identify unknown weaknesses within the code?
A. Vulnerability scanning B. Denial of service C. Fuzzing D. Port scanning
C. Fuzzing Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. Incorrect Answers: A: Vulnerability scanners are used to test a system for known security vulnerabilities and weaknesses. It does not identify unknown weaknesses in code. B: Denial of Service (DoS) attacks web-based attacks that exploit flaws in the operating system, applications, services, or protocols. These attacks can be mitigated by means of firewalls, routers, and intrusion detection systems (IDSs) that detect DoS traffic, disabling echo replies on external systems, disabling broadcast features on border systems, blocking spoofed packets on the network, and proper patch management. D: Port scanning is used by hackers to detect the presence of active services that are assigned to a TCP/UDP port. This is a network-based attack rather than an attack that exploits coding weaknesses, which are aspects of application development. References: http://en.wikipedia.org/wiki/Fuzz_testing Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 342 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 24, 170-172, 211, 229
Question 98:
An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application?
A. Time of day restrictions B. Create user accounts for the auditors and assign read-only access C. Mandatory access control D. Role-based access with read-only
D. Role-based access with read-only
Question 99:
Which of the following BEST describes a SQL Injection attack?
A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information. B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers. C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage. D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.
A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information. SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Incorrect Answers: B: "using programming commonly found on web servers" describes a cross-site scripting or XML injection attack. It does not describe a SQL injection attack. Therefore, this answer is incorrect. C: Examples of an attack that "overwhelms a system or application, causing it to crash and bring the server down" are DDoS attack, Syn floods and other flooding attacks. The description does not describe a SQL injection attack. Therefore, this answer is incorrect. D: The description "overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload" is describing a buffer overflow attack, not an SQL injection attack. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/SQL_injection
Question 100:
Which of the following may significantly reduce data loss if multiple drives fail at the same time?
A. Virtualization B. RAID C. Load balancing D. Server clustering
B. RAID RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. Incorrect Answers: A: Virtualization is the foundation for cloud computing. It makes it possible by abstracting the hardware and making it available to the virtual machines. The abstraction is done through the use of a hypervisor, which can be either Type I (bare metal) or Type II (hosted); not at all reducing data loss in case multiple drives fail. C: Load balancing is a way of providing high availability by splitting the workload across multiple computers; however it does not reduce data loss in case multiple drives happen to fail. D: Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs). References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 234-235
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.