JK0-022 Exam Details

  • Exam Code
    :JK0-022
  • Exam Name
    :CompTIA Security+ Certification
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :1149 Q&As
  • Last Updated
    :Feb 05, 2025

CompTIA JK0-022 Online Questions & Answers

  • Question 991:

    Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server. Which of the following can still result in exposure of the sensitive data in the database server?

    A. SQL Injection
    B. Theft of the physical database server
    C. Cookies
    D. Cross-site scripting

  • Question 992:

    A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?

    A. HTTP
    B. DHCP
    C. DNS
    D. NetBIOS

  • Question 993:

    A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).

    A. Patch Audit Policy
    B. Change Control Policy
    C. Incident Management Policy
    D. Regression Testing Policy
    E. Escalation Policy
    F. Application Audit Policy

  • Question 994:

    A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?

    A. Identification
    B. Authorization
    C. Access control
    D. Authentication

  • Question 995:

    The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed?

    A. Hot and cold aisles
    B. Humidity control
    C. HVAC system
    D. EMI shielding

  • Question 996:

    Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?

    A. User Awareness
    B. Acceptable Use Policy
    C. Personal Identifiable Information
    D. Information Sharing

  • Question 997:

    An internal audit has detected that a number of archived tapes are missing from secured storage. There was no recent need for restoration of data from the missing tapes. The location is monitored by access control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three months. The access control system shows numerous valid entries into the storage location during that time. The last audit was six months ago and the tapes were accounted for at that time. Which of the following could have aided the investigation?

    A. Testing controls
    B. Risk assessment
    C. Signed AUP
    D. Routine audits

  • Question 998:

    While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?

    A. Cross-site scripting
    B. Buffer overflow
    C. Header manipulation
    D. Directory traversal

  • Question 999:

    A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?

    A. WPA2
    B. WPA
    C. IPv6
    D. IPv4

  • Question 1000:

    In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?

    A. Import the recipient's public key
    B. Import the recipient's private key
    C. Export the sender's private key
    D. Export the sender's public key

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.