CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 991:
Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server. Which of the following can still result in exposure of the sensitive data in the database server?
A. SQL Injection B. Theft of the physical database server C. Cookies D. Cross-site scripting
A. SQL Injection The question discusses a very secure environment with disk and transport level encryption and access control lists restricting access. SQL data in a database is accessed by SQL queries from an application on the application server. The data can still be compromised by a SQL injection attack. SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Incorrect Answers: B: Theft of the physical database server would not expose the sensitive data in the database server because the disks are encrypted. You would need the certificate used to encrypt the data in order to decrypt the data on the disks. Therefore, this answer is incorrect. C: Cookies are text files stored on a user's computer to store website information. This is to provide the user with a consistent website browsing experience. Cookies do not pose a risk to the sensitive data on the database server. Therefore, this answer is incorrect. D: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug- in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. The sensitive data is stored in databases on the database server. It is therefore not vulnerable to an XSS attack. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/SQL_injection http://en.wikipedia.org/wiki/Cross-site_scripting
Question 992:
A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?
A. HTTP B. DHCP C. DNS D. NetBIOS
C. DNS DNS links IP addresses and human-friendly fully qualified domain names (FQDNs), which are made up of the Top-level domain (TLD), the registered domain name, and the Subdomain or hostname. Therefore, if the DNS ports are blocked websites will not be reachable. Incorrect Answers: A: HTTP is responsible for the transmission of HTML documents and embedded multimedia components. B: Dynamic Host Configuration Protocol (DHCP) allows DHCP servers to assign, or lease, IP addresses to computers and other devices that are enabled as DHCP clients. D: NetBIOS is a program that allows applications on different computers to communicate within a local area network (LAN). References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 46. https://technet.microsoft.com/en-us/library/cc896553(v=ws.10).aspx http://en.wikipedia.org/wiki/NetBIOS
Question 993:
A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).
A. Patch Audit Policy B. Change Control Policy C. Incident Management Policy D. Regression Testing Policy E. Escalation Policy F. Application Audit Policy
B. Change Control Policy D. Regression Testing Policy A backout (regression testing) is a reversion from a change that had negative consequences. It could be, for example, that everything was working fi ne until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied. Backout plans can include uninstalling service packs, hotfi xes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout. A change control policy refers to the structured approach that is followed to secure a company's assets in the event of changes occurring. Incorrect Answers: A: Patch Audit Policy refers to proper patch management and more the specific the evaluation thereof that should be in place to keep your systems up to date. C: Incident management policies outline the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets). E: Escalation Policy is used to make sure that the right ppeol are alerted at the right time. If an incident is not acknowledged or resolved within an escalation time- out period, it is passed on, or escalated to the next user/s in line. F: Application Audit Policy refers to the process of evaluation regarding applications used on your network. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 10, 443
Question 994:
A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?
A. Identification B. Authorization C. Access control D. Authentication
A. Identification
Question 995:
The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed?
A. Hot and cold aisles B. Humidity control C. HVAC system D. EMI shielding
A. Hot and cold aisles There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. Infrared cameras are heat detection measures thus it is hot and cold aisle design elements. Incorrect Answers: B: Humidity control is part of the HVAC system to provide reliable service that is required in a server room C: HVAC system is used to control heating, ventilation and air conditioning in the server room and not just the heat detection required for hot and cold aisle design elements. D: EMI shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 380, 382
Question 996:
Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?
A. User Awareness B. Acceptable Use Policy C. Personal Identifiable Information D. Information Sharing
C. Personal Identifiable Information Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person's name to a fingerprint (think biometrics), credit card number, or patient record. Employees should be made aware of this type of attack by means of training. Incorrect Answers: A: A user-awareness program helps individuals in an organization understand how to implement policies, procedures, and technologies to ensure effective security. B: Acceptable use policy describes how employees are allowed to use company systems and resources, and the consequences of misuse. D: Information sharing is controlled using privacy policies. Privacy policies are implemented to maintain the sanctity of data privacy in the work environment. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 24-25, 404
Question 997:
An internal audit has detected that a number of archived tapes are missing from secured storage. There was no recent need for restoration of data from the missing tapes. The location is monitored by access control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three months. The access control system shows numerous valid entries into the storage location during that time. The last audit was six months ago and the tapes were accounted for at that time. Which of the following could have aided the investigation?
A. Testing controls B. Risk assessment C. Signed AUP D. Routine audits
A. Testing controls
Question 998:
While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?
A. Cross-site scripting B. Buffer overflow C. Header manipulation D. Directory traversal
B. Buffer overflow When the user opens an attachment, the attachment is loaded into memory. The error is caused by a memory issue due to a buffer overflow attack. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. Incorrect Answers: A: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug- in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. As XSS is a web based attack, it would require the user to open a web page, not an email attachment. Therefore, this answer is incorrect. C: A header manipulation attack uses other methods (hijacking, cross-site forgery, and so forth) to change values in HTTP headers and falsify access. When used with XSRF, the attacker can even change a user's cookie. Internet Explorer 8 and above include InPrivate Filtering to help prevent some of this. By default, your browser sends information to sites as they need it--think of requesting a map from a site; it needs to know your location in order to give directions. With InPrivate Filtering, you can configure the browser not to share information that can be captured and manipulated. As header manipulation is a web based attack, it would require the user to open a web page, not an email attachment. Therefore, this answer is incorrect. D: Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory. If the attempt is successful, the hacker can view restricted files or even execute commands on the server. Although some educated guesswork is involved in finding paths to restricted files on a Web server, a skilled hacker can easily carry out this type of attack on an inadequately protected server by searching through the directory tree. The risk of such attacks can be minimized by careful Web server programming, the installation of software updates and patches, filtering of input from browsers, and the use of vulnerability scanners. As directory traversal is a form of HTTP exploit, it would require the user to open a web page, not an email attachment. Therefore, this answer is incorrect. References: http://searchsecurity.techtarget.com/definition/buffer-overflow http://en.wikipedia.org/wiki/Cross-site_scripting Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 340 http:// searchsecurity.techtarget.com/definition/directory-traversal
Question 999:
A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?
A. WPA2 B. WPA C. IPv6 D. IPv4
C. IPv6 IPSec security is built into IPv6. Incorrect Answers: A: WPA2 makes use of CCMP B: WPA makes use of the RC4 encryption algorithm with TKIP. D: IPSec is an add-on to IPv4. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 145, 172.
Question 1000:
In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?
A. Import the recipient's public key B. Import the recipient's private key C. Export the sender's private key D. Export the sender's public key
A. Import the recipient's public key See step 4 below. 1. When a user encrypts plaintext with PGP, PGP first compresses the plaintext. 2. PGP then creates a session key, which is a one-time-only secret key. 3. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. 4. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. Incorrect Answers: B: The recipient's public key, not the private key, is used. C, D: The sender's key is not used. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 251, 272-273 http://www.pgpi.org/doc/pgpintro/
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.