CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 1021:
Public keys are used for which of the following?
A. Decrypting wireless messages B. Decrypting the hash of an electronic signature C. Bulk encryption of IP based email traffic D. Encrypting web browser traffic
B. Decrypting the hash of an electronic signature The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The receiver uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic. Incorrect Answers: A: Wireless traffic is not decrypted by public keys. C: Public keys are not used to encrypt email traffic. D: Public keys are not used to encrypt web browser traffic. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 279-285
Question 1022:
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
A. Steganography images B. Internal memory C. Master boot records D. Removable memory cards E. Public keys
B. Internal memory D. Removable memory cards All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory. Incorrect Answers: A: Steganography is a process of hiding one communication inside another communication. It can use passwords to prevent unauthorized extraction of the hidden communication and can also use encryption to mitigate against brute-force attempts at extraction. Steganography can also be used to detect theft, fraud, or modification when the hidden communication is a watermark. C: The master boot record (MBR) stores information on how the logical partitions on a hard drive are organized and contains loaders for the operating system. This is not data at risk and does not need to be encrypted. E: Public keys are used in asymmetrical cryptography. It is publicly available and is derived from the user's private key. It does not hold any useable data as the private key cannot be used to reverse engineer the user's private key. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 323,
Question 1023:
After entering the following information into a SOHO wireless router, a mobile device's user reports being unable to connect to the network: PERMIT 0A: D1: FA. B1: 03: 37 DENY 01: 33: 7F: AB: 10: AB
Which of the following is preventing the device from connecting?
A. WPA2-PSK requires a supplicant on the mobile device. B. Hardware address filtering is blocking the device. C. TCP/IP Port filtering has been implemented on the SOHO router. D. IP address filtering has disabled the device from connecting.
B. Hardware address filtering is blocking the device. MAC filtering allows you to include or exclude computers and devices based on their MAC address. Incorrect Answers: A: WPA2-PSK is used to encrypt a network using a plain-English passphrase between 8 and 63 characters long. C, D: The information entered into the SOHO wireless router are MAC addresses, therefore these options are not valid. References: https://technet.microsoft.com/en-us/magazine/ff521761.aspx http://www.webopedia.com/TERM/W/WPA2_PSK.html
Question 1024:
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
A. SSLv2 B. SSHv1 C. RSA D. TLS
D. TLS HTTP Secure HTTP Secure (HTTPS) is the protocol used for "secure" web pages that users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/ TLS to provide encrypted communication. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1. Incorrect Answers: A: SSLv2 is not as secure as TLS(also known as SSL 3.1). B: Secure Shell, or SSH, is not used to secure browser sessions. SSH is a cryptographic (encrypted) network protocol for initiating text-based shell sessions on remote machines in a secure way. C: RSA is not used to encrypt browser sessions. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 252, 268-269, 271
Question 1025:
Which of the following are restricted to 64-bit block sizes? (Select TWO).
A. PGP B. DES C. AES256 D. RSA E. 3DES F. AES
B. DES E. 3DES B: The Data Encryption Standard (DES) has been used since the mid-1970s. It was the primary standard used in government and industry until it was replaced by AES. It's based on a 56-bit key and has several modes that offer security and integrity. It is now considered insecure because of the small key size. E: Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and it's more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys). Incorrect Answers: A: International Data Encryption Algorithm (IDEA) was developed by a Swiss consortium. It's an algorithm that uses a 128-bit key. This product is similar in speed and capability to DES, but it's more secure. IDEA is used in Pretty Good Privacy (PGP), a public domain encryption system used by many for email. C: AES256 (also often written as AES-256) uses 256 bits instead of 128. D: RSA is not restricted to 64-bit keys. 1024 and 2048 bit keys can be used, for example. F: AES supports key sizes of 128, 192, and 256 bits, with 128 bits being the default. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 250, 251, 255-256, 272-273
Question 1026:
A company recently experienced data loss when a server crashed due to a midday power outage. Which of the following should be used to prevent this from occurring again?
A. Recovery procedures B. EMI shielding C. Environmental monitoring D. Redundancy
D. Redundancy Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored. Incorrect Answers: A: A recovery procedure is done after the damage has occurred, it does not prevent the damage. B: EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. C: Environmental concerns include considerations about water and flood damage as well as fire suppression. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 32, 380, 383
Question 1027:
Which of the following is an authentication method that can be secured by using SSL?
A. RADIUS B. LDAP C. TACACS+ D. Kerberos
B. LDAP With secure LDAP (LDAPS), all LDAP communications are encrypted with SSL/TLS Incorrect Answers: A, C, D: None of these options have a version that is SSL encrypted. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 147. http://en.wikipedia.org/wiki/Radius http://en.wikipedia.org/wiki/TACACS http://en.wikipedia.org/wiki/Kerberos_(protocol)
Question 1028:
Which of the following provides the LEAST availability?
A. RAID 0 B. RAID 1 C. RAID 3 D. RAID 5
A. RAID 0 RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID 0 is disk striping. It uses multiple drives and maps them together as a single physical drive. This is done primarily for performance, not for fault tolerance. If any drive in a RAID 0 array fails, the entire logical drive becomes unusable. Incorrect Answers: B: RAID 1 is disk mirroring. Disk mirroring provides 100 percent redundancy because everything is stored on two disks. If one disk fails, another disk continues to operate. The failed disk can be replaced, and the RAID 1 array can be regenerated. This system offers the advantage of 100 percent data redundancy at the expense of doubling the storage requirements. Each drive keeps an exact copy of all information, which reduces the effective storage capability to 50 percent of the overall rated storage. C: RAID 3 is disk striping with a parity disk. RAID 3 arrays implement fault tolerance by using striping (RAID 0) in conjunction with a separate disk that stores parity information. Parity information is a value based on the value of the data stored in each disk location. This system ensures that the data can be recovered in the event of a failure. The process of generating parity information uses the arithmetic value of the data binary. This process allows any single disk in the array to fail while the system continues to operate. D: RAID 5 is disk striping with parity, and it is one of the most common forms of RAID in use today. It operates similarly to disk striping, as in RAID 0. The parity information is spread across all of the disks in the array instead of being limited to a single disk, as in RAID 3. Most implementations require a minimum of three disks and support a maximum of 32. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 34-35, 234 QUESTION5 NO: 207 Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program? A. RAID B. Clustering C. Redundancy D. Virtualization Answer: B Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy. Server clustering is used to provide failover capabilities / redundancy in addition to scalability as demand increases. Incorrect Answers: A: RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. C: Both Clustering and Load Balancing are redundancy measures and in this question only Clustering is mentioned. D: Virtualization is the foundation for cloud computing. You cannot have cloud computing without virtualization. It makes it possible by abstracting the hardware and making it available to the virtual machines. The abstraction is done through the use of a hypervisor, which can be either Type I (bare metal) or Type II (hosted). References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 234-235
Question 1029:
A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?
A. Availability B. Integrity C. Confidentiality D. Fire suppression
A. Availability Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC. Incorrect Answers: B: Integrity refers to data not being tampered with. HVAC does not tamper with data. C: Confidentiality refers to measures used to prevent unauthorized users from accessing data. HVAC does not keep users away or lure them. D: Fire Suppression is but a component of HVAC and refers to the act of extinguishing fire vs preventing a fire. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 378, 414
Question 1030:
Which of the following devices is MOST likely being used when processing the following?
1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY
A. Firewall B. NIPS C. Load balancer D. URL filter
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.