CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 1061:
A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?
A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions
B. Group based privileges The question states that the sales department has a high employee turnover. You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). Then when a new employee starts, you simply add the new user account to the appropriate groups. The user then inherits all the permissions assigned to the groups. Incorrect Answers: A: Time of day restrictions refers to restricting access to resources to certain times of days. For example, in Windows Active Directory, you can configure user accounts to permit logging in only during office hours. Time of day restrictions is not used to assign user rights to users. C: You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). If you assign permissions/privileges directly to a user, you need to assign the permissions/privileges to a new user account every time a new user starts. It's much simpler to add the new user account to a group that already has the appropriate permissions/privileges assigned. D: Domain admin restrictions refer to applying restrictions to the Domain Administrator user account or accounts in the Domain Admins group to increase security. It is not used to assign permissions or privileges to new sales users. References: https://technet.microsoft.com/en-gb/library/cc786285%28v=ws.10%29.aspx
Question 1062:
A company's business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model?
A. Software as a Service B. DMZ C. Remote access support D. Infrastructure as a Service
A. Software as a Service Software as a Service (SaaS) allows for on-demand online access to specific software applications or suites without having to install it locally. This will allow the data center to continue providing network and security services. Incorrect Answers: B, C: These options would require the ERM software to be installed locally, which is not supported by the business model. D: Infrastructure as a Service provides on-demand operating solutions, as well as comprehensive outsourcing options. This will take away the need for a data center. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 38.
Question 1063:
The practice of marking open wireless access points is called which of the following?
A. War dialing B. War chalking C. War driving D. Evil twin
B. War chalking War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. Incorrect Answers: A: War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers - malicious hackers who specialize in computer security - for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network. War dialing does not involve marking external surfaces to indicate open Wifi networks. Therefore, this answer is incorrect. C: War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a wireless LAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources. War driving does not involve marking external surfaces to indicate open Wifi networks. War driving detects the networks, war chalking marks them. Therefore, this answer is incorrect. D: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique. For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name. Evil twin does not involve marking external surfaces to indicate open Wifi networks. Therefore, this answer is incorrect. References: http://www.webopedia.com/TERM/W/warchalking.html http://en.wikipedia.org/wiki/War_dialing http://searchmobilecomputing.techtarget.com/definition/war-driving http://www.techopedia.com/definition/5057/evil-twin
Question 1064:
Requiring technicians to report spyware infections is a step in which of the following?
A. Routine audits B. Change management C. Incident management D. Clean desk policy
C. Incident management Incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets). Incorrect Answers: A: Routine audits are carried out after you have implemented security controls based on risk. These audits include aspects such as user rights and permissions and specific events. B: change management refers to the structured approach that is followed to secure a company's assets. D: Clean Desk Policy - Information on a desk--in terms of printouts, pads of note paper, sticky notes, and the like--can be easily seen by prying eyes and taken by thieving hands. To protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 10, 28, 369, 402
Question 1065:
Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless network without entering their domain credentials upon connection. Once the connection is made, they cannot reach any internal resources, while wired network connections operate smoothly. Which of the following is MOST likely occurring?
A. A user has plugged in a personal access point at their desk to connect to the network wirelessly. B. The company is currently experiencing an attack on their internal DNS servers. C. The company's WEP encryption has been compromised and WPA2 needs to be implemented instead. D. An attacker has installed an access point nearby in an attempt to capture company information.
D. An attacker has installed an access point nearby in an attempt to capture company information. The question implies that users should be required to enter their domain credentials upon connection to the wireless network. The fact that they are connecting to a wireless network without being prompted for their domain credentials and they are unable to access network resources suggests they are connecting to a rogue wireless network. A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual authentication (client-server server- client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network. To prevent the installation of rogue access points, organizations can install wireless intrusion prevention systems to monitor the radio spectrum for unauthorized access points. Incorrect Answers: A: A personal access point would not have the same SSID as the corporate wireless network. Therefore, other network computers would not attempt to connect to the personal access point. Therefore, this answer is incorrect. B: This is not a DNS issue. The users are able to connect to the rogue access point without entering their domain credentials. If the DNS system was compromised, the users would not be able to connect to the wireless network. Therefore, this answer is incorrect. C: WEP encryption is considered to be very weak in terms of security and WPA2 is recommended. However, compromised WEP encryption would not cause the symptoms described in this question. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/Rogue_access_point
Question 1066:
A company wants to ensure that its hot site is prepared and functioning. Which of the following would be the BEST process to verify the backup datacenter is prepared for such a scenario?
A. Site visit to the backup data center B. Disaster recovery plan review C. Disaster recovery exercise D. Restore from backup
C. Disaster recovery exercise A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. This means that an actual exercise run would test the abilities of your hot site best. Incorrect Answers: A: A site visit is not the same as actual testing that the site can act as a hot site, you need to run a disaster recovery exercise to test the hot site ability. B: A review is not actual testing of the disaster recovery plan. D: Restoring from backups can be done on any other type of site as well. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 443-444
Question 1067:
A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?
A. SNMPv3 B. TFTP C. SSH D. TLS
A. SNMPv3
Question 1068:
Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device?
A. Block cipher B. Elliptical curve cryptography C. Diffie-Hellman algorithm D. Stream cipher
B. Elliptical curve cryptography Regarding the performance of ECC applications on various mobile devices, ECC is the most suitable PKC (Public-key cryptography) scheme for use in a constrained environment. Note: Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size. Using smaller key size would be faster. Incorrect Answers: A, D: Block cipher and stream cipher are cryptography subtypes.'= C: Diffie-Hellman would require longer keys which would increase overhead. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 245-246, 253 http://www.studymode.com/essays/Elliptic-Curve-Cryptography-And-Its-Applications- 1560318.html http:// en.wikipedia.org/wiki/Elliptic_curve_cryptography
Question 1069:
A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?
A. Data confidentiality B. High availability C. Data integrity D. Business continuity
C. Data integrity Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing. Incorrect Answers: A: Confidentiality is the process of ensuring that unauthorized users are not able to read the information. B: Availability is the process of ensuring that authorized users have access to the data and systems that they require. Data backups, redundant systems, and disaster recovery plans can be used to support availability. D. Business continuity is concerned with the processes and policies that are designed to minimize the impact of a system failure, network failure, or the failure of any key component needed for business operation. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 259, 413-414, 431
Question 1070:
Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO).
A. The CA's public key B. Joe's private key C. Ann's public key D. The CA's private key E. Joe's public key F. Ann's private key
A. The CA's public key E. Joe's public key Joe wants to send a message to Ann. It's important that this message not be altered. Joe will use the private key to create a digital signature. The message is, in effect, signed with the private key. Joe then sends the message to Ann. Ann will use the public key attached to the message to validate the digital signature. If the values match, Ann knows the message is authentic and came from Joe. Ann will use a key provided by Joe--the public key--to decrypt the message. Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit. Thus Ann would compare the signature area referred to as a message in the message with the calculated value digest (her private key in this case). If the values match, the message hasn't been tampered with and the originator is verified as the person they claim to be. This process provides message integrity, nonrepudiation, and authentication. A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. A certificate is nothing more than a mechanism that associates the public key with an individual. If Joe wants to send Ann an encrypted e-mail, there should be a mechanism to verify to Ann that the message received from Mike is really from Joe. If a third party (the CA) vouches for Joe and Ann trusts that third party, Ann can assume that the message is authentic because the third party says so. Incorrect Answers: B: Ann would require Joe's public key and not his private key. C: Ann is the recipient and her public key is not required to verify e-mail sent by Joe. D: The CA's private key is not used to decrypt messages, rather a recipient must make use of the CA's public key to process a request for a digital certificate. F: The certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. Ann's private key is thus not an issue here because she must use the DC's public key to process a request for a digital signature. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 261, 279 http://searchsecurity.techtarget.com/definition/digital-signature http://email.about.com/cs/pgp/a/public_key_enc.htm
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.