JK0-022 Exam Details

  • Exam Code
    :JK0-022
  • Exam Name
    :CompTIA Security+ Certification
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :1149 Q&As
  • Last Updated
    :Feb 05, 2025

CompTIA JK0-022 Online Questions & Answers

  • Question 1071:

    Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware?

    A. Viruses are a subset of botnets which are used as part of SYN attacks.
    B. Botnets are a subset of malware which are used as part of DDoS attacks.
    C. Viruses are a class of malware which create hidden openings within an OS.
    D. Botnets are used within DR to ensure network uptime and viruses are not.

  • Question 1072:

    Certificates are used for: (Select TWO).

    A. Client authentication.
    B. WEP encryption.
    C. Access control lists.
    D. Code signing.
    E. Password hashing.

  • Question 1073:

    A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?

    A. Command shell restrictions
    B. Restricted interface
    C. Warning banners
    D. Session output pipe to /dev/null

  • Question 1074:

    When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

    A. Methods and templates to respond to press requests, institutional and regulatory reporting requirements.
    B. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.
    C. Developed recovery strategies, test plans, post-test evaluation and update processes.
    D. Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.
    E. Methods to review and report on system logs, incident response, and incident handling.

  • Question 1075:

    Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?

    A. Elliptic curve cryptography.
    B. Perfect forward secrecy.
    C. Steganography.
    D. Quantum cryptography.

  • Question 1076:

    A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

    A. Zero-day
    B. Buffer overflow
    C. Cross site scripting
    D. Malicious add-on

  • Question 1077:

    A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

    A. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
    B. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.
    C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.
    D. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

  • Question 1078:

    Which of the following was launched against a company based on the following IDS log?

    122.41.15.252 - - [21/May/2012:00:17:20 +1200] "GET

    /index.php?

    username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA

    AAA HTTP/1.1" 200 2731 "http://www.company.com/cgibin/

    forum/commentary.pl/noframes/read/209" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)"

    A. SQL injection
    B. Buffer overflow attack
    C. XSS attack
    D. Online password crack

  • Question 1079:

    Which of the following can be implemented with multiple bit strength?

    A. AES
    B. DES
    C. SHA-1
    D. MD5
    E. MD4

  • Question 1080:

    A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user's host:

    Old `hosts' file:

    127.0.0.1 localhost New `hosts' file:

    127.0.0.1 localhost

    5.5.5.5 www.comptia.com

    Which of the following attacks has taken place?

    A. Spear phishing
    B. Pharming
    C. Phishing
    D. Vishing

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.