CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 1111:
Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?
A. Create a VLAN for the SCADA B. Enable PKI for the MainFrame C. Implement patch management D. Implement stronger WPA2 Wireless
A. Create a VLAN for the SCADA VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn't need to communicate with another in order to accomplish a work task/function shouldn't be able to do so. Incorrect Answers: B: PKI focuses on proving the identity of communication partners, providing a means to securely exchange session-based symmetric encryption keys through asymmetric cryptographic solutions, and providing a means to protect message integrity through the use of hashing. C: Patch management is the formal process of ensuring that updates and patches are properly tested and applied to production systems. D: Implementing stronger WPA2 Wireless will not solve the problem of keeping the networks separate. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 21, 23, 350.
Question 1112:
An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?
A. Create three VLANs on the switch connected to a router B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router C. Install a firewall and connect it to the switch D. Install a firewall and connect it to a dedicated switch for each device type
A. Create three VLANs on the switch connected to a router A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function. Incorrect Answers: B: Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections. C, D: Firewalls are used to protect one network from another, not separate it. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 5, 23, 29.
Question 1113:
Which of the following BEST describes part of the PKI process?
A. User1 decrypts data with User2's private key B. User1 hashes data with User2's public key C. User1 hashes data with User2's private key D. User1 encrypts data with User2's public key
D. User1 encrypts data with User2's public key In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key. PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are encrypted with a public key and decrypted with a private key. A PKI example: 1. You want to send an encrypted message to Jordan, so you request his public key. 2. Jordan responds by sending you that key. 3. You use the public key he sends you to encrypt the message. 4. You send the message to him. 5. Jordan uses his private key to decrypt the message. Incorrect Answers: A: You must use your own private key to decrypt data. B: In a PKI data is encrypted and decrypted. Data is not hashed. C: In a PKI data is encrypted and decrypted. Data is not hashed. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 279-285
Question 1114:
Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?
A. Structured walkthrough B. Full Interruption test C. Checklist test D. Tabletop exercise
A. Structured walkthrough A structured walkthrough test of a recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. Incorrect Answers: B: In a full interruption test, operations are shut down at the primary site and shifted to the recovery site in accordance with the disaster recovery plan. C: In a checklist test disaster recovery checklists are distributed to all members of a disaster recovery team. The members are asked to review the checklist. This ensures that the checklist is still current, and that the assigned members of disaster recovery teams are still working for the company. D: A tabletop exercise is a simulation of a disaster. A Tabletop Test is a test of the recovery plan in which actions are not actually performed. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 454-455
Question 1115:
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?
A. RADIUS B. Kerberos C. TACACS+ D. LDAP
D. LDAP LDAP makes use of port 389. Incorrect Answers: A: RADIUS makes use of various UDP ports. B: Kerberos makes use of port 88. C: TACACS makes use of TCP port 49 by default. References: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question 1116:
A security administrator is reviewing the company's continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?
A. Systems should be restored within six hours and no later than two days after the incident. B. Systems should be restored within two days and should remain operational for at least six hours. C. Systems should be restored within six hours with a minimum of two days worth of data. D. Systems should be restored within two days with a minimum of six hours worth of data.
C. Systems should be restored within six hours with a minimum of two days worth of data. The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during the business impact analysis (BIA) creation. The recovery point objective (RPO) is similar to RTO, but it defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). As a general rule, the closer the RPO matches the item of the crash, the more expensive it is to obtain. Incorrect Answers: A: An RTO is six hours and not 2 days after the incident happened. B: This implies an RTO of 2 days and an RPO of 6 hours. D: Two days for a system restore should be an RTO of two days and not six hours as mentioned in the question. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 9, 456
Question 1117:
The data security manager is notified that a client will be sending encrypted information on optical discs for import into the company database. Once imported, the information is backed up and the discs are no longer needed. Following the import, which of the following is the BEST action for the manager to take?
A. Wipe the discs and place into inventory for future use B. Send the discs back to the client C. Contract with a third party to shred the discs D. Instruct employees to store the discs in a secure area
B. Send the discs back to the client
Question 1118:
A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
A. SNMP B. SNMPv3 C. ICMP D. SSH
B. SNMPv3 Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities. Incorrect Answers: A: You can use SNMP to interact with several network devices to acquire status information, performance data, statistics, and configuration details via a management console. C: ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. D: SSH transmits both authentication traffic and data in a secured encrypted form. Thus, no information is exchanged in clear text. This makes SSH a secure alternative to Telnet, which transmits both authentication credentials and data in clear text. References: http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 46, 47.
Question 1119:
Which of the following would allow the organization to divide a Class C IP address range into several ranges?
A. DMZ B. Virtual LANs C. NAT D. Subnetting
D. Subnetting Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections. Incorrect Answers: A: The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall. B: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. C: NAT serves as a basic firewall by only allowing incoming traffic that is in response to an internal system's request. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 39,
Question 1120:
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company's live modem pool. Which of the following activities is MOST appropriate?
A. War dialing B. War chalking C. War driving D. Bluesnarfing
A. War dialing War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers - malicious hackers who specialize in computer security - for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry- point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network. Incorrect Answers: B: War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. War chalking is not used to test the security controls of modems. Therefore, this answer is incorrect. C: War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a wireless LAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources. War driving is not used to test the security controls of modems. Therefore, this answer is incorrect. D: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages -without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled. Bluesnarfing is not used to test the security controls of modems. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/War_dialing http://www.webopedia.com/TERM/W/warchalking.html http://searchmobilecomputing.techtarget.com/definition/war-driving http://searchmobilecomputing.techtarget.com/definition/bluesnarfing
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.