JK0-022 Exam Details

  • Exam Code
    :JK0-022
  • Exam Name
    :CompTIA Security+ Certification
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :1149 Q&As
  • Last Updated
    :Feb 05, 2025

CompTIA JK0-022 Online Questions & Answers

  • Question 151:

    A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application?

    A. Black box testing
    B. White box testing
    C. Gray box testing
    D. Design review

  • Question 152:

    An administrator needs to submit a new CSR to a CA. Which of the following is a valid FIRST step?

    A. Generate a new private key based on AES.
    B. Generate a new public key based on RSA.
    C. Generate a new public key based on AES.
    D. Generate a new private key based on RSA.

  • Question 153:

    Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

    A. Spam filter
    B. Protocol analyzer
    C. Web application firewall
    D. Load balancer

  • Question 154:

    A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.

    Which of the following describes this cause?

    A. Application hardening
    B. False positive
    C. Baseline code review
    D. False negative

  • Question 155:

    Which of the following is a common coding error in which boundary checking is not performed?

    A. Input validation
    B. Fuzzing
    C. Secure coding
    D. Cross-site scripting

  • Question 156:

    An administrator was asked to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?

    A. A password that has not changed in 180 days
    B. A single account shared by multiple users
    C. A user account with administrative rights
    D. An account that has not been logged into since creation

  • Question 157:

    A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?

    A. Host-based firewall
    B. IDS
    C. IPS
    D. Honeypot

  • Question 158:

    A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

    A. Integrity of downloaded software.
    B. Availability of the FTP site.
    C. Confidentiality of downloaded software.
    D. Integrity of the server logs.

  • Question 159:

    Using proximity card readers instead of the traditional key punch doors would help to mitigate:

    A. Impersonation
    B. Tailgating
    C. Dumpster diving
    D. Shoulder surfing

  • Question 160:

    The company's sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports.

    Which of the following controls is preventing them from completing their work?

    A. Discretionary access control
    B. Role-based access control
    C. Time of Day access control
    D. Mandatory access control

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.