CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 161:
Which of the following provides the strongest authentication security on a wireless network?
A. MAC filter B. WPA2 C. WEP D. Disable SSID broadcast
B. WPA2 The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were designed to address the core, easy-to-crack problems of WEP. Incorrect Answers: A: MAC filtering would increase the security, but an authentication protocol such as WPA2 would still be required. Note: When MAC filtering is used, the administrator compiles a list of the MAC addresses associated with users' computers and enters those addresses. When a client attempts to connect and other values have been correctly entered, an additional check of the MAC address is done. If the address appears in the list, the client is allowed to join; otherwise, it is forbidden from doing so. C: WEP is weak compared to WPA2. WEP has many vulnerabilities. D: Disabling SSID broadcasting is not the best solution. One method of protecting the network that is often recommended is to disable, or turn off, the SSID broadcast (also known as cloaking). The access point is still there, and it is still accessible by those who have been told of its existence by the administrator, but it prevents those who are just scanning from finding it. This is considered a very weak form of security, because there are still other ways, albeit a bit more complicated, to discover the presence of the access point besides the SSID broadcast. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 171, 178, 183, 258
Question 162:
The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future?
A. Job rotation B. Separation of duties C. Mandatory Vacations D. Least Privilege
B. Separation of duties Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that you are employing best practices. The segregation of duties and separation of environments is a way to reduce the likelihood of misuse of systems or information. A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization. Incorrect Answers: A: A job rotation policy defines intervals at which employees must rotate through positions. This is so that the company does not become too dependent on one person. C: A mandatory vacation policy requires all users to take time away from work to refresh. If the company becomes too dependent on one person, they can end up in a real bind if something should happen to that person. D: Least Privilege means giving users only the permissions that they need to do their work and no more. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014,pp 24, 25, 26, 153 http://en.wikipedia.org/wiki/Separation_of_duties
Question 163:
LDAP and Kerberos are commonly used for which of the following?
A. To perform queries on a directory service B. To store usernames and passwords for Federated Identity C. To sign SSL wildcard certificates for subdomains D. To utilize single sign-on capabilities
D. To utilize single sign-on capabilities Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although Kerberos can also be used. Incorrect Answers: A: This refers to LDAP only. B: Federated Identity links a subject's accounts from several sites, services, or entities in a single account. It does not make use of LDAP and Kerberos. C: SSL wildcard certificates are public key certificates, which can be used with multiple subdomains of a domain, for securing web sites with HTTPS. References: http://en.wikipedia.org/wiki/Single_sign-on http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol http://en.wikipedia.org/wiki/Federated_identity http://en.wikipedia.org/wiki/Wildcard_certificate
Question 164:
Which of the following devices would MOST likely have a DMZ interface?
A. Firewall B. Switch C. Load balancer D. Proxy
A. Firewall The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall. Incorrect Answers: B: A switch is a networking device used to connect other devices together and potentially implement traffic management on their communications. C: A load balancer is used to spread or distribute network traffic load across several network links or network devices. D: A proxy server is a variation of an application-level firewall or circuit-level firewall. A proxy server is used as a proxy or middleman between clients and servers. Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 21,
Question 165:
The librarian wants to secure the public Internet kiosk PCs at the back of the library. Which of the following would be the MOST appropriate? (Select TWO).
A. Device encryption B. Antivirus C. Privacy screen D. Cable locks E. Remote wipe
B. Antivirus D. Cable locks B: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources. Public systems are particularly prone to viruses. D: Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep devices from being easy to steal. Incorrect Answers: A: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. C: A privacy screen is a monitor filter that is applied to the display to filter out the light reflected from the smooth glass surface of the display and can also be used in increase privacy by decreasing the viewing angle of a monitor, preventing it from being viewed from the side. E: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 161-162, 418-419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236, http:// en.wikipedia.org/wiki/Monitor_filter
Question 166:
A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).
A. Deploy a honeypot B. Disable unnecessary services C. Change default passwords D. Implement an application firewall E. Penetration testing
B. Disable unnecessary services C. Change default passwords
Question 167:
An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk?
A. (Threats X vulnerability X asset value) x controls gap B. (Threats X vulnerability X profit) x asset value C. Threats X vulnerability X control gap D. Threats X vulnerability X asset value
D. Threats X vulnerability X asset value Threats X vulnerability X asset value is equal to asset value (AV) times exposure factor (EF). This is used to calculate a risk. Incorrect Answers: A: This formula would calculate the loss expectancy over a particular period of time. B: Profit should first be realized prior to being incorporated into a formula to determine the total risk. C: Total risk calculation is not synonymous with loss expected over a particular period of time. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 5
Question 168:
An information bank has been established to store contacts, phone numbers and other records.
An application running on UNIX would like to connect to this index server using port 88. Which of the following authentication services would this use this port by default?
A. Kerberos B. TACACS+ C. Radius D. LDAP
A. Kerberos Kerberos makes use of port 88. Incorrect Answers: B: TACACS makes use of TCP port 49 by default. C: RADIUS makes use of various UDP ports. D: LDAP makes use of port 389. References: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question 169:
A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?
A. Visitor logs B. Firewall C. Hardware locks D. Environmental monitoring
C. Hardware locks Hardware security involves applying physical security modifications to secure the system(s) and preventing them from leaving the facility. Don't spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical security. Hardware security involves the use of locks to prevent someone from picking up and carrying out your equipment. Incorrect Answers: A: Visitor logs will only allow you to check access to the premises and not safeguard against those visitors that may carry equipment off the premises. B: A firewall will only safeguard your network from intruders over the network/wired or wireless. D: Environmental monitoring concerns safeguarding against events such as ware and flood damage, temperature and humidity control, fire warnings, etc. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 369-370
Question 170:
A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone's boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?
A. Zero-day B. Trojan C. Virus D. Rootkit
C. Virus A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are man-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs. Incorrect Answers: A: A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it --this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term "zero day" refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. A zero-day vulnerability is not described in this question. Therefore, this answer is incorrect. B: In computers, a Trojan is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus. A Trojan is not what is being described in this question. A Trojan is not what is described in this question. Therefore, this answer is incorrect. D: A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. A rootkit is not what is described in this question. Therefore, this answer is incorrect. References: http://www.webopedia.com/TERM/V/virus.html http://www.pctools.com/security-news/zero-day-vulnerability/
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.