CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 11:
Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?
A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP
D. LEAP A RADIUS server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys don't live long enough to be cracked). LEAP may be configured to use TKIP instead of dynamic WEP. Incorrect Answers: A: WPA2-PSK (Wireless Protected Access 2 Pre-shared Key) uses a pre-shared key for authentication. The pre-shared key is a `password' sometimes called the `network security key' that you enter when you connect to the wireless access point. It does not use a RADIUS server for authentication. B: WEP-PSK (Wireless Equivalent Privacy Pre-shared Key) uses a pre-shared key for authentication in the same way that WPA2-PSK does. The pre-shared key is a `password' sometimes called the `network security key' that you enter when you connect to the wireless access point. It does not use a RADIUS server for authentication. C: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol or simply CCMP (CCM mode Protocol) is an encryption protocol. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard. It was created to address the vulnerabilities presented by WEP, a dated, insecure protocol. However, it does not use a RADIUS server for authentication. References: http://en.wikipedia.org/wiki/Lightweight_Extensible_Authentication_Protocol
Question 12:
Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?
A. Least privilege B. Sandboxing C. Black box D. Application hardening
B. Sandboxing Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from being able to cause harm to production systems. Incorrect Answers: A: The principle of least privilege is used to ensure that users are only provided with the minimum privileges and permissions that allow them to perform their duties. C: Black box testing is a form of penetration testing in which the tester has absolutely no knowledge of the system or it how it functions. This simulates an attack from an outsider. It does not involve application isolation. D: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 153, 203, 204-205, 215-217, 459 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 82, 208, 221, 250
Question 13:
Which of the following is the BEST approach to perform risk mitigation of user access control rights?
A. Conduct surveys and rank the results. B. Perform routine user permission reviews. C. Implement periodic vulnerability scanning. D. Disable user accounts that have not been used within the last two weeks.
B. Perform routine user permission reviews. Risk mitigation is accomplished any time you take steps to reduce risk. This category includes installing antivirus software, educating users about possible threats, monitoring network traffic, adding a firewall, and so on. User permissions may be the most basic aspect of security and is best coupled with a principle of least privilege. And related to permissions is the concept of the access control list (ACL). An ACL is literally a list of who can access what resource and at what level. Thus the best risk mitigation steps insofar as access control rights are concerned, is the regular/routine review of user permissions. Incorrect Answers: A: Conducting a survey and ranking the results are part of assessing risk and not risk mitigation. C: A vulnerability scanner is a software application that checks your network for any known security holes; it's better to run one on your own network before someone outside the organization runs it against you. D: Disabling user accounts that have not been used within the last wo weeks may just be the user accounts of employees on mandatory vacations, depending on how long the leave period is. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 9-10, 220-221, 342-343
Question 14:
Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?
A. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing. B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high. C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities. D. MOUs between two companies working together cannot be held to the same legal standards as SLAs.
C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities. The Memorandum of Understanding This document is used in many settings in the information industry. It is a brief summary of which party is responsible for what portion of the work. For example, Company A may be responsible for maintaining the database server and Company B may be responsible for telecommunications. MOUs are not legally binding but they carry a degree of seriousness and mutual respect, stronger than a gentlemen's agreement. Often, MOUs are the first steps towards a legal contract. Incorrect Answers: A: Budgetary concerns would be too much detail for a MOU. B: MOUs are by no means a detailed description and strict policies. D: MOUs are not legally binding but they carry a degree of seriousness and mutual respect, stronger than a gentlemen's agreement. Often, MOUs are the first steps towards a legal contract. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 398
Question 15:
The server administrator has noticed that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment?
A. The administrator will need to deploy load balancing and clustering. B. The administrator may spend more on licensing but less on hardware and equipment. C. The administrator will not be able to add a test virtual environment in the data center. D. Servers will encounter latency and lowered throughput issues.
B. The administrator may spend more on licensing but less on hardware and equipment.
Question 16:
Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?
A. Design reviews B. Baseline reporting C. Vulnerability scan D. Code review
C. Vulnerability scan A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. Vulnerabilities include computer systems that do not have the latest security patches installed. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise. Incorrect Answers: A: A design review is not performed primarily to detect security threats on a network. Reviewing the design of a system or network can be performed for many reasons including performance, availability etc. whereas a vulnerability scan is performed specifically to discover security threats on a network. Therefore, this answer is incorrect. B: As the name implies, baseline reporting checks to make sure that things are operating status quo, and change detection is used to alert administrators when modifications are made. A changes-from-baseline report can be run to pinpoint security rule breaches quickly. This is often combined with gap analysis to measure the controls at a particular company against industry standards. Baseline reporting may alert the security administrator to any changes in the security posture compared to the original baseline configuration. However, a vulnerability scan is performed specifically to discover security threats on a network and is therefore a better answer. Therefore, this answer is incorrect. D: A code review is the process of reviewing the programming code in an application. It is not used to discover security threats on a network. Therefore, this answer is incorrect. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 345
Question 17:
Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly?
A. Protocol analyzer B. Baseline report C. Risk assessment D. Vulnerability scan
A. Protocol analyzer A Protocol Analyzer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a network. Capturing and analyzing the packets sent between applications on systems that are not communicating properly could help determine the cause of the issue. Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) from Microsoft and Wireshark (formerly Ethereal). Incorrect Answers: B: A baseline report compares the current status of network systems in terms of security updates, performance or other metrics to a predefined set of standards (the baseline). It is not used to troubleshoot communication issues between applications. Therefore, this answer is incorrect. C: A risk assessment is the process of evaluating threats and vulnerabilities to the network and/or I.T. infrastructure. It is not used to troubleshoot communication issues between two applications. Therefore, this answer is incorrect. D: A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment. It is not used to troubleshoot communication issues between two applications. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/Wireshark
Question 18:
Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?
A. Water base sprinkler system B. Electrical C. HVAC D. Video surveillance
C. HVAC HVAC refers to heating, ventilation and air-conditioning to allow for a zone-based environmental control measure. The fire-alarm system should ideally also be hooked up to the HVAC so that the HVAC can monitor the changes in heating and ventilation. Incorrect Answers: A: A water based sprinkler system is designed to extinguish a fire and not to prevent data loss. It can also cause extreme damage to computers and electrical equipment. B: Electrical systems are not designed to prevent the spread of fire. D: Video surveillance is used mainly as a deterrent and will not help to prevent the spread of fire. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 378-380
Question 19:
Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?
A. Patch management B. Application fuzzing C. ID badge D. Application configuration baseline
B. Application fuzzing Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. Incorrect Answers: A: Patch management is the process of maintaining the latest source code for applications and operating systems. This helps protect a systems from known attacks and vulnerabilities, but not from unknown vulnerabilities. C: An ID badge is an aspect of physical security. It is used to control physical access to facilities and areas in a facility. D: An Application configuration baseline defines the level of security that will be implemented and maintained for the application. A low baseline implements almost no security while a high baseline does not allow users to make changes to the application. References: http://en.wikipedia.org/wiki/Fuzz_testing Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 220 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 129, 229, 231-232
Question 20:
Which of the following protocols provides transport security for virtual terminal emulation?
A. TLS B. SSH C. SCP D. S/MIME
B. SSH Secure Shell (SSH) is a tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems. SSH also provides alternative, security-equivalent programs for such Unix standards as Telnet, FTP, and many other communications-oriented applications. SSH is available for use on Windows systems as well. This makes it the preferred method of security for Telnet and other cleartext oriented programs in the Unix environment. Incorrect Answers: A: TLS is used to provide a secure channel, not to establish a telnet connection. The Secure Socket Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network. C: Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. SCP is not used to establish a telnet connection. D: S/MIME is for e-mail and other electronic messaging applications, not for telnet connections. S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity, non-repudiation of origin (using digital signatures), privacy and data security (using encryption). References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 75, 76, 91, 270, 271
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.