JK0-022 Exam Details

  • Exam Code
    :JK0-022
  • Exam Name
    :CompTIA Security+ Certification
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :1149 Q&As
  • Last Updated
    :Feb 05, 2025

CompTIA JK0-022 Online Questions & Answers

  • Question 241:

    A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?

    A. RADIUS
    B. TACACS+
    C. Kerberos
    D. LDAP

  • Question 242:

    A network administrator has recently updated their network devices to ensure redundancy is in place so that:

    A. switches can redistribute routes across the network.
    B. environmental monitoring can be performed.
    C. single points of failure are removed.
    D. hot and cold aisles are functioning.

  • Question 243:

    A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?

    A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.
    B. The supervisor should be removed from the human resources group and added to the accounting group.
    C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
    D. The supervisor should only maintain membership in the human resources group.

  • Question 244:

    A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect's emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered.

    Which of the following is occurring?

    A. The user is encrypting the data in the outgoing messages.
    B. The user is using steganography.
    C. The user is spamming to obfuscate the activity.
    D. The user is using hashing to embed data in the emails.

  • Question 245:

    The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO's direction but has mandated that key authentication systems be run within the organization's network. Which of the following would BEST meet the CIO and CRO's requirements?

    A. Software as a Service
    B. Infrastructure as a Service
    C. Platform as a Service
    D. Hosted virtualization service

  • Question 246:

    A security analyst discovered data such as images and word documents hidden within different types of files. Which of the following cryptographic concepts describes what was discovered?

    A. Symmetric encryption
    B. Non-repudiation
    C. Steganography
    D. Hashing

  • Question 247:

    Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?

    A. RIPEMD
    B. MD5
    C. SHA
    D. HMAC

  • Question 248:

    Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

    A. Interference
    B. Man-in-the-middle
    C. ARP poisoning
    D. Rogue access point

  • Question 249:

    Which of the following is the MOST intrusive type of testing against a production system?

    A. White box testing
    B. War dialing
    C. Vulnerability testing
    D. Penetration testing

  • Question 250:

    A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but it is marked "Internal Proprietary Information". Which of the following should the user do NEXT?

    A. Contact their manager and request guidance on how to best move forward
    B. Contact the help desk and/or incident response team to determine next steps
    C. Provide the requestor with the email information since it will be released soon anyway
    D. Reply back to the requestor to gain their contact information and call them

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.