CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 31:
Which of the following is mainly used for remote access into the network?
A. XTACACS B. TACACS+ C. Kerberos D. RADIUS
D. RADIUS Most gateways that control access to the network have a RADIUS client component that communicates with the RADIUS server. Therefore, it can be inferred that RADIUS is primarily used for remote access. Incorrect Answers: A: XTACACS has been replaced by RADIUS and TACACS+. B: The separate components of the TACACS+ protocol is segregated and handled on different servers, whereas the RADIUS protocol is centralized. This means that not only TACACS+ is used by the TACACS+ protocol for remote access. C: Kerberos is primarily used for the protection for logon credentials. References: http://en.wikipedia.org/wiki/RADIUS http://en.wikipedia.org/wiki/TACACS http://en.wikipedia.org/wiki/Kerberos_(protocol)
Question 32:
Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?
A. Email Encryption B. Steganography C. Non Repudiation D. Access Control
C. Non Repudiation Nonrepudiation prevents one party from denying actions they carried out. Incorrect Answers: A: Email encryption is used to protect privacy. B: Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. C: Access Control is used to govern which users have access to the email. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 248, 262, 414
Question 33:
Which of the following pseudocodes can be used to handle program exceptions?
A. If program detects another instance of itself, then kill program instance. B. If user enters invalid input, then restart program. C. If program module crashes, then restart program module. D. If user's input exceeds buffer length, then truncate the input.
C. If program module crashes, then restart program module. Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture all errors and exceptions that could cause the application or its modules to crash. Restarting the application or module would ensure that the application reverts back to a secure state. Incorrect Answers: A: Checking whether a program is running already is not a form of error or exception handling. B, D: These are examples of input validation. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 230,
Question 34:
A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs.
Which of the following should the administrator use to test the patching process quickly and often?
A. Create an incremental backup of an unpatched PC B. Create an image of a patched PC and replicate it to servers C. Create a full disk image to restore after each installation D. Create a virtualized sandbox and utilize snapshots
D. Create a virtualized sandbox and utilize snapshots Sandboxing is the process of isolating a system before installing new applications or patches on it so as to restrict the software from being able to cause harm to production systems. Before the patch is installed, a snapshot of the system should be taken. Snapshots are backups that can be used to quickly recover from poor updates, and errors arising from newly installed applications. Incorrect Answers: A, C: Creating a full disk image or an incremental backup to restore after each installation could prove useful but less efficient than using snapshots. B: Replicating a patched PC to all servers does not test the patch, and does not ensure quick recoverability should the patch cause the PC to crash. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 203, 204-205 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 208,
Question 35:
Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices?
A. Remote wiping enabled for all removable storage devices B. Full-disk encryption enabled for all removable storage devices C. A well defined acceptable use policy D. A policy which details controls on removable storage use
D. A policy which details controls on removable storage use
Question 36:
Which of the following is a best practice when securing a switch from physical access?
A. Disable unnecessary accounts B. Print baseline configuration C. Enable access lists D. Disable unused ports
D. Disable unused ports Disabling unused switch ports a simple method many network administrators use to help secure their network from unauthorized access. All ports not in use should be disabled. Otherwise, they present an open door for an attacker to enter. Incorrect Answers: A: Disabling unnecessary accounts would only block those specific accounts. B: A security baseline is a standardized minimal level of security that all systems in an organization must comply with. Printing it would not secure the switch from physical access. C: The purpose of an access list is to identify specifically who can enter a facility. References: http://orbit-computer-solutions.com/How-To-Configure-Switch-Security.php Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 60. Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 207.
Question 37:
When implementing fire suppression controls in a datacenter it is important to:
A. Select a fire suppression system which protects equipment but may harm technicians. B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. C. Integrate maintenance procedures to include regularly discharging the system. D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.
B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. Water-based systems can cause serious damage to all electrical equipment and the sprinkler lines in a fire suppression control system should be placed in such a way so as not to leak onto computers when it do get activated because it works with overhead nozzles. Incorrect Answers: A: A datacenter will require a fixed system fire suppression and this is usually water-based systems which works with sprinklers to suppress the fire should one occur. This a water-based system a hardly likely to harm the technicians. C: You would not want to discharge the water of a fire suppression system on a regular basis as it would mean that you may spill water over your equipment which can cause serious damage. D: Audible alarms will only server to warn people to evacuate and not safeguard the equipment. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 378
Question 38:
After encrypting all laptop hard drives, an executive officer's laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data.
Which of the following can be used to decrypt the information for retrieval?
A. Recovery agent B. Private key C. Trust models D. Public key
A. Recovery agent To access the data the hard drive need to be decrypted. To decrypt the hard drive you would need the proper private key. The key recovery agent can retrieve the required key. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. Incorrect Answers: B: The private key is not readily accessible. You would have to C: A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate. A trust model cannot recover keys. D: The public key cannot be used to decrypt the hard drive. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 262, 279-285, 285-289
Question 39:
A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs. Which of the following should the administrator use to test the patching process quickly and often?
A. Create an incremental backup of an unpatched PC B. Create an image of a patched PC and replicate it to servers C. Create a full disk image to restore after each installation D. Create a virtualized sandbox and utilize snapshots
D. Create a virtualized sandbox and utilize snapshots
Question 40:
While setting up a secure wireless corporate network, which of the following should Pete, an administrator, avoid implementing?
A. EAP-TLS B. PEAP C. WEP D. WPA
C. WEP WEP is one of the more vulnerable security protocols. The only time to use WEP is when you must have compatibility with older devices that do not support new encryption. Incorrect Answers: A, B: Extensible Authentication Protocol (EAP) provides a framework for authentication that is often used with wireless networks. Among the five EAP types adopted by the WPA/WPA2 standard are EAP-TLS, EAP-PSK, EAP-MD5, and two that you need to know for the exam: LEAP and PEAP. D: The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were designed to address the core, easy-to-crack problems of WEP. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 171, 181-182, 182-183, 258
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.