CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 41:
A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?
A. Mandatory vacations B. Job rotation C. Least privilege D. Time of day restrictions
C. Least privilege A least privilege policy is to give users only the permissions that they need to do their work and no more. That is only allowing security administrators to be able to make changes to the firewall by practicing the least privilege principle. Incorrect Answers: A: A mandatory vacation policy requires all users to take time away from work to refresh. B: Job rotation is used to supply redundancy insofar as abilities are concerned so that the company is not at risk of any one administrator. But in this case least privilege is the best practice that should be followed. D: Time of Day restrictions allows you to configure an account to allow account validity for a set time period, but if the culprit is a network administrator then this configuration is within his/her account tights to modify. As the security administrator you should assign only the least privilege principle in this case. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 151-154
Question 42:
An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?
A. Unified Threat Management B. Virtual Private Network C. Single sign on D. Role-based management
A. Unified Threat Management When you combine a firewall with other abilities (intrusion prevention, antivirus, content filtering, etc.), what used to be called an all-in-one appliance is now known as a unified threat management (UTM) system. The advantages of combining everything into one include a reduced learning curve (you only have one product to learn), a single vendor to deal with, and--typically --reduced complexity. Incorrect Answers: B: A virtual private network (VPN) is a communication tunnel between two entities across an intermediary network. In most cases, the intermediary network is an untrusted network, such as the Internet, and therefore the communication tunnel is also encrypted. C: Single sign-on means that once a user (or other subject) is authenticated into a realm, they need not re-authenticate to access resources on any realm entity. D: Role-based management is best suited for environments with a high rate of employee turnover because access is defined against static job descriptions rather than transitive user accounts (DAC and ACL) or assigned clearances (MAC References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 119. Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 11, 280, 289.
Question 43:
A system administrator has noticed vulnerability on a high impact production server. A recent update was made available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which of the following steps should the system administrator implement to address the vulnerability?
A. Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes B. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes C. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes D. Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes
C. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes We have an update to apply to fix the vulnerability. The update should be tested first in a lab environment, not on the production server to ensure it doesn't cause any other problems with the server. After testing the update, we should backup the server to enable us to roll back any changes in the event of any unforeseen problems with the update. The question states that the server will require a reboot. This will result in downtime so you should schedule the downtime before installing the patch. After installing the update, you should monitor the server to ensure it is functioning correctly. Incorrect Answers: A: This answer is almost complete but is omits the step of backing up the server. We should backup the server to enable us to roll back any changes in the event of any unforeseen problems with the update. Therefore, this answer is incorrect. B: This answer is almost complete but is omits the step of rebooting the server. The question states that the update requires a reboot of the server. Therefore, this answer is incorrect. D: This answer omits the important step of testing the update. Updates should always be testing in a lab environment before being deployed to productions servers. Therefore, this answer is incorrect.
Question 44:
Mike, a user, states that he is receiving several unwanted emails about home loans. Which of the following is this an example of?
A. Spear phishing B. Hoaxes C. Spoofing D. Spam
D. Spam Spam is most often considered to be electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited email. However, if a long-lost brother finds your email address and sends you a message, this could hardly be called spam, even though it is unsolicited. Real spam is generally email advertising for some product sent to a mailing list or newsgroup. In addition to wasting people's time with unwanted e-mail, spam also eats up a lot of network bandwidth. Consequently, there are many organizations, as well as individuals, who have taken it upon themselves to fight spam with a variety of techniques. But because the Internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. However, some online services have instituted policies to prevent spammers from spamming their subscribers. There is some debate about why it is called spam, but the generally accepted version is that it comes from the Monty Python song, "Spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam". Like the song, spam is an endless repetition of worthless text. Another school of thought maintains that it comes from the computer group lab at the University of Southern California who gave it the name because it has many of the same characteristics as the lunch meat Spam: Nobody wants it or ever asks for it. No one ever eats it; it is the first item to be pushed to the side when eating the entree. Sometimes it is actually tasty, like 1% of junk mail that is really useful to some people. The term spam can also be used to describe any "unwanted" email from a company or website -- typically at some point a user would have agreed to receive the email via subscription list opt-in -- a newer term called graymail is used to describe this particular type of spam. Incorrect Answers: A: Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority. In this question, the emails are trying to sell home loans rather than trying to access confidential data. Therefore, this answer is incorrect. B: A hoax is something that makes a person believe that something is real when it is not. In this question, the emails are likely to be genuine in terms of selling home loans. Therefore, this answer is incorrect. C: There are several kinds of spoofing including email, caller ID, MAC address, and uniform resource locator (URL) spoof attacks. All types of spoofing are designed to imitate something or someone. Email spoofing (or phishing), used by dishonest advertisers and outright thieves, occurs when email is sent with falsified "From:" entry to try and trick victims that the message is from a friend, their bank, or some other legitimate source. Any email that claims it requires your password or any personal information could be a trick. In a caller ID attack, the spoofer will falsify the phone number he/she is calling from. In this question, the emails are likely to be genuine in terms of selling home loans and not from `spoofed' addresses. Therefore, this answer is incorrect. References: http://www.webopedia.com/TERM/S/spam.html http://searchsecurity.techtarget.com/definition/spear-phishing
Question 45:
A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees.
Which of the following is the BEST approach for implementation of the new application on the virtual server?
A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application. C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application.
C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. Snapshots are backups of virtual machines that can be used to quickly recover from poor updates, and errors arising from newly installed applications. However, the snapshot should be taken before the application or update is installed. Incorrect Answers: A: Snapshots are backups of virtual machines that can be used to quickly recover from poor updates, and errors arising from newly installed applications. However, the snapshot should be taken before, not after, the application or update is installed. B: A baseline report detailing all installed applications on the virtualized server after the new application is installed would not mitigate risk should the new application cause the system to crash. D: An exact backup of virtual machine can be used to recover from poor updates, and errors arising from newly installed applications. However, snapshot would allow for faster recover. Furthermore, the backup should be taken before, not after, the application or update is installed. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 203 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 208
Question 46:
Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not
understand the company's rules, and she wants to limit potential legal concerns.
Which of the following is the CTO concerned with?
A. Data ownership B. Device access control C. Support ownership D. Acceptable use
A. Data ownership
Question 47:
Which of the following provides additional encryption strength by repeating the encryption process with additional keys?
A. AES B. 3DES C. TwoFish D. Blowfish
B. 3DES Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and it's more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys). Incorrect Answers: A: Advanced Encryption Standard (AES) has replaced DES as the current standard, and it uses the Rijndael algorithm. It was developed by Joan Daemen and Vincent Rijmen. AES is the current product used by U.S. governmental agencies. It supports key sizes of 128, 192, and 256 bits, with 128 bits being the default. C: Twofish is quite similar to Blowfish and works on 128-bit blocks. D: Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits). References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 250, 251, 255-256
Question 48:
Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention B. Input validation C. CSRF prevention D. Cross-site scripting prevention
B. Input validation Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. Incorrect Answers: A: Buffer overflow is an exploit at programming error, bugs and flaws. It occurs when an application is fed more input data than it is programmed to handle. This may cause the application to terminate or to write data beyond the end of the allocated space in memory. The termination of the application may cause the system to send the data with temporary access to privileged levels in the system, while overwriting can cause important data to be lost. Proper error and exception handling and input validation will help prevent Buffer overflow exploits. C: XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application's trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user's knowledge. XSRF can be prevented by adding a randomization string (called a nonce) to each URL request and session establishment and checking the client HTTP request header referrer for spoofing. D: Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 257, 338 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 192, 197, 319, 320
Question 49:
Which of the following explains the difference between a public key and a private key?
A. The public key is only used by the client while the private key is available to all. Both keys are mathematically related. B. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related. C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption. D. The private key is only used by the client and kept secret while the public key is available to all.
D. The private key is only used by the client and kept secret while the public key is available to all. The private key must be kept secret at all time. The private key is only by the client. The public key is available to anybody. Incorrect Answers: A: The private key is only by the client, while the public key is used by all. B: You can use the private key to encrypt data. Then you would need to use the public key to decrypt it. C: The key pair, consisting of a private key and a public key, is used in asymmetric encryption and asymmetric decryption. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 279-285
Question 50:
All of the following are valid cryptographic hash functions EXCEPT:
A. RIPEMD. B. RC4. C. SHA-512. D. MD4.
B. RC4. RC4 is not a hash function. RC4 is popular with wireless and WEP/WPA encryption. Incorrect Answers: A: The RACE Integrity Primitives Evaluation Message Digest (RIPEMD) algorithm was based on MD4 hashing algorithm. C: The Secure Hash Algorithm (SHA) was designed to ensure the integrity of a message. SHA is a one-way hash that provides a hash value that can be used with an encryption protocol. This algorithm produces a 160-bit hash value. SHA-2 has several sizes: 224, 256, 334, and 512 bit. D: The Message Digest Algorithm (MD) also creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most common are MD5, MD4, and MD2. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 251, 255-256
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.