CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 51:
A team of firewall administrators have access to a `master password list' containing service account passwords. Which of the following BEST protects the master password list?
A. File encryption B. Password hashing C. USB encryption D. Full disk encryption
A. File encryption File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form using the user's public key on the encrypted file. Incorrect Answers: B: Hashing is a form of cryptography that produces a unique identifier known as a hash value. This hash value serves as an ID code to detect when the original data source has been altered. It, however, does not prevent access to the data. C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is used to encrypt the data on the USB device, ensuring that the data cannot be accessed in a useable form should the device be stolen or misplaced. D: Full-disk encryption encrypts the data on the hard drive of the device. This feature ensures that the data cannot be accessed in a useable form should the device be stolen or misplaced. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 251- 252, 255, 315-316
Question 52:
A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?
A. Driving a van full of Micro SD cards from data center to data center to transfer data B. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN C. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN D. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server
B. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN A virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. They provide security for both authentication and data transmission through a process called encapsulation. Secure Sockets Layer (SSL) can be used to exchange the VPN keys securely. SSL is used to establish secure TCP communication between two machines by encrypting the communication. Incorrect Answers: A: The data centers are geographically distributed across multiple continents. This makes it difficult to transport the data by driving a van. C: Symmetrical keys are rendered useless when the key is stolen as the same key is used for encryption and decryption. D. PKI can be used to encrypt the data but transferring the data via FTP or a cloud server is not advisable. FTP is inherently insecure while cloud servers are used for storage. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 45, 304-305, 310-311 http://www.networkworld.com/article/2263539/compliance/vpn-security----do-you-know-where- your-keys-are-.html
Question 53:
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?
A. Logic bomb B. Worm C. Trojan D. Adware
C. Trojan In computers, a Trojan is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus. Incorrect Answers: A: A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files should they ever be terminated from the company. B: A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. A computer worm is not what is described in this question. Therefore, this answer is incorrect. D: Adware is free software that is supported by advertisements. Common adware programs are toolbars that sit on your desktop or work in conjunction with your Web browser. They include features like advanced searching of the Web or your hard drive and better organization of your bookmarks and shortcuts. Adware can also be more advanced programs such as games or utilities. They are free to use, but require you to watch advertisements as long as the programs are open. Since the ads often allow you to click to a Web site, adware typically requires an active Internet connection to run. Most adware is safe to use, but some can serve as spyware, gathering information about you from your hard drive, the Web sites you visit, or your keystrokes. Spyware programs can then send the information over the Internet to another computer. So be careful what adware you install on your computer. Make sure it is from a reputable company and read the privacy agreement that comes with it. Adware is not what is described in this question. Therefore, this answer is incorrect. References: http://searchsecurity.techtarget.com/definition/Trojan-horse http://en.wikipedia.org/wiki/Logic_bomb http://techterms.com/definition/adware http://en.wikipedia.org/wiki/Computer_worm
Question 54:
Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of.
A. Scarcity B. Familiarity C. Intimidation D. Trust
A. Scarcity Scarcity, in the area of social psychology, works much like scarcity in the area of economics. Simply put, humans place a higher value on an object that is scarce, and a lower value on those that are abundant. The thought that we, as humans, want something we cannot have drives us to desire the object even more. This idea is deeply embedded in the intensely popular, "Black Friday" shopping extravaganza that U.S. consumers participate in every year on the day after Thanksgiving. More than getting a bargain on a hot gift idea, shoppers thrive on the competition itself, in obtaining the scarce product. In this question, people want the brand new latest version of a smartphone. The temptation of being one of the first to get the new phone will tempt people into clicking the link in the email. Incorrect Answers: B: Familiarity is a generic feeling in which a situation, event, place, person or object directly provokes a subjective feeling of recognition which we then believe to be a memory. As a result, we recognize "it". In this question, the temptation is a new smartphone. Familiarity with the older model of the smartphone might make the new model desirable. However, the scarcity of the new phone makes it more desirable and so more tempting to click the link. Therefore, this answer is incorrect. C: If the users were being threatened to force them to click the link that would be intimidation. However, the users are being tempted to click the link due to the scarcity of the new smartphone. Therefore, this answer is incorrect. D: This is not an example of trust. The users may trust the source of the email but it's the scarcity of the new smartphone that makes it more desirable and so more tempting for the users to click the link. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/Scarcity_%28social_psychology%29
Question 55:
Which of the following ports is used to securely transfer files between remote UNIX systems?
A. 21 B. 22 C. 69 D. 445
B. 22 SCP copies files securely between hosts on a network. It uses SSH for data transfer, and uses the same authentication and provides the same security as SSH. Unlike RCP, SCP will ask for passwords or passphrases if they are needed for authentication. SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Incorrect Answers: A: Port 21 is used by FTP. C: Port 69 is used by TFTP. D: Port 445 is used by Microsoft-DS. References: http://www.computerhope.com/unix/scp.htm Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question 56:
Input validation is an important security defense because it:
A. rejects bad or malformed data. B. enables verbose error reporting. C. protects mis-configured web servers. D. prevents denial of service attacks.
A. rejects bad or malformed data. Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. Incorrect Answers: B: Error reporting is implemented through proper error and exception handling. It is not accomplished by input validation. C: Input validation is not a defence against a mis-configured system. D: Denial of Service (DoS) attacks web-based attacks that exploit flaws in the operating system, applications, services, or protocols. These attacks can be mitigated by means of firewalls, routers, and intrusion detection systems (IDSs) that detect DoS traffic, disabling echo replies on external systems, disabling broadcast features on border systems, blocking spoofed packets on the network, and proper patch management. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 257, 343 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 170- 172, 230, 319
Question 57:
A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?
A. $7,000 B. $10,000 C. $17,500 D. $35,000
C. $17,500 SLE ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence. SLE =($4000 + $3000) x 5 = $35000 ARO = 2 years Thus per year it would be 50% = 0,5 The ALE is thus $35000 x 0.5 = $17500 Incorrect Answers: A: $7000 would be the SLE if there was only one server to consider. B: A $10000 amount is ignoring the downtime costs that will be incurred. D: A $35000 amount assumes that the servers must be replaced every year, and not every second year. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 5-6
Question 58:
Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?
A. Spam filter B. URL filter C. Content inspection D. Malware inspection
B. URL filter The question asks how to prevent access to peer-to-peer file sharing websites. You access a website by browsing to a URL using a Web browser or peer-to-peer file sharing client software. A URL filter is used to block URLs (websites) to prevent users accessing the website. Incorrect Answer: A: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam according to the spam filter configuration. Spam filters do not prevent users accessing peer-to-peer file sharing websites. C: Content inspection is the process of inspecting the content of a web page as it is downloaded. The content can then be blocked if it doesn't comply with the company's web policy. Content- control software determines what content will be available or perhaps more often what content will be blocked. Content inspection does not prevent users accessing peer-to-peer file sharing websites (although it could block the content of the sites as it is downloaded). D: Malware inspection is the process of scanning a computer system for malware. Malware inspection does not prevent users accessing peer-to-peer file sharing websites. References: http://www.provision.ro/threat-management/web-application-security/url-filtering#pagei-1| pagep-1| Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 18, 19.
Question 59:
Sara, a hacker, is completing a website form to request a free coupon. The site has a field that limits the request to 3 or fewer coupons. While submitting the form, Sara runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?
A. SQL injection B. XML injection C. Packet sniffer D. Proxy
B. XML injection When a web user takes advantage of a weakness with SQL by entering values that they should not, it is known as a SQL injection attack. Similarly, when the user enters values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a similar manner to SQL, except that it does not have the same levels of access control, and taking advantage of weaknesses within can return entire documents. The best way to prevent XML injection attacks is to filter the user's input and sanitize it to make certain that it does not cause XPath to return more data than it should. Incorrect Answers: A: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Being a web based form, it is more likely that XML was used rather than SQL. Therefore, this answer is incorrect. C: Packet sniffing is the process of intercepting data as it is transmitted over a network. A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to a local area network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This doesn't generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. Packet sniffing is not used for modifying data; it only reads it. Therefore this answer is incorrect. D: A proxy server is often used to filter web traffic. It is not used to modify the content of HTTP POST commands. Therefore this answer is incorrect. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 337 http://en.wikipedia.org/wiki/SQL_injection
Question 60:
A security engineer is asked by the company's development team to recommend the most secure method for password storage. Which of the following provide the BEST protection against brute forcing stored passwords? (Select TWO).
A. PBKDF2 B. MD5 C. SHA2 D. Bcrypt E. AES F. CHAP
A. PBKDF2 D. Bcrypt A: PBKDF2 (Password-Based Key Derivation Function 2) is part of PKCS #5 v. 2.01. It applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key. D: bcrypt is a key derivation function for passwords based on the Blowfish cipher. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power. The bcrypt function is the default password hash algorithm for BSD and many other systems. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 109-110, 139, 143, 250, 255-256, 256
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.