CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 971:
Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?
A. Bollards B. Video surveillance C. Proximity readers D. Fencing
B. Video surveillance
Question 972:
Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective?
A. CHAP B. SAML C. Kerberos D. Diameter
D. Diameter Diameter is an authentication, authorization, and accounting protocol that replaces the RADIUS protocol. Diameter Applications extend the base protocol by including new commands and/or attributes, such as those for use of the Extensible Authentication Protocol (EAP). Incorrect Answers: A: CHAP is a non-EAP authentication mechanism. B: Security Assertion Markup Language (SAML) is an open-standard data format based on XML, it is not an authentication protocol. C: Kerberos makes use of encryption keys as tickets with time stamps to prove identity and grant access to resources. Kerberos does not make use of EAP. References: http://en.wikipedia.org/wiki/Diameter_(protocol) http://tools.ietf.org/html/rfc3748 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 275.
Question 973:
It has been discovered that students are using kiosk tablets intended for registration and scheduling to play games and utilize instant messaging. Which of the following could BEST eliminate this issue?
A. Device encryption B. Application control C. Content filtering D. Screen-locks
B. Application control
Question 974:
Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers?
A. SSL B. TLS C. HTTP D. FTP
B. TLS Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have them enabled by default. Incorrect Answers: A: As of 2014 the 3.0 version of SSL is considered insecure as it is vulnerable to the POODLE attack that affects all block ciphers in SSL; and RC4, the only non- block cipher supported by SSL 3.0, is also feasibly broken as used in SSL 3.0. B: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is not a transport protocol. D: The File Transfer Protocol (FTP) is not a transport layer protocol. FTP is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 75, 268-269
Question 975:
Which of the following is a best practice for error and exception handling?
A. Log detailed exception but display generic error message B. Display detailed exception but log generic error message C. Log and display detailed error and exception messages D. Do not log or display error or exception messages
A. Log detailed exception but display generic error message A detailed explanation of the error is not helpful for most end users but might provide information that is useful to a hacker. It is therefore better to display a simple but helpful message to the end user and log the detailed information to an access-restricted log file for the administrator and programmer who would need as much information as possible about the problem in order to rectify it. Incorrect Answers: B, C, D: The programmer would need as much information as possible about the problem in order to rectify it. However, a detailed explanation of the error should not be displayed to the end user as this information might be useful to a hacker. Therefore, a detailed explanation should be logged and a generic message should be displayed to the end user. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 219 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 230
Question 976:
In PKI, a key pair consists of: (Select TWO).
A. A key ring B. A public key C. A private key D. Key escrow E. A passphrase
B. A public key C. A private key In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key. The key pair consists of these two keys. Incorrect Answers: A: There is no concept of key ring within a Public-Key Infrastructure. D: A key escrow is not included in a PKI key pair. Key escrow) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. E: A PKI key pair contains two keys, and does not include a passhrase. A passphrase is a sequence of words or other text used to control access to a computer system, program or data. Passphrases are particularly applicable to systems that use the passphrase as an encryption key. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 140, 262, 279-285 http://en.wikipedia.org/wiki/Keyring_%28cryptography%29
Question 977:
Which of the following would be used when a higher level of security is desired for encryption key storage?
A. TACACS+ B. L2TP C. LDAP D. TPM
D. TPM Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system's motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. Incorrect Answers: A: Terminal Access Controller Access-Control System (TACACS) is an authentication and authorization system that accepts credentials from multiple methods, including Kerberos. It is used in client/server network environments to control access. It does not provide higher levels of security for encryption key storage. B: Layer 2 Tunneling Protocol (L2TP) is a used to create a channel for netwrk communication between two systems. However, it does not secure the data transmitted over the channel. It does not provide higher levels of security for encryption key storage. C: Lightweight Directory Access Protocol (LDAP) is a directory access protocol that allows queries to run against the directory's database. It does not provide higher levels of security for encryption key storage. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 144, 146, 147, 237
Question 978:
A way to assure data at-rest is secure even in the event of loss or theft is to use:
A. Full device encryption. B. Special permissions on the file system. C. Trusted Platform Module integration. D. Access Control Lists.
A. Full device encryption. Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. Incorrect Answers: B: Permissions on the file system define the level of access logged on users have to files and folders. However, should an unauthorized user gain access to an authorized user's user account, they would gain access to the files and folders. C: Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system's motherboard. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. D: Access Control Lists (ACLs) define the level of access logged on users have to resources. However, should an unauthorized user gain access to an authorized user's user account, they would gain access to the data. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 156, 237, 418-419 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236,
Question 979:
A server is configured to communicate on both VLAN 1 and VLAN 12. VLAN 1 communication works fine, but VLAN 12 does not. Which of the following MUST happen before the server can communicate on VLAN 12?
A. The server's network switch port must be enabled for 802.11x on VLAN 12. B. The server's network switch port must use VLAN Q-in-Q for VLAN 12. C. The server's network switch port must be 802.1q untagged for VLAN 12. D. The server's network switch port must be 802.1q tagged for VLAN 12.
D. The server's network switch port must be 802.1q tagged for VLAN 12.
Question 980:
A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted. Which of the following types of malware is on Ann's workstation?
A. Trojan B. Spyware C. Adware D. Ransomware
D. Ransomware Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. Some forms of ransomware encrypt files on the system's hard drive), while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan like a conventional computer worm, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program will then run a payload: such as one that will begin to encrypt personal files on the hard drive. More sophisticated ransomware may hybrid-encrypt the victim's plaintext with a random symmetric key and a fixed public key. The malware author is the only party that knows the needed private decryption key. Some ransomware payloads do not use encryption. In these cases, the payload is simply an application designed to restrict interaction with the system, typically by setting the Windows Shell to itself, or even modifying the master boot record and/or partition table (which prevents the operating system from booting at all until it is repaired) Ransomware payloads utilize elements of scareware to extort money from the system's user. The payload may, for example, display notices purportedly issued by companies or law enforcement agencies which falsely claim that the system had been used for illegal activities, or contains illegal content such as pornography and pirated software or media. Some ransomware payloads imitate Windows' product activation notices, falsely claiming that their computer's Windows installation is counterfeit or requires re-activation. These tactics coax the user into paying the malware's author to remove the ransomware, either by supplying a program which can decrypt the files, or by sending an unlock code that undoes the changes the payload has made. Incorrect Answers: A: In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus. A Trojan is not what is being described in this question. Therefore, this answer is incorrect. B: Spyware is software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. "Spyware" is mostly classified into four types: system monitors, trojans, adware, and tracking cookies. Spyware is mostly used for the purposes of tracking and storing Internet users' movements on the Web and serving up pop-up ads to Internet users. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. Spyware is not what is described in this question. Therefore, this answer is incorrect. C: Adware is free software that is supported by advertisements. Common adware programs are toolbars that sit on your desktop or work in conjunction with your Web browser. They include features like advanced searching of the Web or your hard drive and better organization of your bookmarks and shortcuts. Adware can also be more advanced programs such as games or utilities. They are free to use, but require you to watch advertisements as long as the programs are open. Since the ads often allow you to click to a Web site, adware typically requires an active Internet connection to run. Adware is not what is described in this question. Therefore, this answer is incorrect. References: http://en.wikipedia.org/wiki/Ransomware http://techterms.com/definition/adware http://en.wikipedia.org/wiki/Spyware http://searchsecurity.techtarget.com/definition/Trojan-horse
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.