CompTIA JK0-022 Online Practice
Questions and Exam Preparation
JK0-022 Exam Details
Exam Code
:JK0-022
Exam Name
:CompTIA Security+ Certification
Certification
:CompTIA Security+
Vendor
:CompTIA
Total Questions
:1149 Q&As
Last Updated
:Feb 05, 2025
CompTIA JK0-022 Online Questions &
Answers
Question 981:
Which of the following security concepts can prevent a user from logging on from home during the weekends?
A. Time of day restrictions B. Multifactor authentication C. Implicit deny D. Common access card
A. Time of day restrictions Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours when oversight and monitoring can be performed to prevent fraud, abuse, or intrusion. Incorrect Answers: B: Multifactor authentication requires a user to supply two or more authentication factors in order to prove their identity. This would not be restricted to weekends only. C: Implicit deny says that if you aren't explicitly granted access or privileges for a resource, you're denied access by default. If this is true, time of the week will not be a factor. D: Common Access Cards (CACs) are smart cards used by the U.S. government and military to physically access facilities. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 280- 284.
Question 982:
A security technician is working with the network firewall team to implement access controls at the company's demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?
A. Rule based access control B. Role based access control C. Discretionary access control D. Mandatory access control
A. Rule based access control Rule-based access control is used for network devices, such as firewalls and routers, which filter traffic based on filtering rules. Incorrect Answers: B: Basically, Role-based Access Control is based on a user's job description. C: Discretionary access control (DAC) allows access to be granted or restricted by an object's owner based on user identity and on the discretion of the object owner. D: Mandatory Access Control allows access to be granted or restricted based on the rules of classification. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 278- 284.
Question 983:
A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates.
Which of the following processes could MOST effectively mitigate these risks?
A. Application hardening B. Application change management C. Application patch management D. Application firewall review
C. Application patch management The question states that operating system updates are applied but not other software updates. The `other software' in this case would be applications. Software updates includes functionality updates and more importantly security updates. The process of applying software updates or `patches' to applications is known as `application patch management'. Application patch management is an effective way of mitigating security risks associated with software applications. Incorrect Answers: A: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services. B: Application change management is the processing of managing any changes to an application. It can include updating an application by applying patches but it also commonly includes making any configuration change in the application. D: Application firewall review is the process of reviewing the configuration of a software based firewall. The configuration under review is typically who can access the system and from where the system can be accessed. It does not include the installation of application patches. References: http://www.techopedia.com/definition/24833/hardening Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215-217
Question 984:
Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host?
A. TCP port 443 and IP protocol 46 B. TCP port 80 and TCP port 443 C. TCP port 80 and ICMP D. TCP port 443 and SNMP
B. TCP port 80 and TCP port 443 HTTP and HTTPS, which uses TCP port 80 and TCP port 443 respectively, is necessary for Communicating with Web servers. It should therefore be allowed through the firewall. Incorrect Answers: A: IP protocol 46 was designed to reserve resources across a network for an integrated services Internet. C: Internet Control Message Protocol (ICMP) is a network health and link-testing protocol that is commonly used by tools such as ping, traceroute, and pathping. D: SNMP can be used to interact with various network devices to obtain status information, performance data, statistics, and configuration details. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 46, 47, 52.
Question 985:
In order to secure additional budget, a security manager wants to quantify the financial impact of a one- time compromise. Which of the following is MOST important to the security manager?
A. Impact B. SLE C. ALE D. ARO
B. SLE
Question 986:
Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?
A. A host-based intrusion prevention system B. A host-based firewall C. Antivirus update system D. A network-based intrusion detection system
B. A host-based firewall A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. Incorrect Answers: A: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host computer system. It is used to monitor the machine logs, system events, and application activity for signs of intrusion. A HIPS is not used to block ports. C: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources. D: A network-based IDS (NIDS) is an intrusion detection system that scans network traffic in real time and is useful for detecting network-based attacks originating from outside the organization. However, a NIDS is not used to block ports. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 111-112, 116-117, 161-162 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 1316, 246
Question 987:
Which of the following defines a business goal for system restoration and acceptable data loss?
A. MTTR B. MTBF C. RPO D. Warm site
C. RPO The recovery point objective (RPO) defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). This is an essential business goal insofar as system restoration and acceptable data loss is concerned. Incorrect Answers: A: The mean time to restore (MTTR) is the measurement of how long it takes to repair a system or component once a failure occurs. This means it has to do with TIME lost not data loss restoration per se. B: The mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component. This measurement determines the component's anticipated lifetime. This is thus also a TIME issue. D: A warm site provides some of the capabilities of a hot site; it must provide computer systems and compatible media capabilities. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 9, 444
Question 988:
Which of the following application security testing techniques is implemented when an automated system generates random input data?
A. Fuzzing B. XSRF C. Hardening D. Input validation
A. Fuzzing Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. Incorrect Answers: B: XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application's trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user's knowledge. C: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services. D: Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. References: http://en.wikipedia.org/wiki/Fuzz_testing http://en.wikipedia.org/wiki/Cross-site_request_forgery http://en.wikipedia.org/wiki/Hardening_%28computing%29 Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 335 Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 229,
Question 989:
Which of the following can be used to mitigate risk if a mobile device is lost?
A. Cable lock B. Transport encryption C. Voice encryption D. Strong passwords
D. Strong passwords Passwords are the most likely mechanism that can be used to mitigate risk when a mobile device is lost. A strong password would be more difficult to crack. Incorrect Answers: A: Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. B: Transport encryption is a mechanism used to encrypt network communications in which only the payload is encrypted. C: Voice encryption is used to protect audio (voice) transmission. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 249, 369, 407
Question 990:
Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?
A. To ensure proper use of social media B. To reduce organizational IT risk C. To detail business impact analyses D. To train staff on zero-days
B. To reduce organizational IT risk Ideally, a security awareness training program for the entire organization should cover the following areas: Importance of security Responsibilities of people in the organization Policies and procedures Usage policies Account and password-selection criteria Social engineering prevention You can accomplish this training either by using internal staff or by hiring outside trainers. This type of training will significantly reduce the organizational IT risk. Incorrect Answers: A: Proper use of social media would just be one aspect of risk awareness that should be provided. C: A business Impact analysis is part of the Business Continuity planning which is primarily a management tool and not for all users and organizational staff. D: Zero days refers to the type of attack impact after an incident occurred and this would be too late to provide user awareness it would be after the fact. References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 399-401
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your JK0-022 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.