Ensurepass.com : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JK0-022.html
CompTIA Academic/E2C Security Certification Exam Voucher Only
Question No: 11 – (Topic 1)
The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed?
-
Signature Based IDS
-
Heuristic IDS
-
Behavior Based IDS
-
Anomaly Based IDS
Answer: A Explanation:
A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats.
Question No: 12 – (Topic 1)
Which of the following is the MOST secure protocol to transfer files?
-
FTP
-
FTPS
-
SSH
-
TELNET
Answer: B Explanation:
FTPS refers to FTP Secure, or FTP SSL. It is a secure variation of File Transfer Protocol (FTP).
Question No: 13 – (Topic 1)
Which of the following offerings typically allows the customer to apply operating system patches?
-
Software as a service
-
Public Clouds
-
Cloud Based Storage
-
Infrastructure as a service
Answer: D Explanation:
Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.
Question No: 14 – (Topic 1)
An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?
-
Ethernet cable is damaged
-
The host firewall is set to disallow outbound connections
-
Network Access Control
-
The switch port is administratively shutdown
Answer: C Explanation:
Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.
Question No: 15 – (Topic 1)
An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points?
-
SSID broadcast
-
MAC filter
-
WPA2
-
Antenna placement
Answer: A Explanation:
Numerous networks broadcast their name (known as an SSID broadcast) to reveal their presence.
Question No: 16 – (Topic 1)
Which of the following protocols is used by IPv6 for MAC address resolution?
-
NDP
-
ARP
-
DNS
-
NCP
Answer: A Explanation:
The Neighbor Discovery Protocol (NDP) is a protocol in the Internet protocol suite used with Internet Protocol Version 6 (IPv6).
Question No: 17 – (Topic 1)
After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely.
Which of the following is the MOST likely reason the PC technician is unable to ping those devices?
-
ICMP is being blocked
-
SSH is not enabled
-
DNS settings are wrong
-
SNMP is not configured properly
Answer: A
Explanation:
ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked.
Question No: 18 – (Topic 1)
Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?
-
Spam filter
-
URL filter
-
Content inspection
-
Malware inspection
Answer: B Explanation:
The question asks how to prevent access to peer-to-peer file sharing websites. You access a website by browsing to a URL using a Web browser or peer-to-peer file sharing client software. A URL filter is used to block URLs (websites) to prevent users accessing the website.
Incorrect Answer:
A: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam according to the spam filter configuration. Spam filters do not prevent users accessing peer-to-peer file sharing websites.
C: Content inspection is the process of inspecting the content of a web page as it is downloaded. The content can then be blocked if it doesn’t comply with the company’s web policy. Content-control software determines what content will be available or perhaps more often what content will be blocked. Content inspection does not prevent users accessing peer-to-peer file sharing websites (although it could block the content of the sites as it is downloaded).
D: Malware inspection is the process of scanning a computer system for malware. Malware inspection does not prevent users accessing peer-to-peer file sharing websites.
References:
http://www.provision.ro/threat-management/web-application-security/url-filtering#pagei-
1|pagep-1|
Stewart, James Michael, CompTIA Security Review Guide, Sybex, Indianapolis, 2014, pp 18, 19.
Question No: 19 – (Topic 1)
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).
-
Spam filter
-
Load balancer
-
Antivirus
-
Proxies
-
Firewall
-
NIDS
-
URL filtering
Answer: D,E,G Explanation:
A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers.
Firewalls manage traffic using a rule or a set of rules.
A URL is a reference to a resource that specifies the location of the resource. A URL filter is used to block access to a site based on all or part of a URL.
Question No: 20 – (Topic 1)
A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices.
Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees’ devices are connected?
-
VPN
-
VLAN
-
WPA2
-
MAC filtering
Answer: B Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
100% Ensurepass Free Download!
–Download Free Demo:JK0-022 Demo PDF
100% Ensurepass Free Guaranteed!
–JK0-022 Dumps
EnsurePass | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF