Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!

CompTIA Security E2C

Question No: 231 – (Topic 3)

A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

  1. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.

  2. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.

  3. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.

  4. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

Answer: A

Question No: 232 – (Topic 3)

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that:

  1. HDD hashes are accurate.

  2. the NTP server works properly.

  3. chain of custody is preserved.

  4. time offset can be calculated.

Answer: D

Question No: 233 – (Topic 3)

While rarely enforced, mandatory vacation policies are effective at uncovering:

  1. Help desk technicians with oversight by multiple supervisors and detailed quality control systems.

  2. Collusion between two employees who perform the same business function.

  3. Acts of incompetence by a systems engineer designing complex architectures as a member of a team.

  4. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.

Answer: D

Question No: 234 – (Topic 3)

A company hires outside security experts to evaluate the security status of the corporate network. All of the company’s IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed?

  1. Penetration testing

  2. WAF testing

  3. Vulnerability scanning

  4. White box testing

Answer: C

Question No: 235 – (Topic 3)

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?

  1. Mandatory vacations

  2. Job rotation

  3. Least privilege

  4. Time of day restrictions

Answer: C

Question No: 236 – (Topic 3)

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

  1. Vishing

  2. Phishing

  3. Whaling

  4. SPAM

  5. SPIM

Answer: B

Question No: 237 – (Topic 3)

After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the

following is the term used to describe these markings?

  1. IV attack

  2. War dialing

  3. Rogue access points

  4. War chalking

Answer: D

Question No: 238 – (Topic 3)

The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available?

  1. Cloud computing

  2. Full disk encryption

  3. Data Loss Prevention

  4. HSM

Answer: A

Question No: 239 – (Topic 3)

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO).

  1. Recovery

  2. User assigned privileges

  3. Lockout

  4. Disablement

  5. Group based privileges

  6. Password expiration

  7. Password complexity

Answer: F,G

Question No: 240 – (Topic 3)

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network.

When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?

  1. Social engineering

  2. Steganography

  3. Hashing

  4. Digital signatures

Answer: B

100% Dumps4cert Free Download!
Download Free Demo:JK0-018 Demo PDF
100% Dumps4cert Pass Guaranteed!
Download 2018 Dumps4cert JK0-018 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Comments are closed.