Ensurepass

QUESTION 201

Jane, a security administrator, has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?

A. Implementing configuration hardening

B. Implementing configuration baseline

C. Implementing due diligence

D. Deploying and using a trusted OS

Correct Answer: D


QUESTION 202

Which of the following open standards should Pete, a security administrator, select for remote authentication of users?

A. TACACS

B. RADIUS

C. WPA2

D. RIPEMD

Correct Answer: B


QUESTION 203

Matt, a system administrator, wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?

A. RAID 5 and a storage area network

B. Two striped drives and clustering

C. Two mirrored drives and clustering

D. RAID 0 and load balancing

Correct Answer: A


QUESTION 204

Which of the following malware types is MOST commonly associated with command and control?

A. Rootkits

B. Logic bombs

C. Botnets

D. Backdoors

Correct Answer: C


QUESTION 205

Which of the following security chips does BitLocker utilize?

A. BIOS

B. CPU

C. CMOS

D. TPM

Correct Answer: D


QUESTION 206

While performing basic forensic analysis of a hard drive in Sara’s, the security administrator, possession, which of the following should be verified during the analysis?

A. Witness statements

B. Image hashes

C. Chain of custody

D. Order of volatility

Correct Answer: B


QUESTION 207

Which of the following policies is implemented in order to minimize data loss or theft?

A. PII handling

B. Password policy

C. Chain of custody

D. Zero day exploits

Correct Answer: A


QUESTION 208

Which of the following allows Pete, a security technician, to prevent email traffic from entering the company servers?

A. IDS

B. URL filtering

C. VPN concentrators

D. Spam filter

Correct Answer: D


QUESTION 209

Which of the following should be implemented to secure Pete’s, a network administrator, day-to- day maintenance activities? (Select TWO).

A. TFTP

B. Telnet

C. TACACS+

D. FTP

E. SSH

Correct Answer: CE


QUESTION 210

When integrating source material from an open source project into a highly secure environment, which of the following precautions should prevent hidden threats?

A. Design review

B. Code review

C. Risk assessment

D. Vulnerability scan

Correct Answer: B


QUESTION 211

Which of the following can Sara, a security administrator, implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?

A. Private key rings

B. Trust models

C. Registration

D. Key escrow

Correct Answer: D


QUESTION 212

An administrator responsible for building and validating security configurations is a violation of which of the following security principles?

A. Least privilege

B. Job rotation

C. Separation of duties

D. Best business practices

Correct Answer: C


QUESTION 213

Sara, a network security administrator, has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication, with passwords being changed every week. Which of the following security protocols would meet this goal in the MOST secure manner?

A. WPA CCMP

B. WPA PSK

C. WPA2-CCMP

D. WPA2-PSK

Correct Answer: D


QUESTION 214

Which of the following are security relevant policies? (Select THREE)

A. Information classification policy

B. Network access policy

C. Data security standard

D. Procurement policy

E. Domain name policy

F. Auditing and monitoring policy

G. Secure login process

Correct Answer: ABF


QUESTION 215

Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?

A. Exception handling

B. Adware

C. Cross-site request forgery

D. Cross-site scripting

Correct Answer: D


QUESTION 216

Which of the following network solutions would BEST allow Jane, a security technician, to host an extranet application for her company?

A. Platform as a Service

B. Infrastructure as a Service

C. Storage as a Service

D. Software as a Service

Correct Answer: D


QUESTION 217

Jane, a VPN administrator, was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Jane select for the tunnel encryption?

A. Blowfish

B. DES

C. SHA256

D. HMAC

Correct Answer: A


QUESTION 218

Which of the following could Sara, an administrator, use in a workplace to remove sensitive data at rest from the premises?

A. Network sniffer

B. Personally owned devices

C. Vulnerability scanner

D. Hardware locks

Correct Answer: B


QUESTION 219

Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?

A. Mandatory vacations

B. Collusion

C. Time of day restrictions

D. Least privilege

Correct Answer: A


QUESTION 220

Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?

A. Failsafe

B. Congestion

C. Fuzzing

D. Disaster recovery

Correct Answer: A

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.