Ensurepass

QUESTION 21

In a wireless network, which of the following components could cause too much coverage, too little coverage, and interference?

A. MAC filter

B. AP power levels

C. Phones or microwaves

D. SSID broadcasts

Correct Answer: B


QUESTION 22

Which of the following has a default port of 22?

A. SSH

B. FTP

C. TELNET

D. SCAP

Correct Answer: A


QUESTION 23

The public key is used to perform which of the following? (Select THREE).

A. Validate the CRL

B. Validate the identity of an email sender

C. Encrypt messages

D. Perform key recovery

E. Decrypt messages

F. Perform key escrow

Correct Answer: BCE


QUESTION 24

Pete, a network administrator, implements the spanning tree protocol on network switches. Which of the following issues does this address?

A. Flood guard protection

B. ARP poisoning protection

C. Loop protection

D. Trunking protection

Correct Answer: C


QUESTION 25

Matt, a security administrator, has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files, Matt should:

A. Require all visitors to the public web home page to create a username and password to view the pages in the website

B. Configure the web application firewall to send a reset packet to the incoming IP from where an attack or scan signature has been detected.

C. Create file hashes for website and critical system files, and compare the current file hashes to the baseline at regular time intervals.

D. Reboot the web server and database server nightly after the backup has been completed.

Correct Answer: C


QUESTION 26

Matt, the administrator, has been told to confirm what account an email was sent from. Which of the following is this an example of?

A. Surveillance

B. E-discovery

C. Chain of custody

D. Integrity

Correct Answer: B


QUESTION 27

Which of the following BEST describes a denial of service attack?

A. Sara, the attacker, attempts to have the receiving server run a payload using programming commonly found on web servers.

B. Sara, the attacker, overwhelms a system or application, causing it to crash and bring the server down to cause an outage.

C. Sara, the attacker, overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.

D. Sara, the attacker, attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.

Correct Answer: B


QUESTION 28

The Chief Information Officer (CIO) wants to protect laptop users from zero day attacks. Which of the following would BEST achieve the CIO’s goal?

A. Host based firewall

B. Host based IDS

C. Anti-virus

D. Anti-spyware

Correct Answer: A


QUESTION 29

Matt, a server administrator, sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does this describe?

A. Mandatory access control

B. Role based access control

C. Rule based access control

D. Discretionary access control

Correct Answer: A


QUESTION 30

Which of the following is a best practice when securing a switch from physical access?

A. Disable unnecessary accounts

B. Print baseline configuration

C. Enable access lists

D. Disable unused ports

Correct Answer: D


QUESTION 31

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. NIPS

B. HIDS

C. HIPS

D. NIDS

Correct Answer: A


QUESTION 32

Jane, an IT security technician working at a bank, has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?

A. Integrity

B. Confidentiality

C. Cost

D. Availability

Correct Answer: B


QUESTION 33

While Sara is logging into the server from her workstation, she notices Pete watching her enter the username and password. Which of the following social engineering attacks is Pete executing?

A. Impersonation

B. Tailgating

C. Piggybacking

D. Shoulder surfing

Correct Answer: D


QUESTION 34

The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?

A. Data integrity measurement

B. Network traffic analysis

C. Risk acceptance process

D. Continuous monitoring

Correct Answer: D


QUESTION 35

Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list. This is an example of which of the following?

A. Trojan virus

B. Botnet

C. Worm outbreak

D. Logic bomb

Correct Answer: C


QUESTION 36

Which of the following should Sara, a security technician, perform as the FIRST step when creating a

disaster recovery plan for a mission critical accounting system?

A. Implementing redundant systems

B. Removal of single points of failure

C. Succession planning

D. Business impact assessment

Correct Answer: D


QUESTION 37

Which of the following is the MOST secure protocol for Pete, an administrator, to use for managing network devices?

A. FTP

B. TELNET

C. FTPS

D. SSH

Correct Answer: D


QUESTION 38

Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?

A. Notify Computer Emergency Response Team (CERT) of the security breach to document it.

B. Take screenshots of the employee’s workstation.

C. Take hashes of the employee’s workstation.

D. Notify security to identify employee’s whereabouts.

Correct Answer: D


QUESTION 39

Which of the following activities should be completed in order to detect anomalies on a network?

A. Incident management

B. Change management

C. User permissions reviews

D. Log reviews

Correct Answer: D


QUESTION 40

Which of the following reduces the likelihood of a single point of failure when a server fails?

A. Clustering

B. Visualization

C. RAID

D. Cold site

Correct Answer: A

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.