Ensurepass

QUESTION 41

Jane, a security administrator, wants to prevent users in sales from accessing their servers after 6:00 p.m., and prevent them from accessing accounting’s network at all times. Which of the following should Jane implement to accomplish these goals? (Select TWO).

A. Separation of duties

B. Time of day restrictions

C. Access control lists

D. Mandatory access control

E. Single sign-on

Correct Answer: BC


QUESTION 42

Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?

A. Entropy

B. Principle of least privilege

C. Non-repudiation

D. Code signing

Correct Answer: C


QUESTION 43

Which of the following protocols provides Pete, an administrator, with the HIGHEST level of security for device traps?

A. ICMP

B. SNMPv3

C. SSH

D. IPSec

Correct Answer: B


QUESTION 44

Jane has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Jane define with the vendor?

A. Mean time between failures

B. A warm recovery site

C. Mean time to restore

D. A hot recovery site

Correct Answer: C


QUESTION 45

Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?

A. Audit management

B. Mobile device management

C. Incident management

D. Change management

Correct Answer: D


QUESTION 46

To mitigate the adverse effects of network modifications, which of the following should Matt, the security administrator, implement?

A. Change management

B. Routine auditing

C. Incident management

D. Log auditing

Correct Answer: A


QUESTION 47

Jane, a security technician, wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?

A. PEAP

B. WPA2 personal

C. TKIP

D. CCMP

Correct Answer: A


QUESTION 48

Pete, a user, is having trouble dialing into the network from their house. The administrator checks the RADIUS server, the switch connected to the server, and finds that the switch lost configuration after a recent power outage. The administrator replaces the switch and is able to ping the switch, but not the RADIUS server. Which of the following is the MOST likely cause?

A. The switch needs to have QoS setup correctly.

B. Port security is not enabled on the switch.

C. VLAN mismatch is occurring.

D. The DMZ is not setup correctly

Correct Answer: C


QUESTION 49

Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?

A. VPN gateway

B. Router

C. Proxy server

D. Packet filtering firewall

Correct Answer: C


QUESTION 50

When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?

A. Trust models

B. CRL

C. CA

D. Recovery agent

Correct Answer: C


QUESTION 51

Sara, a security analyst, suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server’s IP address?

A. Port scanner

B. Telnet

C. Traceroute

D. Honeypot

Correct Answer: A


QUESTION 52

Which of the following is an improved version of the LANMAN hash?

A. LM2

B. NTLM

C. SHA

D. MD5

Correct Answer: B


QUESTION 53

Which of the following will help Matt, an administrator; mitigate the risk of static electricity?

A. Lightening rods

B. EMI shielding

C. Humidity controls

D. Temperature controls

Correct Answer: C


QUESTION 54

An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday.

Which of the following attacks does this describe?

A. Zero day

B. Directory traversal

C. Logic bomb

D. Session hijacking

Correct Answer: A


QUESTION 55

A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?

A. Re-image with a default OS

B. Physical destruction of the hard drive

C. Format drive using a different file system

D. Sanitization using appropriate software

Correct Answer: D


QUESTION 56

Which of the following techniques floods an application with data in an attempt to find vulnerabilities?

A. Header manipulation

B. Steganography

C. Input validation

D. Fuzzing

Correct Answer: D


QUESTION 57

Jane, a security administrator, has applied security labels to files and folders to manage and restrict

access. Which of the following is Jane using?

A. Mandatory access control

B. Role based access control

C. Implicit access control

D. Discretionary access control

Correct Answer: A


QUESTION 58

Sara, a user, on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?

A. Evil twin

B. Bluesnarfing

C. War chalking

D. Bluejacking

Correct Answer: A


QUESTION 59

When moving from an internally controlled environment to a fully outsourced infrastructure environment, such as cloud computing, it is MOST important to:

A. Implement mandatory access controls.

B. Ensure RAID 0 is implemented on servers.

C. Impose time of day restrictions across all services

D. Encrypt all confidential data.

Correct Answer: D


QUESTION 60

Which of the following would help Pete, an administrator, prevent access to a rogue access point connected to a switch?

A. Enable spanning tree protocol

B. Enable DHCP snooping

C. Disable VLAN trunking

D. Establish a MAC limit and age

Correct Answer: D

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.