Ensurepass

QUESTION 421

Which of the following can be used to mitigate risk if a mobile device is lost?

A. Cable lock

B. Transport encryption

C. Voice encryption

D. Strong passwords

Correct Answer: D


QUESTION 422

Which of the following should the security administrator do when taking a forensic image of a hard drive?

A. Image the original hard drive, hash the image, and analyze the original hard drive.

B. Copy all the files from the original into a separate hard drive, and hash all the files.

C. Hash the original hard drive, image the original hard drive, and hash the image.

D. Image the original hard drive, hash the original hard drive, and analyze the hash.

Correct Answer: C


QUESTION 423

A marketing employee requests read and write permissions to the finance department’s folders. The security administrator partially denies this request and only gives the marketing employee read-only permissions. This is an example of which of the following?

A. Job rotation

B. Separation of duties

C. Least privilege

D. Change management

Correct Answer: C


QUESTION 424

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

A. HIDS

B. Firewall

C. NIPS

D. Spam filter

Correct Answer: C


QUESTION 425

An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

A. it is being caused by the presence of a rogue access point.

B. it is the beginning of a DDoS attack.

C. the IDS has been compromised.

D. the internal DNS tables have been poisoned.

Correct Answer: B


QUESTION 426

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

A. War dialing

B. War chalking

C. War driving

D. Bluesnarfing

Correct Answer: A


QUESTION 427

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

A. Evil twin

B. DNS poisoning

C. Vishing

D. Session hijacking

Correct Answer: B


QUESTION 428

An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?

A. CRL

B. Non-repudiation

C. Trust models

D. Recovery agents

Correct Answer: B


QUESTION 429

Which of the following protocols would be used to verify connectivity between two remote devices at the LOWEST level of the OSI model?

A. DNS

B. SCP

C. SSH

D. ICMP

Correct Answer: D


QUESTION 430

Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server?

A. Common access card

B. Role based access control

C. Discretionary access control

D. Mandatory access control

Correct Answer: B


QUESTION 431

Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server?

A. HIPS

B. NIDS

C. HIDS

D. NIPS

Correct Answer: A


QUESTION 432

Matt, the security administrator, notices a large number of alerts on the NIDS. Upon further inspection, it is determined that no attack has really taken place. This is an example of a:

A. false negative

B. true negative

C. false positive

D. true positive

Correct Answer: C


QUESTION 433

Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?

A. Create a VLAN without a default gateway.

B. Remove the network from the routing table.

C. Create a virtual switch.

D. Commission a stand-alone switch.

Correct Answer: C


QUESTION 434

A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?

A. 20

B. 21

C. 22

D. 23

Correct Answer: B


QUESTION 435

A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?

A. Availability

B. Integrity

C. Confidentiality

D. Fire suppression

Correct Answer: A


QUESTION 436

Which of the following pseudocodes can be used to handle program exceptions?

A. If program detects another instance of itself, then kill program instance.

B. If user enters invalid input, then restart program.

C. If program module crashes, then restart program module.

D. If user’s input exceeds buffer length, then truncate the input.

Correct Answer: C


QUESTION 437

Which of the following devices can Sara, an administrator, implement to detect and stop known attacks?

A. Signature-based NIDS

B. Anomaly-based NIDS

C. Signature-based NIPS

D. Anomaly-based NIPS

Correct Answer: C


QUESTION 438

Which of the following protocols would be implemented to secure file transfers using SSL?

A. TFTP

B. SCP

C. SFTP

D. FTPS

Correct Answer: D


QUESTION 439

Which of the following security concepts are used for data classification and labeling to protect data? (Select TWO).

A. Need to know

B. Role based access control

C. Authentication

D. Identification

E. Authorization

Correct Answer: AE


QUESTION 440

While setting up a secure wireless corporate network, which of the following should Pete, an administrator, avoid implementing?

A. EAP-TLS

B. PEAP

C. WEP

D. WPA

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.