Ensurepass

QUESTION 61

A company wants to have a backup site that is a good balance between cost and recovery time objectives. Which of the following is the BEST solution?

A. Hot site

B. Remote site

C. Cold site

D. Warm site

Correct Answer: D


QUESTION 62

While conducting a network audit, Sara, a security administrator, discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?

A. ARP poisoning

B. Session hijacking

C. DNS poisoning

D. Pharming attack

Correct Answer: A


QUESTION 63

Which of the following is a reason why Pete, a security administrator, would implement port security?

A. To inspect the TPC and UDP ports of incoming traffic

B. To port C++code into Java bit-code in a secure manner

C. To implement secure datacenter electronic access

D. To limit the number of endpoints connected through the same switch port

Correct Answer: D


QUESTION 64

Which of the following is the MAIN benefit of server-side versus client-side input validation?

A. Server-side input validation results in a more secure system than client-side input validation.

B. Client-side input validation can lead to local buffer overflows while server-side input validation can lead to remote buffer overflow.

C. Client-side input validation results in a more secure system than server-side input validation.

D. Server-side input validation is prone to buffer overflows while client-side input validation is not.

Correct Answer: A


QUESTION 65

Which of the following would be the BEST reason for Jane, a security administrator, to initially select individual file encryption over whole disk encryption?

A. It provides superior key redundancy for individual files.

B. The management of keys is easier to maintain for file encryption

C. It is faster to encrypt an individual file.

D. It provides protected access to all users

Correct Answer: C


QUESTION 66

Which of the following implements two factor authentication based on something you know and something you have?

A. Users shall authenticate to the system via a Kerberos enabled authentication server working with an integrated PKI only.

B. The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard

C. The system shall authenticate only authorized users by fingerprint and retina scan.

D. Users shall possess a combination of 8 digit PINs and fingerprint scanners.

Correct Answer: B


QUESTION 67

Which of the following attacks is characterized by Sara attempting to send an email from a Chief Information Officer’s (CIO’s) non-corporate email account to an IT staff member in order to have a password changed?

A. Spamming

B. Pharming

C. Privilege escalation

D. Impersonation

Correct Answer: D


QUESTION 68

Which of the following should be done before resetting a user’s password due to expiration?

A. Verify the user’s domain membership

B. Verify the user’s identity

C. Advise the user of new policies

D. Verity the proper group membership

Correct Answer: B


QUESTION 69

Sara, an attacker, calls the company’s from desk and tries to gain insider information by providing specific company information to gain the attendant’s trust. The front desk immediately alerts the IT department about this incident. This is an example of which of the following?

A. Shoulder surfing

B. Whaling

C. Tailgating

D. Impersonation

Correct Answer: D


QUESTION 70

Which of the following is based on X.500 standards?

A. RADIUS

B. TACACS

C. Kerberos

D. LDAP

Correct Answer: D


QUESTION 71

Which of the following functions of a firewall allows Pete, an administrator, to map an external service to an internal host?

A. AP isolation

B. Port forwarding

C. DMZ

D. NAT

Correct Answer: B


QUESTION 72

Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?

A. Rootkit

B. Logic bomb

C. Worm

D. Botnet

Correct Answer: B


QUESTION 73

Hashing algorithms are used to address which of the following?

A. Confidentiality

B. Compatibility

C. Availability

D. Integrity

Correct Answer: D


QUESTION 74

After setting up a root CA. which of the following can Pete, a security administrator, implement to allow intermediate CAs to handout keys and certificates?

A. CRL

B. Spanning tree

C. Trust model

D. Key escrow

Correct Answer: C


QUESTION 75

Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?

A. URL filtering

B. WPA2 and EAP

C. PEAP and WPA

D. MAC filtering

Correct Answer: D


QUESTION 76

Which of the following is the purpose of the spanning tree protocol?

A. Loop protection

B. Access control lists

C. Secure device configuration

D. Implicit deny

Correct Answer: A


QUESTION 77

Sara, the security engineer, has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should Sara collect FIRST?

A. Memory dump, ARP cache

B. Live system image, route table

C. Temp files, hosts file

D. Offline system image, router logs

Correct Answer: A


QUESTION 78

While traveling, users need access to an internal company web server that contains proprietary

information. Pete, the security administrator, should implement a:

A. NAC

B. VLAN

C. DMZ

D. RAS

Correct Answer: D


QUESTION 79

Which of the following is used by Matt, a security administrator, to lower the risks associated with electrostatic discharge, corrosion, and thermal breakdown?

A. Temperature and humidity controls

B. Routine audits

C. Fire suppression and EMI shielding

D. Hot and cold aisles

Correct Answer: A


QUESTION 80

Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?

A. Hot site

B. High-availability site

C. Cold site

D. Warm site

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.