Ensurepass

QUESTION 641

When employees that use certificates leave the company they should be added to which of the following?

A. PKI

B. CA

C. CRL

D. TKIP

Correct Answer: C


QUESTION 642

Which of the following should Matt, a security technician, implement to identify untrusted certificates?

A. CA

B. PKI

C. CRL

D. Recovery agent

Correct Answer: C


QUESTION 643

Jane, a security analyst, noticed an increase in malware infections on a user’s system. She identified an email that requests the user change her password. This attack would BEST be described as which of the following?

A. Phishing

B. Spoofing

C. Privilege escalation

D. Shoulder surfing

Correct Answer: A


QUESTION 644

A corporate datacenter operates in a humid area near an ocean and often has hardware failures. Which of the following controls would help prevent these issues?

A. Fire suppression

B. HVAC

C. RAID

D. Cold aisles

Correct Answer: B


QUESTION 645

When Pete, a security administrator, cannot verify who provided a hard drive image, then:

A. Chain of custody is preserved

B. The image must be rehashed

C. The hash must be verified

D. Chain of custody is destroyed

Correct Answer: D


QUESTION 646

If Sara, an attacker, is attempting to determine the operating system using banner information, which of the following techniques could she be using?

A. Whois lookup

B. nslookup

C. Port scanning

D. Fingerprinting

Correct Answer: D


QUESTION 647

Pete, an administrator, is creating a new security policy and must consider many stakeholders as well as current regulations, and the company direction. For the BEST success in policy roll out, which stakeholder is the MOST important for Pete to consider?

A. End users

B. Information security team

C. Senior leadership team

D. Customers and vendors

Correct Answer: C


QUESTION 648

Which of the following is an encapsulated authentication protocol?

A. CCMP

B. LEAP

C. TKIP

D. WEP

Correct Answer: B


QUESTION 649

Which of the following is a layer three protocol used for VPN connections?

A. SSH

B. ICMP

C. IPSec

D. SSL

Correct Answer: C


QUESTION 650

Which of the following can Matt, a security administrator, implement on a mobile device to help prevent a conversation from being picked up on another device?

A. Bluetooth

B. Screen locks

C. Strong passwords

D. Voice encryption

Correct Answer: D


QUESTION 651

When a username is checked against an access list, which of the following does it provide?

A. Identification and authentication

B. Identification and authorization

C. Authentication and authorization

D. Authentication and integrity

Correct Answer: A


QUESTION 652

A network device that protects an enterprise based only on source and destination addresses is BEST described as:

A. IDS

B. ACL

C. Stateful packet filtering

D. Simple packet filtering

Correct Answer: D


QUESTION 653

Which of the following terms is used to describe predictable failure points for equipment or services?

A. RTO

B. MTTR

C. RPO

D. MTBF

Correct Answer: D


QUESTION 654

Which of the following account policies would Sara, a security administrator, implement to disable a user’s account after a certain period of time?

A. Lockout

B. Expiration

C. Complexity

D. Recovery

Correct Answer: B


QUESTION 655

Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server. Which of the following can still result in exposure of the sensitive data in the database server?

A. SQL Injection

B. Theft of the physical database server

C. Cookies

D. Cross-site scripting

Correct Answer: A


QUESTION 656

Matt, the security administrator, is implementing a new design to minimize the footprint in the datacenter and reduce the amount of wasted resources without losing physical control of the equipment. Which of the following would Matt need to implement?

A. Visualization

B. Cloud computing

C. New ACLs

D. VLAN management

Correct Answer: A


QUESTION 657

A third party application has the ability to maintain its own user accounts or it may use single sign- on. To use single sign-on, the application is requesting the following information: OU=Users, DC=Domain, DC=COM. This application is requesting which of the following authentication services?

A. TACACS+

B. RADIUS

C. LDAP

D. Kerberos

Correct Answer: C


QUESTION 658

Which of the following can grant access based solely on TCP/IP information?

A. Time of day restrictions

B. Implicit deny

C. ACLs

D. Least privilege

Correct Answer: C


QUESTION 659

Which of the following should Sara, a technician, apply to prevent guests from plugging in their laptops and accessing the company network?

A. Secure router configuration

B. Port security

C. Sniffers

D. Implicit deny

Correct Answer: B


QUESTION 660

Pete, the Chief Security Officer (CSO), is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action?

A. Create a single, shared user account for every system that is audited and logged based upon time of use.

B. Implement a single sign-on application on equipment with sensitive data and high-profile shares.

C. Enact a policy that employees must use their vacation time in a staggered schedule.

D. Separate employees into teams led by a person who acts as a single point of contact for observation purposes.

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.