Ensurepass

QUESTION 681

Which of the following fire suppression systems should be used in a datacenter that will put out the fire and not cause physical harm to equipment and data?

A. Water

B. Halon

C. Oxygen

D. Foam

Correct Answer: B


QUESTION 682

In order to enter a corporate office, employees must enter a PIN. Which of the following are common risks when using this type of entry system? (Select TWO)

A. Shoulder surfing

B. Key logging

C. Tailgating

D. Man-in-the-middle attacks

E. Dumpster diving

Correct Answer: AC


QUESTION 683

Which of the following is often used to verify connectivity on a network?

A. DNS

B. DHCP

C. ICMP

D. NAC

Correct Answer: C


QUESTION 684

Which of the following is BEST identified as an attack where a large number of users are fooled into entering user credentials into a fake website?

A. Pharming

B. Whaling

C. Phishing

D. Privilege escalation

Correct Answer: A


QUESTION 685

Sara, a student, is interested in learning about distributed denial of service attacks. Which of the following types of malware is MOST likely the primary focus of her study?

A. Botnets

B. Logic bombs

C. Spyware

D. Trojans

Correct Answer: A


QUESTION 686

Which of the following BEST describes a DMZ?

A. A subnet that allows all outbound activity

B. A network that allows all inbound traffic

C. A transitional subnet that screens all traffic

D. A subnet that denies all inbound connectivity

Correct Answer: C


QUESTION 687

Following the order of volatility, taking hashes, and maintaining a chain of custody describes which of the following?

A. Forensics

B. Incident response

C. Business continuity

D. Disaster recovery

Correct Answer: A


QUESTION 688

Which of the following is an example of a false negative?

A. The IDS does not identify a buffer overflow

B. Anti-virus identifies a benign application as malware.

C. Anti-virus protection interferes with the normal operation of an application.

D. A user account is locked out after the user mistypes the password too many times.

Correct Answer: A


QUESTION 689

Sara and Jane, users, are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?

A. Deploy an anti-spam device to protect the network.

B. Update the anti-virus definitions and make sure that it is set to scan all received email

C. Set up spam filtering rules in each user’s mail client.

D. Change the firewall settings to block SMTP relays so that the spam cannot get in.

Correct Answer: A


QUESTION 690

Which of the following is similar to a smurf attack, but uses UDP instead to ICMP?

A. X-Mas attack

B. Fraggle attack

C. Vishing

D. Man-in-the-middle attack

Correct Answer: B


QUESTION 691

Pete, a security administrator, wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Pete allow on the firewall by default?

A. 21

B. 22

C. 23

D. 25

Correct Answer: B


QUESTION 692

Which of the following accurately describes the STRONGEST multifactor authentication?

A. Something you are, something you have

B. Something you have, something you know

C. Something you are near to, something you have

D. Something you have, someone you know

Correct Answer: A


QUESTION 693

Which of the following is the BEST solution to securely administer remote servers?

A. SCP

B. SSH

C. Telnet

D. SFTP

Correct Answer: B


QUESTION 694

A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?

A. Key escrow

B. CRL

C. CA

D. Recovery agent

Correct Answer: A


QUESTION 695

Which of the following authentication protocols forces centralized wireless authentication?

A. WPA2-Personal

B. WPA2-Enterprise

C. WPA2-CCMP

D. WPA2-TKIP

Correct Answer: B


QUESTION 696

The fundamental information security principals include confidentiality, availability and which of the following?

A. The ability to secure data against unauthorized disclosure to external sources

B. The capacity of a system to resist unauthorized changes to stored information

C. The confidence with which a system can attest to the identity of a user

D. The characteristic of a system to provide uninterrupted service to authorized users

Correct Answer: B


QUESTION 697

Which of the following risks could IT management be mitigating by removing an all-in-one device?

A. Continuity of operations

B. Input validation

C. Single point of failure

D. Single sign on

Correct Answer: C


QUESTION 698

Social networking sites are used daily by the marketing team for promotional purposes. However, confidential company information, including product pictures and potential partnerships, have been inadvertently exposed to the public by dozens of employees using social networking sites. Which of following is the BEST response to mitigate this threat with minimal company disruption?

A. Mandate additional security awareness training for all employees.

B. Report each employee to Human Resources for termination for violation of security policies

C. Implement a data loss prevention program to filter email.

D. Block access to social networking sites from the corporate network

Correct Answer: A


QUESTION 699

A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date. Which of the following BEST describes this system type?

A. NAT

B. NIPS

C. NAC

D. DMZ

Correct Answer: C


QUESTION 700

Sara, an IT administrator, wants to protect a cluster of servers in a DMZ from zero day attacks. Which of the following would provide the BEST level of protection?

A. NIPS

B. NIDS

C. ACL

D. Antivirus

Correct Answer: A

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.