Ensurepass

QUESTION 721

Pete, a security analyst, must authenticate himself and his company when obtaining a certificate. Which of the following would validate this information for Pete?

A. Certification authority

B. Key escrow

C. Registration authority

D. Trust model Correct Answer: C
QUESTION 722

How often, at a MINIMUM, should Sara, an administrator, review the accesses and right of the users on her system?

A. Annually

B. Immediately after an employee is terminated

C. Every five years

D. Every time they patch the server

Correct Answer: A


QUESTION 723

Jane, a user, has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?

A. Anti-spyware

B. Anti-adware

C. Anti-virus

D. Anti-spam

Correct Answer: D


QUESTION 724

Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?

A. Password behaviors

B. Clean desk policy

C. Data handling

D. Data disposal

Correct Answer: B


QUESTION 725

Which of the following is the BEST reason to have a formal and exercised incident management plan?

A. All vulnerabilities are mitigated

B. Users do not maintain excessive permissions

C. Patches are not made without testing

D. All parties understand their role in the process

Correct Answer: D


QUESTION 726

Which of the following identifies certificates that have been compromised or suspected of being compromised?

A. Certificate revocation list

B. Access control list

C. Key escrow registry

D. Certificate authority

Correct Answer: A


QUESTION 727

Which of the following time periods is a best practice for requiring user awareness training?

A. Every 5 years

B. Every 3 years

C. Every 2 years

D. Annually

Correct Answer: D


QUESTION 728

In which of the following locations would Sara, a forensic analyst, look to find a hooked process?

A. BIOS

B. Slack space

C. RAM

D. Rootkit

Correct Answer: C


QUESTION 729

A company notices that there is a flaw in one of their proprietary programs that the company runs in- house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?

A. Risk

B. Threat

C. Vulnerability

D. Code review

Correct Answer: A


QUESTION 730

Which of the following features would allow Pete, a network administrator, to allow or deny access to a specific list of network clients?

A. Content filtering

B. Flood guard

C. URL filtering

D. MAC filtering

Correct Answer: D


QUESTION 731

Pete, a system administrator, is using a packet sniffer to troubleshoot remote authentication. Pete detects a device trying to communicate to UDP ports 1812 and 1813. Which of the following authentication methods is MOST likely being attempted?

A. TACACS+

B. LDAP

C. Kerberos

D. RADIUS

Correct Answer: D


QUESTION 732

Which of the following is an example of authentication using something Jane, a user, has and something she knows?

A. GSM phone card and PIN

B. Username and password

C. Username and PIN

D. Fingerprint scan and signature

Correct Answer: A


QUESTION 733

Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company network by using a former employee’s credential?

A. Account expiration

B. Password complexity

C. Account lockout

D. Dual factor authentication

Correct Answer: A


QUESTION 734

Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?

A. RIPEMD

B. MD5

C. SHA

D. HMAC

Correct Answer: D


QUESTION 735

Which of the following does Jane, a software developer, need to do after compiling the source code of a program to attest the authorship of the binary?

A. Place Jane’s name in the binary metadata

B. Use Jane’s private key to sign the binary

C. Use Jane’s public key to sign the binary

D. Append the source code to the binary

Correct Answer: B


QUESTION 736

During the analysis of malicious code, Matt, a security analyst, discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?

A. Buffer overflow

B. XML injection

C. SQL injection

D. Distributed denial of service

Correct Answer: A


QUESTION 737

Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO).

A. Spoofing

B. Man-in-the-middle

C. Dictionary

D. Brute force

E. Privilege escalation

Correct Answer: CD


QUESTION 738

A company’s backup solution performs full backups weekly and is running into capacity issues. Without changing the frequency of backups, which of the following solutions would reduce the storage requirement?

A. Differential backups

B. Magnetic media backups

C. Load balancing

D. Incremental backups

Correct Answer: D


QUESTION 739

3DES is created when which of the following scenarios occurs?

A. The DES algorithm is run three consecutive times against the item being encrypted.

B. The DES algorithm has been used by three parties: the receiving party, sending party, and server.

C. The DES algorithm has its key length increased to 256.

D. The DES algorithm is combined with AES and SHA1.

Correct Answer: A


QUESTION 740

Which of the following mitigates the risk of proprietary information being compromised?

A. Cloud computing

B. Digital signatures

C. File encryption

D. Visualization

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.