Ensurepass

QUESTION 761

Which of the following is characterized by Matt, an attacker, attempting to leave identification markings for open wireless access points?

A. Initialization vector

B. War chalking

C. Packet sniffing

D. War driving

Correct Answer: B


QUESTION 762

Which of the following can Matt, a security administrator, implement to support confidentiality and integrity?

A. PKI

B. Non-repudiation

C. Digital signatures

D. Recovery agents

Correct Answer: A


QUESTION 763

Which of the following can Pete, an administrator, use to verify that a downloaded file was not corrupted during the transfer?

A. NTLM tag

B. LANMAN hash

C. MD5 checksum

D. SHA summary

Correct Answer: C


QUESTION 764

Planning what traffic will be separated, assigning tags, and configuring routing are part of configuring which of the following?

A. IPSec

B. ACL

C. NAT

D. VLAN

Correct Answer: D


QUESTION 765

Jane, an employee, receives an error on an encrypted laptop, making the laptop un-bootable. Jane now cannot access any files on the laptop. The desktop technician is unable to recover the key from the computer and will have to inform Jane that the files are now unrecoverable. Which of the following would have prevented Jane from losing access to the files?

A. Certificate Authority

B. Private keys

C. Public keys

D. Key escrow

Correct Answer: D


QUESTION 766

Which of the following combines authentication and authorization, and does not use the TCP protocol?

A. RADIUS

B. Kerberos

C. LDAP

D. TACACS+

Correct Answer: A


QUESTION 767

Which of the following occurs when two access points share the same SSID broadcast where one access point is used to capture data?

A. Rogue access point

B. Bluesnarfing

C. Evil twin

D. Packet sniffing Correct Answer: C
QUESTION 768

Pete and Jane, users in a financial office are reporting that they are not being asked for credentials anymore when successfully connecting to the company wireless. All other offices are still being authenticated on the wireless. Which of the following is this an example of?

A. Evil twin

B. Interference

C. IV attack

D. War driving

Correct Answer: A


QUESTION 769

Which of the following is BEST described by a scenario where management chooses to implement security controls to lessen the impact of a given risk?

A. Avoidance

B. Transference

C. Deterrence

D. Mitigation

Correct Answer: D


QUESTION 770

A recent network attack caused several random computers to malfunction, even though those computers had the latest updates and patches applied. Which of the following describes this type of attack?

A. Targeted

B. DDoS

C. Zero day

D. Buffer overflow

Correct Answer: C


QUESTION 771

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

A. Disable the wireless access and implement strict router ACLs

B. Reduce restrictions on the corporate web security gateway

C. Security policy and threat awareness training

D. Perform user rights and permissions reviews

Correct Answer: C


QUESTION 772

Sara makes a phone call to the help desk pretending to be Jane. Sara states that she has forgotten her password and asks that it be reset to 12345. Which of the following is Sara performing?

A. Shoulder surfing

B. Impersonation

C. Dumpster diving

D. Tailgating

Correct Answer: B


QUESTION 773

Which of the following default network ports is used by FTP?

A. 20

B. 22

C. 23

D. 25

Correct Answer: A


QUESTION 774

A company recently installed a load balancer for their servers. The company is MOST concerned with:

A. Integrity

B. Availability

C. Authentication

D. Confidentiality

Correct Answer: B


QUESTION 775

Which of the following pseudocodes MOST likely prevents buffer overflows?

A. If input contains < or > then escape the character and execute the program with user input

B. If input is less than 100 characters, then prompt for input again

C. If input contains then remove and execute program with user input

D. If input is greater than 1000 characters then truncate input

Correct Answer: D


QUESTION 776

Which of the following is usually encrypted when stored or transmitted?

A. CRL

B. Private key

C. Root certificate

D. Public key

Correct Answer: B


QUESTION 777

Which of the following could Jane, a security administrator, implement to mitigate the risk of tailgating for a large organization?

A. Train employees on correct data disposal techniques and enforce policies.

B. Only allow employees to enter or leave through one door at specified times of the day.

C. Only allow employees to go on break one at a time and post security guards 24/7 at each entrance.

D. Train employees on risks associated with social engineering attacks and enforce policies.

Correct Answer: D


QUESTION 778

Pete, a security administrator, implemented design changes and moved certain servers into a dedicated area that is accessible from the outside network, yet separated from the internal network. Which of the following did Pete implement?

A. NAC

B. NAT

C. DMZ

D. VLAN

Correct Answer: C


QUESTION 779

While placing an order at an online bookstore, Sara, a user, enters her correct credentials and is immediately presented with a pop-up window requesting her username and password again. Which of the following has MOST likely occurred?

A. LDAP injection attack

B. Evil twin attack

C. Phishing attack

D. SQL injection attack

Correct Answer: C


QUESTION 780

Identifying a list of all approved software on a system is a step in which of the following practices?

A. Passively testing security controls

B. Application hardening

C. Host software baselining

D. Client-side targeting

Correct Answer: C

Download Latest JK0-018 Real Free Tests , help you to pass exam 100%.

Comments are closed.