★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Top Quality of JK0-022 study guide materials and testing material for CompTIA certification for candidates, Real Success Guaranteed with Updated JK0-022 pdf dumps vce Materials. 100% PASS CompTIA Academic/E2C Security+ Certification Exam Voucher Only exam Today!
2016 May JK0-022 Study Guide Questions:
Q111. A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?
A. Visitor logs
C. Hardware locks
D. Environmental monitoring
Q112. A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?
A. Application hardening
B. False positive
C. Baseline code review
D. False negative
Q113. A malicious individual is attempting to write too much data to an application’s memory. Which of the following describes this type of attack?
B. SQL injection
C. Buffer overflow
Avant-garde jk0-022 vs sy0-401:
Q114. A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?
A. Training staff on security policies
B. Establishing baseline reporting
C. Installing anti-malware software
D. Disabling unnecessary accounts/services
Q115. Joe, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates?
Q116. Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?
Realistic jk0-022 vs sy0-401:
Q117. Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first. This is MOST likely to increase the risk of loss from which of the following attacks?
A. Shoulder surfing
B. Dumpster diving
Q118. A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?
A. WPA2 CCMP
C. WPA with MAC filtering
D. WPA2 TKIP
Q119. The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).
A. permit redirection to Internet-facing web URLs.
B. ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”.
C. validate and filter input on the server side and client side.
D. use a web proxy to pass website requests between the user and the application.
E. restrict and sanitize use of special characters in input and URLs.
Q120. When considering a vendor-specific vulnerability in critical industrial control systems which of the following techniques supports availability?
A. Deploying identical application firewalls at the border
B. Incorporating diversity into redundant design
C. Enforcing application white lists on the support workstations
D. Ensuring the systems’ anti-virus definitions are up-to-date
see more CompTIA Academic/E2C Security+ Certification Exam Voucher Only