CompTIA JK0-022 Security Cryptography Certification Exam Set 1

Signed digital certificates used to secure communication with a web server are MOST commonly associated with which of the following ports?


Options are :

  • 443 (Correct)
  • 143
  • 25
  • 53

Answer : 443

Which of the following protocols is MOST likely to be leveraged by users who need additional information about another user?


Options are :

  • LDAP (Correct)
  • TACACS+
  • Kerberos
  • RADIUS

Answer : LDAP

Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company's rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with?


Options are :

  • Support ownership
  • Acceptable use
  • Data ownership (Correct)
  • Device access control

Answer : Data ownership

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?


Options are :

  • HTTPS
  • TFTP
  • TLS (Correct)
  • SFTP

Answer : TLS

Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?


Options are :

  • Sender's private key
  • Sender's public key
  • Recipient's public key (Correct)
  • Recipient's private key

Answer : Recipient's public key

The security manager wants to unify the storage of credential, phone numbers, office numbers, and address information into one system. Which of the following is a system that will support the requirement on its own?


Options are :

  • RADIUS
  • TACACS
  • LDAP (Correct)
  • SAML

Answer : LDAP

A company executive's laptop was compromised, leading to a security breach. The laptop was placed into storage by a junior system administrator and was subsequently wiped and re-imaged. When it was determined that the authorities would need to be involved, there was little evidence to present to the investigators. Which of the following procedures could have been implemented to aid the authorities in their investigation?


Options are :

  • A system image should have been created and stored (Correct)
  • A comparison should have been created from the original system's file hashes
  • Witness testimony should have been taken by the administrator
  • The company should have established a chain of custody tracking the laptop

Answer : A system image should have been created and stored

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.


Options are :

  • Private keys, session keys
  • Private keys, public keys (Correct)
  • Shared keys, private keys
  • Public keys, one time

Answer : Private keys, public keys

An administrator has to determine host operating systems on the network and has deployed a transparent proxy. Which of the following fingerprint types would this solution use?


Options are :

  • Active
  • Port
  • Packet
  • Passive (Correct)

Answer : Passive

The loss prevention department has purchased a new application that allows the employees to monitor the alarm systems at remote locations. However, the application fails to connect to the vendor's server and the users are unable to log in. Which of the following are the MOST likely causes of this issue? (Select TWO).


Options are :

  • Role-based access controls
  • Firewall rules (Correct)
  • URL filtering (Correct)
  • MAC filtering
  • Port Security

Answer : Firewall rules URL filtering

Several employees clicked on a link in a malicious message that bypassed the spam filter and their PCs were infected with malware as a result. Which of the following BEST prevents this situation from occurring in the future?


Options are :

  • Data loss prevention
  • Security awareness training (Correct)
  • Enforcing complex passwords
  • Digital signatures

Answer : Security awareness training

In order to secure additional budget, a security manager wants to quantify the financial impact of a one-time compromise. Which of the following is MOST important to the security manager?


Options are :

  • ARO
  • ALE
  • SLE (Correct)
  • Impact

Answer : SLE

Which of the following attacks involves the use of previously captured network traffic?


Options are :

  • Smurf
  • Vishing
  • Replay (Correct)
  • DDoS

Answer : Replay

A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?


Options are :

  • Acceptable Use Policy (Correct)
  • Security Policy
  • Privacy Policy
  • Consent to Monitoring Policy

Answer : Acceptable Use Policy

A security administrator is tackling issues related to authenticating users at a remote site. There have been a large number of security incidents that resulted from either tailgating or impersonation of authorized users with valid credentials. The security administrator has been told to implement multifactor authentication in order to control facility access. To secure access to the remote facility, which of the following could be implemented without increasing the amount of space required at the entrance?


Options are :

  • One-time PIN token and proximity reader
  • Voice recognition and one-time PIN token (Correct)
  • MOTD challenge and PIN pad
  • Retina scanner and fingerprint reader

Answer : Voice recognition and one-time PIN token

A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption. Which of the following would be the BEST course of action for the consultant to recommend?


Options are :

  • Replace the unidirectional antenna at the front of the store with an omni-directional antenna.
  • Change the encryption used so that the encryption protocol is CCMP-based. (Correct)
  • Disable the network's SSID and configure the router to only access store devices based on MAC addresses.
  • Increase the access point's encryption from WEP to WPA TKIP.

Answer : Change the encryption used so that the encryption protocol is CCMP-based.

An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application?


Options are :

  • Create user accounts for the auditors and assign read-only access
  • Mandatory access control
  • Time of day restrictions
  • Role-based access with read-only (Correct)

Answer : Role-based access with read-only

A systems engineer has been presented with storage performance and redundancy requirements for a new system to be built for the company. The storage solution must be designed to support the highest performance and must also be able to support more than one drive failure. Which of the following should the engineer choose to meet these requirements?


Options are :

  • A striped array with parity
  • A striped array
  • A mirrored mirror array (Correct)
  • A mirrored striped array with parity

Answer : A mirrored mirror array

A new client application developer wants to ensure that the encrypted passwords that are stored in their database are secure from cracking attempts. To implement this, the developer implements a function on the client application that hashes passwords thousands of times prior to being sent to the database. Which of the following did the developer MOST likely implement?


Options are :

  • HMAC
  • PBKDF2 (Correct)
  • ECDHE
  • RIPEMD

Answer : PBKDF2

Ann, a security analyst, has discovered that her company has very high staff turnover and often user accounts are not disabled after an employee leaves the company. Which of the following could Ann implement to help identify accounts that are still active for terminated employees?


Options are :

  • Change management
  • Account expirations
  • Risk assessments
  • Routine audits (Correct)

Answer : Routine audits

An organization's security policy states that users must authenticate using something you do. Which of the following would meet the objectives of the security policy?


Options are :

  • Password
  • Signature analysis (Correct)
  • Swipe a badge
  • Fingerprint analysis

Answer : Signature analysis

An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the recipient to a malicious site where information is harvested. The message is narrowly tailored so it is effective on only a small number of victims. This describes which of the following?


Options are :

  • Spear phishing (Correct)
  • Vishing
  • Smurf attack
  • Phishing

Answer : Spear phishing

An administrator is instructed to disable IP-directed broadcasts on all routers in an organization. Which of the following attacks does this prevent?


Options are :

  • Replay
  • Smurf (Correct)
  • Pharming
  • Xmas

Answer : Smurf

It has been discovered that students are using kiosk tablets intended for registration and scheduling to play games and utilize instant messaging. Which of the following could BEST eliminate this issue?


Options are :

  • Screen-locks
  • Application control (Correct)
  • Content filtering
  • Device encryption

Answer : Application control

Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?


Options are :

  • Accessibility of the files from her mobile device
  • Sensitivity of the files (Correct)
  • Availability of the files
  • Size of the files

Answer : Sensitivity of the files

The security administrator notices a user logging into a corporate Unix server remotely as root. Which of the following actions should the administrator take?


Options are :

  • Create a firewall rule to block SSH
  • Disable remote root logins (Correct)
  • Delete the root account
  • Ensure the root account has a strong password

Answer : Disable remote root logins

Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices?


Options are :

  • A policy which details controls on removable storage use (Correct)
  • Remote wiping enabled for all removable storage devices
  • A well defined acceptable use policy
  • Full-disk encryption enabled for all removable storage devices

Answer : A policy which details controls on removable storage use

Joe, a network administrator, is able to manage the backup software console by using his network login credentials. Which of the following authentication services is he MOST likely using?


Options are :

  • SAML
  • iSCSI
  • Two-factor authentication
  • LDAP (Correct)

Answer : LDAP

A company has two server administrators that work overnight to apply patches to minimize disruption to the company. With the limited working staff, a security engineer performs a risk assessment to ensure the protection controls are in place to monitor all assets including the administrators in case of an emergency. Which of the following should be in place?


Options are :

  • CCTV (Correct)
  • NIPS
  • NIDS
  • Firewall

Answer : CCTV

An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division. Which of the following network segmentation schemas would BEST meet this objective?


Options are :

  • Create three separate VLANS, one for each division. (Correct)
  • Create two VLANs, one for Sales and Human Resources, and one for Accounting.
  • Create one VLAN for the entire organization.
  • Create two VLANS, one for Accounting and Sales, and one for Human Resources

Answer : Create three separate VLANS, one for each division.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions