CompTIA JK0-022 Security Cryptography Certification Exam Set 10

Which of the following cryptographic related browser settings allows an organization to communicate securely?


Options are :

  • Trusted Sites
  • SSL 3.0/TLS 1.0 (Correct)
  • 3DES
  • HMAC

Answer : SSL 3.0/TLS 1.0

Deploying a wildcard certificate is one strategy to:


Options are :

  • Reduce the certificate management burden. (Correct)
  • Extend the renewal date of the certificate.
  • Secure the certificate’s private key.
  • Increase the certificate’s encryption key length

Answer : Reduce the certificate management burden.

When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?


Options are :

  • CRL
  • CA
  • Trust models (Correct)
  • Recovery agent

Answer : Trust models

A company’s security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take?


Options are :

  • Install a registration server.
  • Install a CA (Correct)
  • Establish a key escrow policy.
  • Generate shared public and private keys

Answer : Install a CA

A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company’s server over a public unencrypted communication channel. Which of the following implements the required secure key negotiation? (Select TWO)


Options are :

  • Symmetric encryption
  • ECDHE (Correct)
  • Diffie-Hellman (Correct)
  • PBKDF2
  • Steganography

Answer : ECDHE Diffie-Hellman

Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises. A security technician was asked to prepare a report of files that had changed since last night’s integrity scan. Which of the following could the technician use to prepare the report? (Select TWO).


Options are :

  • MD5 (Correct)
  • HMAC (Correct)
  • Blowfish
  • AES
  • ECC
  • PGP

Answer : MD5 HMAC

Which of the following offers the LEAST secure encryption capabilities?


Options are :

  • NTLM
  • CHAP
  • TwoFish
  • PAP (Correct)

Answer : PAP

When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength?


Options are :

  • RSA (Correct)
  • SHA
  • AES
  • DES

Answer : RSA

A certificate authority takes which of the following actions in PKI?


Options are :

  • Issues and signs all root certificates (Correct)
  • Issues and signs all private keys
  • Publishes key escrow lists to CRLs
  • Signs and verifies all infrastructure messages

Answer : Issues and signs all root certificates

A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?


Options are :

  • WPA2
  • 3DES (Correct)
  • AES
  • RC4

Answer : 3DES

Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption?


Options are :

  • AES
  • 3DES
  • Blowfish (Correct)
  • RC5

Answer : Blowfish

Which of the following protocols provides transport security for virtual terminal emulation?


Options are :

  • TLS
  • SCP
  • SSH (Correct)
  • S/MIME

Answer : SSH

Which of the following algorithms has well documented collisions? (Select TWO).


Options are :

  • MD5 (Correct)
  • AES
  • SHA-256
  • RSA
  • SHA (Correct)

Answer : MD5 SHA

Which of the following provides the strongest authentication security on a wireless network?


Options are :

  • WEP
  • Disable SSID broadcast
  • MAC filter
  • WPA2 (Correct)

Answer : WPA2

Which of the following is used to certify intermediate authorities in a large PKI deployment?


Options are :

  • Key escrow
  • Root user
  • Root CA (Correct)
  • Recovery agent

Answer : Root CA

Which of the following would be used as a secure substitute for Telnet?


Options are :

  • SFTP
  • HTTPS
  • SSH (Correct)
  • SSL

Answer : SSH

Which of the following provides additional encryption strength by repeating the encryption process with additional keys?


Options are :

  • Blowfish
  • 3DES (Correct)
  • TwoFish
  • AES

Answer : 3DES

Which of the following provides the HIGHEST level of confidentiality on a wireless network?


Options are :

  • Packet switching
  • WPA2 (Correct)
  • MAC filtering
  • Disabling SSID broadcast

Answer : WPA2

Company employees are required to have workstation client certificates to access a bank website. These certificates were backed up as a precautionary step before the new computer upgrade. After the upgrade and restoration, users state they can access the bank’s website, but not login. Which is the following is MOST likely the issue?


Options are :

  • The certificates have not been installed on the workstations (Correct)
  • The IP addresses of the clients have change
  • The certificates have been installed on the CA
  • The client certificate passwords have expired on the server

Answer : The certificates have not been installed on the workstations

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?


Options are :

  • WEP
  • WPA-TKIP (Correct)
  • WPA2-AES
  • 802.11ac

Answer : WPA-TKIP

Which of the following uses both a public and private key?


Options are :

  • AES
  • MD5
  • SHA
  • RSA (Correct)

Answer : RSA

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions