CompTIA JK0-022 Security Cryptography Certification Exam Set 8

Joe, the information security manager, is tasked with calculating risk and selecting controls to protect a new system. He has identified people, environmental conditions, and events that could affect the new system. Which of the following does he need to estimate NEXT in order to complete his risk calculations?


Options are :

  • Risk
  • Vulnerabilities (Correct)
  • Likelihood
  • Threats

Answer : Vulnerabilities

Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff began to spread, the IDS alerted the network administrator that access to sensitive client files had risen far above normal. Which of the following kind of IDS is in use?


Options are :

  • Protocol based
  • Heuristic based
  • Anomaly based (Correct)
  • Signature based

Answer : Anomaly based

A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).


Options are :

  • Change default passwords (Correct)
  • Deploy a honeypot
  • Disable unnecessary services (Correct)
  • Implement an application firewall
  • Penetration testing

Answer : Change default passwords Disable unnecessary services

A computer is found to be infected with malware and a technician re-installs the operating system. The computer remains infected with malware. This is an example of:


Options are :

  • a rootkit.
  • an exploit kit
  • Spyware.
  • a MBR infection. (Correct)

Answer : a MBR infection.

The data security manager is notified that a client will be sending encrypted information on optical discs for import into the company database. Once imported, the information is backed up and the discs are no longer needed. Following the import, which of the following is the BEST action for the manager to take?


Options are :

  • Instruct employees to store the discs in a secure area
  • Send the discs back to the client (Correct)
  • Wipe the discs and place into inventory for future use
  • Contract with a third party to shred the discs

Answer : Send the discs back to the client

A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a 'listening' state. No other ports are open. Which of the following services should be disabled to ensure secure communications?


Options are :

  • HTTP (Correct)
  • TELNET
  • HTTPS
  • RDP

Answer : HTTP

When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents?


Options are :

  • Digital Signature
  • Symmetric
  • Asymmetric (Correct)
  • Hashing

Answer : Asymmetric

A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server?


Options are :

  • Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. (Correct)
  • Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application.
  • mGenerate a baseline report detailing all installed applications on the virtualized server after installing the new application.
  • Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location.

Answer : Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location.

A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?


Options are :

  • Hashing
  • Steganography
  • Perfect forward secrecy
  • Encryption
  • Digital signatures (Correct)

Answer : Digital signatures

A security administrator must implement a firewall rule to allow remote employees to VPN onto the company network. The VPN concentrator implements SSL VPN over the standard HTTPS port. Which of the following is the MOST secure ACL to implement at the company's gateway firewall?


Options are :

  • PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443 (Correct)
  • PERMIT TCP FROM ANY ANY TO 199.70.5.23 ANY
  • PERMIT TCP FROM 199.70.5.23 ANY TO ANY ANY
  • PERMIT TCP FROM ANY 443 TO 199.70.5.25 443

Answer : PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443

After working on his doctoral dissertation for two years, Joe, a user, is unable to open his dissertation file. The screen shows a warning that the dissertation file is corrupted because it is infected with a backdoor, and can only be recovered by upgrading the antivirus software from the free version to the commercial version. Which of the following types of malware is the laptop MOST likely infected with?


Options are :

  • Backdoor
  • Armored virus
  • Trojan
  • Ransomware (Correct)

Answer : Ransomware

An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2- TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication?


Options are :

  • The wireless access point is broadcasting the SSID.
  • The malicious user is able to capture the wired communication. (Correct)
  • The malicious user has access to the WPA2-TKIP key.
  • The meeting attendees are using unencrypted hard drives.

Answer : The malicious user is able to capture the wired communication.

Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?


Options are :

  • Quantum cryptography. (Correct)
  • Steganography.
  • Perfect forward secrecy.
  • Elliptic curve cryptography.

Answer : Quantum cryptography.

A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people's first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?


Options are :

  • Low
  • PCI
  • PII (Correct)
  • Public

Answer : PII

Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?


Options are :

  • Deploy a HIDS suite on the users' computers to prevent application installation.
  • Create an approved application list and block anything not on it. (Correct)
  • Enable the pop-up blockers on the users' browsers to prevent malware.
  • Maintain the baseline posture at the highest OS patch level.

Answer : Create an approved application list and block anything not on it.

Which of the following would be MOST appropriate to secure an existing SCADA system by preventing connections from unauthorized networks?


Options are :

  • Implement a Layer 2 switch to access the SCADA system
  • Implement a NIDS to protect the SCADA system
  • Implement a firewall to protect the SCADA system (Correct)
  • Implement a HIDS to protect the SCADA system

Answer : Implement a firewall to protect the SCADA system

An administrator needs to secure RADIUS traffic between two servers. Which of the following is the BEST solution?


Options are :

  • Require IPSec with AH between the servers (Correct)
  • Require a long and complex shared secret for the servers
  • Use MSCHAPv2 with MPPE instead of PAP
  • Require the message-authenticator attribute for each message

Answer : Require IPSec with AH between the servers

Ann was reviewing her company's event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue?


Options are :

  • Disabling unnecessary services
  • Disabling unnecessary accounts (Correct)
  • Enabling time of day restrictions
  • Rogue machine detection

Answer : Disabling unnecessary accounts

Which of the following is the BEST reason for placing a password lock on a mobile device?


Options are :

  • Enables remote wipe capabilities
  • Stops an unauthorized user from using the device again
  • Prevents an unauthorized user from accessing owner's data (Correct)
  • Prevents an unauthorized user from making phone calls

Answer : Prevents an unauthorized user from accessing owner's data

A company hosts its public websites internally. The administrator would like to make some changes to the architecture. The three goals are: (1)reduce the number of public IP addresses in use by the web servers (2)drive all the web traffic through a central point of control (3)mitigate automated attacks that are based on IP address scanning Which of the following would meet all three goals?


Options are :

  • Load balancer
  • Reverse proxy (Correct)
  • URL filter
  • Firewall

Answer : Reverse proxy

Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable function for the ABC Company without any supervision. Management has noticed several new accounts without billing invoices that were paid. Which of the following is the BEST management option for review of the new accounts?


Options are :

  • Separation of duties
  • Mandatory vacation (Correct)
  • Replacement
  • Job rotation

Answer : Mandatory vacation

The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced?


Options are :

  • Telecommuting policy
  • Non disclosure policy
  • Data ownership policy
  • Acceptable use policy (Correct)

Answer : Acceptable use policy

A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?


Options are :

  • TFTP
  • SSH
  • TLS
  • SNMPv3 (Correct)

Answer : SNMPv3

Ann has recently transferred from the payroll department to engineering. While browsing file shares, Ann notices she can access the payroll status and pay rates of her new coworkers. Which of the following could prevent this scenario from occurring?


Options are :

  • Credential management
  • Continuous monitoring
  • Separation of duties
  • User access reviews (Correct)

Answer : User access reviews

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?


Options are :

  • Firewalls
  • IPS
  • IDS
  • DLP (Correct)

Answer : DLP

Ann is the data owner of financial records for a company. She has requested that she have the ability to assign read and write privileges to her folders. The network administrator is tasked with setting up the initial access control system and handing Ann's administrative capabilities. Which of the following systems should be deployed?


Options are :

  • Rule-based
  • Discretionary (Correct)
  • Role-based
  • Mandatory

Answer : Discretionary

Ann, the network administrator, is receiving reports regarding a particular wireless network in the building. The network was implemented for specific machines issued to the developer department, but the developers are stating that they are having connection issues as well as slow bandwidth. Reviewing the wireless router's logs, she sees that devices not belonging to the developers are connecting to the access point. Which of the following would BEST alleviate the developer's reports?


Options are :

  • Implement connections via secure tunnel with additional software on the developer's computers.
  • Configure the router so that its name is not visible to devices scanning for wireless networks.
  • Configure the router so that wireless access is based upon the connecting device's hardware address. (Correct)
  • Modify the connection's encryption method so that it is using WEP instead of WPA2.

Answer : Configure the router so that wireless access is based upon the connecting device's hardware address.

A security administrator is notified that users attached to a particular switch are having intermittent connectivity issues. Upon further research, the administrator finds evidence of an ARP spoofing attack. Which of the following could be utilized to provide protection from this type of attack?


Options are :

  • Configure loop protection on the switch.
  • Configure 802.1x authentication on the switch.
  • Configure MAC filtering on the switch.
  • Configure flood guards on the switch. (Correct)

Answer : Configure flood guards on the switch.

Which of the following helps to establish an accurate timeline for a network intrusion?


Options are :

  • Enforcing DLP controls at the perimeter
  • Hashing images of compromised systems
  • Reviewing the date of the antivirus definition files
  • Analyzing network traffic and device logs (Correct)

Answer : Analyzing network traffic and device logs

A user has plugged in a wireless router from home with default configurations into a network jack at the office. This is known as:


Options are :

  • an IV attack.
  • an evil twin.
  • an unauthorized entry point
  • a rogue access point. (Correct)

Answer : a rogue access point.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions