Want to know Testking JK0-022 Exam practice test features? Want to lear more about CompTIA CompTIA Academic/E2C Security+ Certification Exam Voucher Only certification experience? Study Approved CompTIA JK0-022 answers to Improve JK0-022 questions at Testking. Gat a success with an absolute guarantee to pass CompTIA JK0-022 (CompTIA Academic/E2C Security+ Certification Exam Voucher Only) test on your first attempt.

2021 Feb JK0-022 training

Q11. When considering a vendor-specific vulnerability in critical industrial control systems which of the following techniques supports availability? 

A. Deploying identical application firewalls at the border 

B. Incorporating diversity into redundant design 

C. Enforcing application white lists on the support workstations 

D. Ensuring the systems’ anti-virus definitions are up-to-date 

Answer:


Q12. Which of the following attacks would cause all mobile devices to lose their association with corporate access points while the attack is underway? 

A. Wireless jamming 

B. Evil twin 

C. Rogue AP 

D. Packet sniffing 

Answer:


Q13. After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data. 

Which of the following controls support this goal? 

A. Contingency planning 

B. Encryption and stronger access control 

C. Hashing and non-repudiation 

D. Redundancy and fault tolerance 

Answer:


Q14. A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident? 

A. Eye Witness 

B. Data Analysis of the hard drive 

C. Chain of custody 

D. Expert Witness 

Answer:

83. During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware? 

A. Lessons Learned 

B. Preparation 

C. Eradication 

D. Identification 

Answer:


Q15. A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted. Which of the following types of malware is on Ann’s workstation? 

A. Trojan 

B. Spyware 

C. Adware 

D. Ransomware 

Answer:


Updated JK0-022 practice test:

Q16. Which of the following controls would allow a company to reduce the exposure of sensitive systems from unmanaged devices on internal networks? 

A. 802.1x 

B. Data encryption 

C. Password strength 

D. BGP 

Answer:


Q17. After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Joe’s desktop remain encrypted when moved to external media or other network based storage? 

A. Whole disk encryption 

B. Removable disk encryption 

C. Database record level encryption 

D. File level encryption 

Answer:


Q18. A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system's services to the list of standard services on the company's system image. This review process depends on: 

A. MAC filtering. 

B. system hardening. 

C. rogue machine detection. 

D. baselining. 

Answer:


Q19. A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? 

A. WPA2 CCMP 

B. WPA 

C. WPA with MAC filtering 

D. WPA2 TKIP 

Answer:


Q20. The incident response team has received the following email messagE. 

From: monitor@ext-company.com To: security@company.com Subject: Copyright infringement 

A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT. 

After reviewing the following web logs for IP 13.10.66.5, the team is unable to correlate and identify the incident. 

09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john 

09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne 

10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov 

11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok 

Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident? 

A. The logs are corrupt and no longer forensically sound. 

B. Traffic logs for the incident are unavailable. 

C. Chain of custody was not properly maintained. 

D. Incident time offsets were not accounted for. 

Answer: