jk0 022 q&a demo troytec
DESCRIPTION
Exam Material, Braindumps,TRANSCRIPT
Demo Edition
© 2013 - 2014 TroyTec, LTD All Rights Reserved
CompTIA Academic/E2C Security+ Certification ExamExam: JK0-022
JK0-022
1 http://www.troytec.com
QUESTION: 1 DRAG DROP Drag and drop the correct protocol to its default port.
Answer:
JK0-022
2 http://www.troytec.com
QUESTION: 2 DRAG DROP A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.
JK0-022
3 http://www.troytec.com
Answer:
JK0-022
4 http://www.troytec.com
QUESTION: 3 DRAG DROP You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan. Instructions:All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.
Answer:
JK0-022
5 http://www.troytec.com
Explanation: 1) Unsecured computer lab - Cable lock, proximity badges, biometric, CCTV, safe, cabinet lock 2) Office work place - safe, proximity, cable lock 3) Datacenter - biometric, proximity, mantrap, cipher lock 4) Offsite computer - cable lock, mantrap, CCTV QUESTION: 4 HOTSPOT Select the appropriate attack from each drop down list to label the corresponding illustrated attack. Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.
JK0-022
6 http://www.troytec.com
JK0-022
7 http://www.troytec.com
Answer:
JK0-022
8 http://www.troytec.com
QUESTION: 5 HOTSPOT For each of the given items, select the appropriate authentication category from the drop down choices. Select the appropriate authentication type for the following items:
JK0-022
9 http://www.troytec.com
Answer:
JK0-022
10 http://www.troytec.com
QUESTION: 6 DRAG DROP A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable
JK0-022
11 http://www.troytec.com
controls to each asset type. Instructions: Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.
Answer:
JK0-022
12 http://www.troytec.com
QUESTION: 7 DRAG DROP Determine the types of Attacks from right to specific action.
JK0-022
13 http://www.troytec.com
Answer:
Explanation:
JK0-022
14 http://www.troytec.com
A. Phishing. B. Whaling. C. Vishing. D. SpimE. Social engineering. QUESTION: 8 DRAG DROP You are the security administrator. You need to determine the types of security. Drag the items “Types of Security” to appropriate Security devices.
Answer:
JK0-022
15 http://www.troytec.com
Explanation: Mobile Device Security Server in Data Center Security QUESTION: 9 CORRECT TEXT
JK0-022
16 http://www.troytec.com
Answer:
JK0-022
17 http://www.troytec.com
Use the following answer for this simulation task. Explanation: below table has all the answers required for this question QUESTION: 10 DRAG DROP Drag the appropriates titles into the correct slots.
Answer:
JK0-022
18 http://www.troytec.com
Explanation: 1) Unsecured computer lab - Cable lock, proximity badges, biometric, CCTV, safe, caphir lock 2) Office work place - safe, proximity, cable lock 3) Datacenter - biometric, proximity, mantrap, cipher lock 4) Offsite computer - cable lock, mantrap, CCTV QUESTION: 11 Which of the following protocols operates at the HIGHEST level of the OSI model? A. ICMP B. IPSec C. SCP D. TCP Answer: C QUESTION: 12
JK0-022
19 http://www.troytec.com
Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? A. $500 B. $5,000 C. $25,000 D. $50,000 Answer: B QUESTION: 13 Which of the following should an administrator implement to research current attack methodologies? A. Design reviews B. Honeypot C. Vulnerability scanner D. Code reviews Answer: B QUESTION: 14 Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks? A. Intrusion Detection System B. Flood Guard Protection C. Web Application Firewall D. URL Content Filter Answer: C
JK0-022
20 http://www.troytec.com
QUESTION: 15 Which of the following means of wireless authentication is easily vulnerable to spoofing? A. MAC Filtering B. WPA - LEAP C. WPA - PEAP D. Enabled SSID Answer: A QUESTION: 16 The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO). A. permit redirection to Internet-facing web URLs. B. ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”. C. validate and filter input on the server side and client side. D. use a web proxy to pass website requests between the user and the application. E. restrict and sanitize use of special characters in input and URLs. Answer: C, E QUESTION: 17 Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP Answer: D
JK0-022
21 http://www.troytec.com
QUESTION: 18 Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate? A. System image capture B. Record time offset C. Order of volatility D. Chain of custody Answer: D QUESTION: 19 A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions Answer: B QUESTION: 20 Which of the following is being tested when a company’s payroll server is powered off for eight hours? A. Succession plan B. Business impact document C. Continuity of operations plan D. Risk assessment plan Answer: C
JK0-022
22 http://www.troytec.com