jk0 022 q&a demo troytec

Demo Edition

© 2013 - 2014 TroyTec, LTD All Rights Reserved

CompTIA Academic/E2C Security+ Certification ExamExam: JK0-022

JK0-022

1 http://www.troytec.com

QUESTION: 1 DRAG DROP Drag and drop the correct protocol to its default port.

Answer:

JK0-022


QUESTION: 2 DRAG DROP A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

JK0-022


Answer:

JK0-022


QUESTION: 3 DRAG DROP You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan. Instructions:All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.

Answer:

JK0-022


Explanation: 1) Unsecured computer lab - Cable lock, proximity badges, biometric, CCTV, safe, cabinet lock 2) Office work place - safe, proximity, cable lock 3) Datacenter - biometric, proximity, mantrap, cipher lock 4) Offsite computer - cable lock, mantrap, CCTV QUESTION: 4 HOTSPOT Select the appropriate attack from each drop down list to label the corresponding illustrated attack. Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.

JK0-022


JK0-022


Answer:

JK0-022


QUESTION: 5 HOTSPOT For each of the given items, select the appropriate authentication category from the drop down choices. Select the appropriate authentication type for the following items:

JK0-022


Answer:

JK0-022


QUESTION: 6 DRAG DROP A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable

JK0-022


controls to each asset type. Instructions: Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.

Answer:

JK0-022


QUESTION: 7 DRAG DROP Determine the types of Attacks from right to specific action.

JK0-022


Answer:

Explanation:

JK0-022


A. Phishing. B. Whaling. C. Vishing. D. SpimE. Social engineering. QUESTION: 8 DRAG DROP You are the security administrator. You need to determine the types of security. Drag the items “Types of Security” to appropriate Security devices.

Answer:

JK0-022


Explanation: Mobile Device Security Server in Data Center Security QUESTION: 9 CORRECT TEXT

JK0-022


Answer:

JK0-022


Use the following answer for this simulation task. Explanation: below table has all the answers required for this question QUESTION: 10 DRAG DROP Drag the appropriates titles into the correct slots.

Answer:

JK0-022


Explanation: 1) Unsecured computer lab - Cable lock, proximity badges, biometric, CCTV, safe, caphir lock 2) Office work place - safe, proximity, cable lock 3) Datacenter - biometric, proximity, mantrap, cipher lock 4) Offsite computer - cable lock, mantrap, CCTV QUESTION: 11 Which of the following protocols operates at the HIGHEST level of the OSI model? A. ICMP B. IPSec C. SCP D. TCP Answer: C QUESTION: 12

JK0-022


Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? A. $500 B. $5,000 C. $25,000 D. $50,000 Answer: B QUESTION: 13 Which of the following should an administrator implement to research current attack methodologies? A. Design reviews B. Honeypot C. Vulnerability scanner D. Code reviews Answer: B QUESTION: 14 Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks? A. Intrusion Detection System B. Flood Guard Protection C. Web Application Firewall D. URL Content Filter Answer: C

JK0-022


QUESTION: 15 Which of the following means of wireless authentication is easily vulnerable to spoofing? A. MAC Filtering B. WPA - LEAP C. WPA - PEAP D. Enabled SSID Answer: A QUESTION: 16 The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO). A. permit redirection to Internet-facing web URLs. B. ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”. C. validate and filter input on the server side and client side. D. use a web proxy to pass website requests between the user and the application. E. restrict and sanitize use of special characters in input and URLs. Answer: C, E QUESTION: 17 Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP Answer: D

JK0-022


QUESTION: 18 Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate? A. System image capture B. Record time offset C. Order of volatility D. Chain of custody Answer: D QUESTION: 19 A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions Answer: B QUESTION: 20 Which of the following is being tested when a company’s payroll server is powered off for eight hours? A. Succession plan B. Business impact document C. Continuity of operations plan D. Risk assessment plan Answer: C

JK0-022


jk0 022 q&a demo troytec

Documents

drag drop

question question

applicable jk0

correct text jk0

security plan

security administrator

data center security

cctv question