Latest Certified Success Dumps Download

JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 1-10

September 18, 2017

2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 1 – (Topic 1)

Which of the following protocols is used to authenticate the client and server’s digital certificate?

  1. PEAP

  2. DNS

  3. TLS

  4. ICMP

Answer: C Explanation:

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key.

Question No: 2 – (Topic 1)

Ann, a technician, is attempting to establish a remote terminal session to an end user’s computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open?

A. 22 B. 139 C. 443 D. 3389

Answer: D Explanation:

Remote Desktop Protocol (RDP) uses TCP port 3389.

Question No: 3 – (Topic 1)

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

  1. Supervisor

  2. Administrator

  3. Root

  4. Director

Answer: B Explanation:

The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS.

Question No: 4 – (Topic 1)

A review of the company’s network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose?

  1. ACL

  2. IDS

  3. UTM

  4. Firewall

Answer: C Explanation:

An all-in-one appliance, also known as Unified Threat Management (UTM) and Next Generation Firewall (NGFW), is one that provides a good foundation for security. A variety is available; those that you should be familiar with for the exam fall under the categories of providing URL filtering, content inspection, or malware inspection.

Malware inspection is the use of a malware scanner to detect unwanted software content in network traffic. If malware is detected, it can be blocked or logged and/or trigger an alert.

Question No: 5 – (Topic 1)

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

  1. HIDS

  2. Firewall

  3. NIPS

  4. Spam filter

Answer: C Explanation:

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity.

Question No: 6 – (Topic 1)

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?

  1. Firewall

  2. Switch

  3. URL content filter

  4. Spam filter

Answer: C Explanation:

URL filtering, also known as web filtering, is the act of blocking access to a site based on all or part of the URL used to request access. URL filtering can focus on all or part of a fully qualified domain name (FQDN), specific path names, specific filenames, specific fi le extensions, or entire specific URLs. Many URL-filtering tools can obtain updated master URL block lists from vendors as well as allow administrators to add or remove URLs from a custom list.

Question No: 7 – (Topic 1)

A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal?

  1. Block port 23 on the L2 switch at each remote site

  2. Block port 23 on the network firewall

  3. Block port 25 on the L2 switch at each remote site

  4. Block port 25 on the network firewall

Answer: B Explanation:

Telnet is a terminal-emulation network application that supports remote connectivity for executing commands and running applications but doesn’t support transfer of fi les. Telnet uses TCP port 23. Because it’s a clear text protocol and service, it should be avoided and replaced with SSH.

Question No: 8 – (Topic 1)

Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).

  1. Virtual switch

  2. NAT

  3. System partitioning

  4. Access-list

  5. Disable spanning tree

  6. VLAN

Answer: A,F Explanation:

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question.

Question No: 9 – (Topic 1)

NO: 104

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).

  1. RDP

  2. SNMP

  3. FTP

  4. SCP

  5. SSH

Answer: D,E Explanation:

SSH is used to establish a command-line, text-only interface connection with a server, router, switch, or similar device over any distance.

Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). SCP is commonly used on Linux and Unix platforms.

Question No: 10 – (Topic 1)

Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Joe search for in the log files?

  1. Failed authentication attempts

  2. Network ping sweeps

  3. Host port scans

  4. Connections to port 22

Answer: D Explanation:

Log analysis is the art and science of reviewing audit trails, log files, or other forms of computer-generated records for evidence of policy violations, malicious events, downtimes, bottlenecks, or other issues of concern.

SSH uses TCP port 22. All protocols encrypted by SSH also use TCP port 22, such as SFTP, SHTTP, SCP, SExec, and slogin.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE