Latest Certified Success Dumps Download

JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 11-20

September 18, 2017

2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 11 – (Topic 1)

The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed?

  1. Signature Based IDS

  2. Heuristic IDS

  3. Behavior Based IDS

  4. Anomaly Based IDS

Answer: A Explanation:

A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats.

Question No: 12 – (Topic 1)

Which of the following is the MOST secure protocol to transfer files?

  1. FTP

  2. FTPS

  3. SSH


Answer: B Explanation:

FTPS refers to FTP Secure, or FTP SSL. It is a secure variation of File Transfer Protocol (FTP).

Question No: 13 – (Topic 1)

Which of the following offerings typically allows the customer to apply operating system patches?

  1. Software as a service

  2. Public Clouds

  3. Cloud Based Storage

  4. Infrastructure as a service

Answer: D Explanation:

Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.

Question No: 14 – (Topic 1)

An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?

  1. Ethernet cable is damaged

  2. The host firewall is set to disallow outbound connections

  3. Network Access Control

  4. The switch port is administratively shutdown

Answer: C Explanation:

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.

Question No: 15 – (Topic 1)

An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points?

  1. SSID broadcast

  2. MAC filter

  3. WPA2

  4. Antenna placement

Answer: A Explanation:

Numerous networks broadcast their name (known as an SSID broadcast) to reveal their presence.

Question No: 16 – (Topic 1)

Which of the following protocols is used by IPv6 for MAC address resolution?

  1. NDP

  2. ARP

  3. DNS

  4. NCP

Answer: A Explanation:

The Neighbor Discovery Protocol (NDP) is a protocol in the Internet protocol suite used with Internet Protocol Version 6 (IPv6).

Question No: 17 – (Topic 1)

After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely.

Which of the following is the MOST likely reason the PC technician is unable to ping those devices?

  1. ICMP is being blocked

  2. SSH is not enabled

  3. DNS settings are wrong

  4. SNMP is not configured properly

Answer: A


ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked.

Question No: 18 – (Topic 1)

Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?

  1. Spam filter

  2. URL filter

  3. Content inspection

  4. Malware inspection

Answer: B Explanation:

The question asks how to prevent access to peer-to-peer file sharing websites. You access a website by browsing to a URL using a Web browser or peer-to-peer file sharing client software. A URL filter is used to block URLs (websites) to prevent users accessing the website.

Incorrect Answer:

A: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam according to the spam filter configuration. Spam filters do not prevent users accessing peer-to-peer file sharing websites.

C: Content inspection is the process of inspecting the content of a web page as it is downloaded. The content can then be blocked if it doesn’t comply with the company’s web policy. Content-control software determines what content will be available or perhaps more often what content will be blocked. Content inspection does not prevent users accessing peer-to-peer file sharing websites (although it could block the content of the sites as it is downloaded).

D: Malware inspection is the process of scanning a computer system for malware. Malware inspection does not prevent users accessing peer-to-peer file sharing websites.



Stewart, James Michael, CompTIA Security Review Guide, Sybex, Indianapolis, 2014, pp 18, 19.

Question No: 19 – (Topic 1)

Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).

  1. Spam filter

  2. Load balancer

  3. Antivirus

  4. Proxies

  5. Firewall

  6. NIDS

  7. URL filtering

Answer: D,E,G Explanation:

A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers.

Firewalls manage traffic using a rule or a set of rules.

A URL is a reference to a resource that specifies the location of the resource. A URL filter is used to block access to a site based on all or part of a URL.

Question No: 20 – (Topic 1)

A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices.

Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees’ devices are connected?

  1. VPN

  2. VLAN

  3. WPA2

  4. MAC filtering

Answer: B Explanation:

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE