Latest Certified Success Dumps Download

JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 211-220

September 18, 2017

2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 211 – (Topic 2)

An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk?

  1. (Threats X vulnerability X asset value) x controls gap

  2. (Threats X vulnerability X profit) x asset value

  3. Threats X vulnerability X control gap

  4. Threats X vulnerability X asset value

Answer: D Explanation:

Threats X vulnerability X asset value is equal to asset value (AV) times exposure factor (EF). This is used to calculate a risk.

Question No: 212 – (Topic 2)

A security technician wishes to gather and analyze all Web traffic during a particular time period.

Which of the following represents the BEST approach to gathering the required data?

  1. Configure a VPN concentrator to log all traffic destined for ports 80 and 443.

  2. Configure a proxy server to log all traffic destined for ports 80 and 443.

  3. Configure a switch to log all traffic destined for ports 80 and 443.

  4. Configure a NIDS to log all traffic destined for ports 80 and 443.

Answer: B Explanation:

A proxy server is in essence a device that acts on behalf of others and in security terms all internal user interaction with the Internet should be controlled through a proxy server. This makes a proxy server the best tool to gather the required data.

Question No: 213 – (Topic 2)

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

  1. Methods and templates to respond to press requests, institutional and regulatory reporting requirements.

  2. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.

  3. Developed recovery strategies, test plans, post-test evaluation and update processes.

  4. Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.

  5. Methods to review and report on system logs, incident response, and incident handling.

Answer: A,B Explanation:

A: External emergency communications that should fit into your business continuity plan include notifying family members of an injury or death, discussing the disaster with the media, and providing status information to key clients and stakeholders. Each message needs to be prepared with the audience (e.g., employees, media, families, government regulators) in mind; broad general announcements may be acceptable in the initial aftermath of an incident, but these will need to be tailored to the audiences in subsequent releases.

B: A typical emergency communications plan should be extensive in detail and properly planned by a business continuity planner. Internal alerts are sent using either email, overhead building paging systems, voice messages or text messages to cell/smartphones with instructions to evacuate the building and relocate at assembly points, updates on the status of the situation, and notification of when it#39;s safe to return to work.

Question No: 214 – (Topic 2)

Which of the following could cause a browser to display the message below?

quot;The security certificate presented by this website was issued for a different website’s address.quot;

  1. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

  2. The website is using a wildcard certificate issued for the company’s domain.

  3. HTTPS://127.0.01 was used instead of HTTPS://localhost.

  4. The website is using an expired self signed certificate.

Answer: C Explanation:

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA#39;s certificate. Since CA certificates are often signed by other, quot;higher-ranking,quot; CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme.

Localhost is a hostname that means this computer and may be used to access the computer#39;s own network services via its loopback network interface. Using the loopback interface bypasses local network interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost

Question No: 215 – (Topic 2)

Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?

  1. Hardware load balancing

  2. RAID

  3. A cold site

  4. A host standby

Answer: B Explanation:

Fault tolerance is the ability of a system to sustain operations in the event of a component failure. Fault-tolerant systems can continue operation even though a critical component, such as a disk drive, has failed. This capability involves overengineering systems by adding redundant components and subsystems. RAID can achieve fault tolerance using software which can be done using the existing hardware and software.

Question No: 216 – (Topic 2)

After a recent security breach, the network administrator has been tasked to update and backup all router and switch configurations. The security administrator has been tasked to enforce stricter security policies. All users were forced to undergo additional user awareness training. All of these actions are due to which of the following types of risk mitigation strategies?

  1. Change management

  2. Implementing policies to prevent data loss

  3. User rights and permissions review

  4. Lessons learned

Answer: D Explanation:

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Described in the question is a situation where a security breach had occurred and its response which shows that lessons have been learned and used to put in place measures that will prevent any future security breaches of the same kind.

Question No: 217 – (Topic 2)

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

  1. Structured walkthrough

  2. Full Interruption test

  3. Checklist test

  4. Tabletop exercise

Answer: A Explanation:

A structured walkthrough test of a recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required.

Question No: 218 – (Topic 2)

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that:

  1. HDD hashes are accurate.

  2. the NTP server works properly.

  3. chain of custody is preserved.

  4. time offset can be calculated.

Answer: D


It is quite common for workstation times to be off slightly from actual time, and that can happen with servers as well. Since a forensic investigation is usually dependent on a step- by-step account of what has happened, being able to follow events in the correct time sequence is critical. Because of this, it is imperative to record the time offset on each affected machine during the investigation. One method of assisting with this is to add an entry to a log file and note the time that this was done and the time associated with it on the system.

Question No: 219 – (Topic 2)

A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks for further information. Which of the following strategies should be implemented to ensure the Risk Manager and CIO are not caught unaware in the future?

  1. Procedure and policy management

  2. Chain of custody management

  3. Change management

  4. Incident management

Answer: D Explanation:

incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets). The events that could occur include security breaches.

Question No: 220 – (Topic 2)

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network.

When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.

Which of the following describes how the employee is leaking these secrets?

  1. Social engineering

  2. Steganography

  3. Hashing

  4. Digital signatures

Answer: B Explanation:

Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE