Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 231-240

September 18, 2017

EnsurePass
2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 231 – (Topic 2)

A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed.

Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).

  1. Fault tolerance

  2. Encryption

  3. Availability

  4. Integrity

  5. Safety

  6. Confidentiality

Answer: D,E Explanation:

Aspects such as fencing, proper lighting, locks, CCTV, Escape plans Drills, escape routes and testing controls form part of safety controls.

Integrity refers to aspects such as hashing, digital signatures, certificates and non- repudiation – all of which has to do with data integrity.

Question No: 232 – (Topic 2)

Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender?

  1. Recipient’s private key

  2. Sender’s public key

  3. Recipient’s public key

  4. Sender’s private key

Answer: B Explanation:

When the sender wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The recipient uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic. Thus the recipient uses the sender’s public key to verify the sender’s identity.

Question No: 233 – (Topic 2)

Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company’s network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement?

  1. line vty 0 6 P@s5W0Rd password line vty 7 Qwer !Y password

  2. line console 0 password password line vty 0 4 password P@s5W0Rd

  3. line vty 0 3 password Qwer !Y line vty 4 password P@s5W0Rd

  4. line vty 0 3 password Qwer !Y line console 0 password P@s5W0Rd

Answer: C Explanation:

The VTY lines are the Virtual Terminal lines of the router, used solely to control inbound Telnet connections. They are virtual, in the sense that they are a function of software – there is no hardware associated with them.

Two numbers follow the keyword VTY because there is more than one VTY line for router access. The default number of lines is five on many Cisco routers. Here, I’m configuring one password for all terminal (VTY) lines. I can specify the actual terminal or VTY line numbers as a range. The syntax that you’ll see most often, vty 0 4, covers all five terminal access lines.

Question No: 234 – (Topic 2)

Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data?

  1. Social networking use training

  2. Personally owned device policy training

  3. Tailgating awareness policy training

  4. Information classification training

Answer: D Explanation:

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing these categories and how to handle data according to its category is essential in protecting the confidentiality of the data.

Question No: 235 – (Topic 2)

Which of the following fire suppression systems is MOST likely used in a datacenter?

  1. FM-200

  2. Dry-pipe

  3. Wet-pipe

  4. Vacuum

Answer: A Explanation:

FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.

Question No: 236 – (Topic 2)

Environmental control measures include which of the following?

  1. Access list

  2. Lighting

  3. Motion detection

  4. EMI shielding

Answer: D Explanation:

Environmental controls include HVAC, Fire Suppression, EMI Shielding, Hot and Cold Aisles, Environmental monitoring as well as Temperature and Humidity controls.

Question No: 237 – (Topic 2)

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

  1. Integrity of downloaded software.

  2. Availability of the FTP site.

  3. Confidentiality of downloaded software.

  4. Integrity of the server logs.

Answer: A Explanation:

Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates.

Question No: 238 – (Topic 2)

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company’s password policy. Which of the following should Pete do NEXT?

  1. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.

  2. Tell the application development manager to code the application to adhere to the company’s password policy.

  3. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.

  4. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.

Answer: B Explanation:

Since the application is violating the security policy it should be coded differently to comply with the password policy.

Question No: 239 – (Topic 2)

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections.

Which of the following is MOST likely the reason for this recommendation? (Select TWO).

  1. To allow load balancing for cloud support

  2. To allow for business continuity if one provider goes out of business

  3. To eliminate a single point of failure

  4. To allow for a hot site in case of disaster

  5. To improve intranet communication speeds

Answer: B,C Explanation:

A high-speed internet connection to a second data provider could be used to keep an up- to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site.

Note: Recovery Time Objective

The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation.

Question No: 240 – (Topic 2)

A company recently experienced data loss when a server crashed due to a midday power

outage.

Which of the following should be used to prevent this from occurring again?

  1. Recovery procedures

  2. EMI shielding

  3. Environmental monitoring

  4. Redundancy

Answer: D Explanation:

Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected.

This strategy allows service to continue uninterrupted until the primary server can be restored.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE