Latest Certified Success Dumps Download

JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 551-560

September 18, 2017

2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 551 – (Topic 3)

Which of the following can Joe, a security administrator, implement on his network to capture attack details that are occurring while also protecting his production network?

  1. Security logs

  2. Protocol analyzer

  3. Audit logs

  4. Honeypot

Answer: D Explanation:

A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies.

According to the, a Honeypot luring a hacker into a system has several main purposes:

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned.

The hacker can be caught and stopped while trying to obtain root access to the system.

By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.

There are two main types of honeypots:

Production – A production honeypot is one used within an organization#39;s environment to help mitigate risk.

Research – A research honeypot add value to research in computer security by providing a platform to study the threat.

Question No: 552 – (Topic 3)

Sara, a hacker, is completing a website form to request a free coupon. The site has a field

that limits the request to 3 or fewer coupons. While submitting the form, Sara runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.

Which of the following was used to perform this attack?

  1. SQL injection

  2. XML injection

  3. Packet sniffer

  4. Proxy

Answer: B Explanation:

When a web user takes advantage of a weakness with SQL by entering values that they should not, it is known as a SQL injection attack. Similarly, when the user enters values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a similar manner to SQL, except that it does not have the same levels of access control, and taking advantage of weaknesses within can return entire documents. The best way to prevent XML injection attacks is to filter the user’s input and sanitize it to make certain that it does not cause XPath to return more data than it should.

Question No: 553 – (Topic 3)

The string: ‘ or 1=1- –

Represents which of the following?

  1. Bluejacking

  2. Rogue access point

  3. SQL Injection

  4. Client-side attacks

Answer: C Explanation:

The code in the question is an example of a SQL Injection attack. The code ‘1=1’ will

always provide a value of true. This can be included in statement designed to return all rows in a SQL table.

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application#39;s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Question No: 554 – (Topic 3)

One of the servers on the network stops responding due to lack of available memory. Server administrators did not have a clear definition of what action should have taken place based on the available memory. Which of the following would have BEST kept this incident from occurring?

  1. Set up a protocol analyzer

  2. Set up a performance baseline

  3. Review the systems monitor on a monthly basis

  4. Review the performance monitor on a monthly basis

Answer: B Explanation:

A performance baseline provides the input needed to design, implement, and support a secure network. The performance baseline would define the actions that should be performed on a server that is running low on memory.

Question No: 555 – (Topic 3)

Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?

  1. Honeypot

  2. Port scanner

  3. Protocol analyzer

  4. Vulnerability scanner

Answer: C Explanation:

A Protocol Analyzer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a network. By capturing and analyzing the packets sent between the systems on the network, Ann would be able to quantify the amount of traffic on the network.

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) from Microsoft and Wireshark (formerly Ethereal).

Question No: 556 – (Topic 3)

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

  1. Dumpster Diving

  2. Impersonation

  3. Shoulder Surfing

  4. Whaling

Answer: C Explanation:

Viewing confidential information on someone’s monitor is known as shoulder surfing. By moving their monitors so they cannot be seen, the executives are preventing users passing by ‘shoulder surfing’.

Shoulder surfing is using direct observation techniques, such as looking over someone#39;s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it#39;s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.

Question No: 557 – (Topic 3)

An attacker used an undocumented and unknown application exploit to gain access to a file server. Which of the following BEST describes this type of attack?

  1. Integer overflow

  2. Cross-site scripting

  3. Zero-day

  4. Session hijacking

  5. XML injection

Answer: C Explanation:

The vulnerability is undocumented and unknown. This is zero day vulnerability.

A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it-this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.

Question No: 558 – (Topic 3)

Which of the following tools will allow a technician to detect security-related TCP connection anomalies?

  1. Logical token

  2. Performance monitor

  3. Public key infrastructure

  4. Trusted platform module

Answer: B Explanation:

Performance Monitor in a Windows system can monitor many different ‘counters’. For TCP network connections, you can monitor specific TCP related counters including the following:

Connection Failures Connections Active Connections Established Connections Passive

Connections Reset Segments Received/sec Segments Retransmitted/sec Segments Sent/sec

Total Segments/sec

By monitoring the counters listed above, you will be able to detect security-related TCP connection anomalies.

Question No: 559 – (Topic 3)

Which of the following attacks allows access to contact lists on cellular phones?

  1. War chalking

  2. Blue jacking

  3. Packet sniffing

  4. Bluesnarfing

Answer: D Explanation:

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information – such as the user#39;s calendar, contact list and e-mail and text messages – without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.

Question No: 560 – (Topic 3)

The system administrator has been notified that many users are having difficulty connecting to the company’s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST

likely cause?

  1. The certificate used to authenticate users has been compromised and revoked.

  2. Multiple war drivers in the parking lot have exhausted all available IPs from the pool to deny access.

  3. An attacker has gained access to the access point and has changed the encryption keys.

  4. An unauthorized access point has been configured to operate on the same channel.

Answer: D Explanation:

Wireless Access Points can be configured to use a channel. If you have multiple access points within range of each other, you should configure the access points to use different channels. Different channels use different frequencies. If you have two access points using the same channel, their wifi signals will interfere with each other.

The question states that that many users are having difficulty connecting to the company’s wireless network. This is probably due to the signal being weakened by interference from another access point using the same channel. When the administrator takes a new laptop and physically goes to the access point and connects with no problems, he is able to connect because he is near the access point and therefore has a strong signal.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE