Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
JK0-022 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Braindumps CompTIA JK0-022 Dumps with VCE and PDF 591-600

September 18, 2017

EnsurePass
2017 Sep CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 591 – (Topic 3)

Which of the following malware types typically allows an attacker to monitor a user’s computer, is characterized by a drive-by download, and requires no user interaction?

  1. Virus

  2. Logic bomb

  3. Spyware

  4. Adware

Answer: C

Explanation: Explanation

Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity.

Question No: 592 – (Topic 3)

A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?

  1. HTTPS

  2. HTTP

  3. RDP

  4. TELNET

Answer: B Explanation:

HTTP uses port 80. HTTP does not provide encrypted communications. Port 443 is used by HTTPS which provides secure encrypted communications. Port 3389 is used by RDP (Remote Desktop Protocol) which does provide encrypted communications.

Question No: 593 – (Topic 3)

Which of the following is a notification that an unusual condition exists and should be investigated?

  1. Alert

  2. Trend

  3. Alarm

  4. Trap

Answer: A Explanation:

We need to look carefully at the wording of the question to determine the answer. This question is asking about an “unusual condition” that should be investigated. There are different levels of alerts from Critical to Warning to Information only.

An Alarm would be triggered by a serious definite problem that needs resolving urgently. An “unusual condition” probably wouldn’t trigger an alarm; it is more likely to trigger an Alert.

Question No: 594 – (Topic 3)

After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points:

Corpnet Coffeeshop FreePublicWifi

Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created?

  1. Infrastructure as a Service

  2. Load balancer

  3. Evil twin

  4. Virtualized network

Answer: C Explanation:

In this question, the attacker has created another wireless network that is impersonating one of more of the three wireless networks listed in the question. This is known as an Evil Twin.

An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider.

In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique.

For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name.

In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits.

Question No: 595 – (Topic 3)

A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?

  1. Spam filter

  2. Digital signatures

  3. Antivirus software

  4. Digital certificates

Answer: B Explanation:

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document.

The digital equivalent of a handwritten signature or stamped seal, but offering far more inherent security, a digital signature is intended to solve the problem of tampering and impersonation in digital communications. Digital signatures can provide the added assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer.

Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm such as RSA, one can generate two keys that are mathematically linked: one private and one public. To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash – along with other information, such as the hashing algorithm – is the digital signature. The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.

Question No: 596 – (Topic 3)

Which of the following is characterized by an attack against a mobile device?

  1. Evil twin

  2. Header manipulation

  3. Blue jacking

  4. Rogue AP

Answer: C

Explanation:

A bluejacking attack is where unsolicited messages are sent to mobile devices using Bluetooth.

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.

Bluejacking is usually harmless, but because bluejacked people generally don#39;t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it#39;s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

Question No: 597 – (Topic 3)

A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks. Which of the following technical controls must be implemented to enforce the corporate policy? (Select THREE).

  1. Account lockout

  2. Account expiration

  3. Screen locks

  4. Password complexity

  5. Minimum password lifetime

  6. Minimum password length

Answer: A,D,F Explanation:

A brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data. Brute force attacks may be used by criminals to crack encrypted data, or by security analysts to test an organization#39;s network security.

A brute force attack may also be referred to as brute force cracking.

For example, a form of brute force attack known as a dictionary attack might try all the

words in a dictionary. Other forms of brute force attack might try commonly-used passwords or combinations of letters and numbers.

The best defense against brute force attacks strong passwords. The following password policies will ensure that users have strong (difficult to guess) passwords:

F: Minimum password length. This policy specifies the minimum number of characters a password should have. For example: a minimum password length of 8 characters is regarded as good security practice.

D: Password complexity determines what characters a password should include. For example, you could require a password to contain uppercase and lowercase letters and numbers. This will ensure that passwords don’t consist of dictionary words which are easy to crack using brute force techniques.

A: Account lockout policy: This policy ensures that a user account is locked after a number of incorrect password entries. For example, you could specify that if a wrong password is entered three times, the account will be locked for a period of time or indefinitely until the account is unlocked by an administrator.

Question No: 598 – (Topic 3)

While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?

  1. Cross-site scripting

  2. Buffer overflow

  3. Header manipulation

  4. Directory traversal

Answer: B Explanation:

When the user opens an attachment, the attachment is loaded into memory. The error is caused by a memory issue due to a buffer overflow attack.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through programming error, buffer overflow is an

increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user#39;s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Question No: 599 – (Topic 3)

After a recent breach, the security administrator performs a wireless survey of the corporate network. The security administrator notices a problem with the following output:

MAC SSID ENCRYPTION POWER BEACONS 00:10:A1:36:12:CC MYCORP WPA2 CCMP 60 1202

00:10:A1:49:FC:37 MYCORP WPA2 CCMP 70 9102

FB:90:11:42:FA:99 MYCORP WPA2 CCMP 40 3031

00:10:A1:AA:BB:CC MYCORP WPA2 CCMP 55 2021

00:10:A1:FA:B1:07 MYCORP WPA2 CCMP 30 6044

Given that the corporate wireless network has been standardized, which of the following attacks is underway?

  1. Evil twin

  2. IV attack

  3. Rogue AP

  4. DDoS

Answer: A Explanation:

The question states that the corporate wireless network has been standardized. By ‘standardized’ it means the wireless network access points are running on hardware from the same vendor. We can see this from the MAC addresses used. The first half of a MAC address is vendor specific. The second half is network adapter specific. We have four devices with MAC addresses that start with 00:10:A1.

The “odd one out” is the device with a MAC address starting FB:90:11. This device is from a different vendor. The SSID of the wireless network on this access point is the same as

the other legitimate access points. Therefore, the access point with a MAC address starting FB:90:11 is impersonating the corporate access points. This is known as an Evil Twin.

An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider.

In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique.

For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name.

In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits.

Question No: 600 – (Topic 3)

Data execution prevention is a feature in most operating systems intended to protect against which type of attack?

  1. Cross-site scripting

  2. Buffer overflow

  3. Header manipulation

  4. SQL injection

Answer: B Explanation:

Data Execution Prevention (DEP) is a security feature included in modern operating systems. It marks areas of memory as either quot;executablequot; or quot;nonexecutablequot;, and allows only data in an quot;executablequot; area to be run by programs, services, device drivers, etc. It is known to be available in Linux, OS X, Microsoft Windows, iOS and Android operating systems.

DEP protects against some program errors, and helps prevent certain malicious exploits, especially attacks that store executable instructions in a data area via a buffer overflow.

A buffer overflow occurs when a program or process tries to store more data in a buffer

(temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user#39;s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass JK0-022 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE