[Free] 2018(Aug) Dumps4cert CompTIA JK0-022 Dumps with VCE and PDF Download 201-210

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 201 – (Topic 2)

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

  1. Security control frameworks

  2. Best practice

  3. Access control methodologies

  4. Compliance activity

Answer: B Explanation:

Best practices are based on what is known in the industry and those methods that have consistently shown superior results over those achieved by other means. Furthermore best practices are applied to all aspects in the work environment.

Question No: 202 – (Topic 2)

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?

  1. Clustering

  2. RAID

  3. Load balancing

  4. Virtualization

Answer: A Explanation:

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs).

Question No: 203 – (Topic 2)

Which of the following has serious security implications for large organizations and can potentially allow an attacker to capture conversations?

  1. Subnetting

  2. NAT

  3. Jabber

  4. DMZ

Answer: C Explanation:

Jabber is a new unified communications application and could possible expose you to attackers that want to capture conversations because Jabber provides a single interface

across presence, instant messaging, voice, video messaging, desktop sharing and conferencing.

Question No: 204 – (Topic 2)

A security administrator needs to image a large hard drive for forensic analysis. Which of the following will allow for faster imaging to a second hard drive?

  1. cp /dev/sda /dev/sdb bs=8k

  2. tail -f /dev/sda gt; /dev/sdb bs=8k

  3. dd in=/dev/sda out=/dev/sdb bs=4k

  4. locate /dev/sda /dev/sdb bs=4k

Answer: C Explanation:

dd is a command-line utility for Unix and Unix-like operating systems whose primary purpose is to convert and copy files. dd can duplicate data across files, devices, partitions and volumes

On Unix, device drivers for hardware (such as hard disks) and special device files (such as

/dev/zero and /dev/random) appear in the file system just like normal files; dd can also read and/or write from/to these files, provided that function is implemented in their respective driver. As a result, dd can be used for tasks such as backing up the boot sector of a hard drive, and obtaining a fixed amount of random data. The dd program can also perform conversions on the data as it is copied, including byte order swapping and conversion to and from the ASCII and EBCDIC text encodings.

An attempt to copy the entire disk using cp may omit the final block if it is of an unexpected length; whereas dd may succeed. The source and destination disks should have the same size.

Question No: 205 – (Topic 2)

In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).

  1. Take hashes

  2. Begin the chain of custody paperwork

  3. Take screen shots

  4. Capture the system image

  5. Decompile suspicious files

Answer: A,D Explanation:

A: Take Hashes. NIST (the National Institute of Standards and Technology) maintains a National Software Reference Library (NSRL). One of the purposes of the NSRL is to collect “known, traceable software applications” through their hash values and store them in a Reference Data Set (RDS). The RDS can then be used by law enforcement, government agencies, and businesses to determine which fi les are important as evidence in criminal investigations.

D: A system image is a snapshot of what exists. Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it.

Question No: 206 – (Topic 2)

Which of the following is the BEST concept to maintain required but non-critical server availability?

  1. SaaS site

  2. Cold site

  3. Hot site

  4. Warm site

Answer: D Explanation:

Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. Another term for a warm site/reciprocal site is active/active model.

Question No: 207 – (Topic 2)

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?

A. $500

B. $5,000 C. $25,000 D. $50,000

Answer: B Explanation:

SLE 脳 ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.

(5000 x 10) x 0.1 = 5000

Question No: 208 – (Topic 2)

Three of the primary security control types that can be implemented are.

  1. Supervisory, subordinate, and peer.

  2. Personal, procedural, and legal.

  3. Operational, technical, and management.

  4. Mandatory, discretionary, and permanent.

Answer: C Explanation:

The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.

Question No: 209 – (Topic 2)

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?

  1. Hashing

  2. Screen locks

  3. Device password

  4. Encryption

Answer: D Explanation:

Encryption is used to ensure the confidentiality of information.

Question No: 210 – (Topic 2)

A customer service department has a business need to send high volumes of confidential information to customers electronically. All emails go through a DLP scanner. Which of the following is the BEST solution to meet the business needs and protect confidential information?

  1. Automatically encrypt impacted outgoing emails

  2. Automatically encrypt impacted incoming emails

  3. Monitor impacted outgoing emails

  4. Prevent impacted outgoing emails

Answer: A Explanation:

Encryption is done to protect confidentiality and integrity of data. It also provides authentication, nonrepudiation and access control to the data. Since all emails go through a DLP scanner and it is outgoing main that requires protection then the best option is to put a system in place that will encrypt the outgoing emails automatically.

100% Dumps4cert Free Download!
JK0-022 PDF
100% Dumps4cert Pass Guaranteed!
JK0-022 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com