[Free] 2018(Mar) EnsurePass Pass4sure CompTIA JK0-018 Dumps with VCE and PDF 211-220

Ensurepass.com : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!

CompTIA Security E2C

Question No: 211 – (Topic 3)

Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data?

  1. Social networking use training

  2. Personally owned device policy training

  3. Tailgating awareness policy training

  4. Information classification training

Answer: D

Question No: 212 – (Topic 3)

A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator implement to mitigate the risk of an online password attack against users with weak passwords?

  1. Increase the password length requirements

  2. Increase the password history

  3. Shorten the password expiration period

  4. Decrease the account lockout time

Answer: C

Question No: 213 – (Topic 3)

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

  1. Separation of duties

  2. Least privilege

  3. Same sign-on

  4. Single sign-on

Answer: C

Question No: 214 – (Topic 3)

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).

  1. Scanning printing of documents.

  2. Scanning of outbound IM (Instance Messaging).

  3. Scanning copying of documents to USB.

  4. Scanning of SharePoint document library.

  5. Scanning of shared drives.

  6. Scanning of HTTP user traffic.

Answer: B,F

Question No: 215 – (Topic 3)

A user casually browsing the Internet is redirected to a warez site where a number of pop- ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?

  1. Backdoor

  2. Spyware

  3. Logic bomb

  4. DDoS

  5. Smurf

Answer: B

Question No: 216 – (Topic 3)

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

  1. Avoid the risk to the user base allowing them to re-enable their own accounts

  2. Mitigate the risk by patching the application to increase security and saving money

  3. Transfer the risk replacing the application now instead of in five years

  4. Accept the risk and continue to enable the accounts each month saving money

Answer: D

Question No: 217 – (Topic 3)

The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example

of which of the following control types?

  1. Rule based access control

  2. Mandatory access control

  3. User assigned privilege

  4. Discretionary access control

Answer: B

Question No: 218 – (Topic 3)

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor#39;s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code. Which of the following attack types is this?

  1. Hoax

  2. Impersonation

  3. Spear phishing

  4. Whaling

Answer: B

Question No: 219 – (Topic 3)

Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of the following attack types is this?

  1. Hoax

  2. Phishing

  3. Vishing

  4. Whaling

Answer: C

Question No: 220 – (Topic 3)

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

  1. Account Disablements

  2. Password Expiration

  3. Password Complexity

  4. Password Recovery

Answer: D

100% Ensurepass Free Download!
Download Free Demo:JK0-018 Demo PDF
100% Ensurepass Free Guaranteed!
JK0-018 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com