[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-018 Dumps with VCE and PDF Download 571-580

Dumps4cert 2017 Nov CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-018.html

CompTIA Security E2C

Question No: 571 – (Topic 6)

Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?

  1. RADIUS

  2. LDAP

  3. SAML

  4. TACACS

Answer: A

Question No: 572 – (Topic 6)

A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?

  1. Ann’s user account has administrator privileges.

  2. Joe’s user account was not added to the group policy.

  3. Ann’s user account was not added to the group policy.

  4. Joe’s user account was inadvertently disabled and must be re-created.

Answer: C

Question No: 573 – (Topic 6)

A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a ‘listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?

  1. HTTPS

  2. HTTP

  3. RDP

  4. TELNET

Answer: B

Question No: 574 – (Topic 6)

Several employee accounts appear to have been cracked by an attacker. Which of the following should the security administrator implement to mitigate password cracking attacks? (Select TWO).

  1. Increase password complexity

  2. Deploy an IDS to capture suspicious logins

  3. Implement password history

  4. Implement monitoring of logins

  5. Implement password expiration

  6. Increase password length

Answer: A,F

Question No: 575 – (Topic 6)

Human Resources suspects an employee is accessing the employee salary database. The administrator is asked to find out who it is. In order to complete this task, which of the following is a security control that should be in place?

  1. Shared accounts should not be in use

  2. Account lockout should be enabled

  3. Privileges should be assigned to groups rather than individuals

  4. Time of day restrictions should be in use

Answer: A

Question No: 576 – (Topic 6)

A cafe provides laptops for Internet access to their customers. The cafe is located in the center corridor of a busy shopping mall. The company has experienced several laptop thefts from the cafe during peek shopping hours of the day. Corporate has asked that the IT department provide a solution to eliminate laptop theft. Which of the following would provide the IT department with the BEST solution?

  1. Attach cable locks to each laptop

  2. Require each customer to sign an AUP

  3. Install a GPS tracking device onto each laptop

  4. Install security cameras within the perimeter of the cafe

Answer: A

Question No: 577 – (Topic 6)

An auditor#39;s report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors’ accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding?

  1. Disable unnecessary contractor accounts and inform the auditor of the update.

  2. Reset contractor accounts and inform the auditor of the update.

  3. Inform the auditor that the accounts belong to the contractors.

  4. Delete contractor accounts and inform the auditor of the update.

Answer: A

Question No: 578 – (Topic 6)

A company hired Joe, an accountant. The IT administrator will need to create a new account for Joe. The company uses groups for ease of management and administration of user accounts. Joe will need network access to all directories, folders and files within the accounting department. Which of the following configurations will meet the requirements?

  1. Create a user account and assign the user account to the accounting group.

  2. Create an account with role-based access control for accounting.

  3. Create a user account with password reset and notify Joe of the account creation.

  4. Create two accounts: a user account and an account with full network administration rights.

Answer: B

Question No: 579 – (Topic 6)

Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless network without entering their domain credentials upon connection. Once the connection is made, they cannot reach any internal resources, while wired network connections operate smoothly. Which of the following is MOST likely occurring?

  1. A user has plugged in a personal access point at their desk to connect to the network wirelessly.

  2. The company is currently experiencing an attack on their internal DNS servers.

  3. The company’s WEP encryption has been compromised and WPA2 needs to be implemented instead.

  4. An attacker has installed an access point nearby in an attempt to capture company information.

Answer: D

Question No: 580 – (Topic 6)

Ann works at a small company and she is concerned that there is no oversight in the finance department; specifically, that Joe writes, signs and distributes paychecks, as well as other expenditures. Which of the following controls can she implement to address this concern?

  1. Mandatory vacations

  2. Time of day restrictions

  3. Least privilege

  4. Separation of duties

Answer: D

100% Free Download!
Download Free Demo:JK0-018 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-018 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *