[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 121-130

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 121 – (Topic 1)

Which of the following uses port 22 by default? (Select THREE).

  1. SSH

  2. SSL

  3. TLS

  4. SFTP

  5. SCP

  6. FTPS

  7. SMTP

  8. SNMP

Answer: A,D,E Explanation:

SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.

Question No: 122 – (Topic 1)

Which of the following protocols allows for the LARGEST address space?

  1. IPX

  2. IPv4

  3. IPv6

  4. Appletalk

Answer: C Explanation:

The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4.

Question No: 123 – (Topic 1)

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would

support this requirement?

  1. SaaS

  2. MaaS

  3. IaaS

  4. PaaS

Answer: B Explanation:

Monitoring-as-a-service (MaaS) is a cloud delivery model that falls under anything as a service (XaaS). MaaS allows for the deployment of monitoring functionalities for several other services and applications within the cloud.

Question No: 124 – (Topic 1)

By default, which of the following uses TCP port 22? (Select THREE).

  1. FTPS


  3. TLS

  4. SCP

  5. SSL

  6. HTTPS

  7. SSH

  8. SFTP

Answer: D,G,H Explanation:

G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.

D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.

H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.

Question No: 125 – (Topic 1)

A security administrator wishes to increase the security of the wireless network. Which of the following BEST addresses this concern?

  1. Change the encryption from TKIP-based to CCMP-based.

  2. Set all nearby access points to operate on the same channel.

  3. Configure the access point to use WEP instead of WPA2.

  4. Enable all access points to broadcast their SSIDs.

Answer: A Explanation:

CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.

Question No: 126 – (Topic 1)

Which of the following offers the LEAST amount of protection against data theft by USB drives?

  1. DLP

  2. Database encryption

  3. TPM

  4. Cloud computing

Answer: D Explanation:

Cloud computing refers to performing data processing and storage elsewhere, over a network connection, rather than locally. Because users have access to the data, it can easily be copied to a USB device.

Question No: 127 – (Topic 1)

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages.

Which of the following is the MOST likely cause for this issue?

  1. Too many incorrect authentication attempts have caused users to be temporarily disabled.

  2. The DNS server is overwhelmed with connections and is unable to respond to queries.

  3. The company IDS detected a wireless attack and disabled the wireless network.

  4. The Remote Authentication Dial-In User Service server certificate has expired.

Answer: D Explanation:

The question states that the network uses 802.1x with PEAP. The 802.1x authentication server is typically an EAP-compliant Remote Access Dial-In User Service (RADIUS). A RADIUS server will be configured with a digital certificate. When a digital certificate is created, an expiration period is configured by the Certificate Authority (CA). The expiration period is commonly one or two years.

The question states that no configuration changes have been made so it’s likely that the certificate has expired.

Question No: 128 – (Topic 1)

Which of the following BEST describes a demilitarized zone?

  1. A buffer zone between protected and unprotected networks.

  2. A network where all servers exist and are monitored.

  3. A sterile, isolated network segment with access lists.

  4. A private network that is protected by a firewall and a VLAN.

Answer: A Explanation:

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

Question No: 129 – (Topic 1)

An administrator configures all wireless access points to make use of a new network certificate authority. Which of the following is being used?

  1. WEP

  2. LEAP

  3. EAP-TLS

  4. TKIP

Answer: C Explanation:

The majority of the EAP-TLS implementations require client-side X.509 certificates without giving the option to disable the requirement.

Question No: 130 – (Topic 1)

Which of the following is BEST used as a secure replacement for TELNET?

  1. HTTPS

  2. HMAC

  3. GPG

  4. SSH

Answer: D Explanation:

SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *