[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 151-160

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 151 – (Topic 1)

A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

  1. IPsec

  2. SFTP

  3. BGP

  4. PPTP

Answer: A Explanation:

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.

L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

Question No: 152 – (Topic 1)

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

  1. Sniffers

  2. NIDS

  3. Firewalls

  4. Web proxies

  5. Layer 2 switches

Answer: C Explanation:

The basic purpose of a firewall is to isolate one network from another.

Question No: 153 – (Topic 1)

Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites?

  1. 21

  2. 25

  3. 80

D. 3389

Answer: C Explanation:

Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web.

Question No: 154 – (Topic 1)

An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

  1. Review past security incidents and their resolution

  2. Rewrite the existing security policy

  3. Implement an intrusion prevention system

  4. Install honey pot systems

Answer: C Explanation:

The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

Question No: 155 – (Topic 1)

TION NO: 174

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point?

  1. Placement of antenna

  2. Disabling the SSID

  3. Implementing WPA2

  4. Enabling the MAC filtering

Answer: A Explanation:

You should try to avoid placing access points near metal (which includes appliances) or near the ground. Placing them in the center of the area to be served and high enough to get around most obstacles is recommended. On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided.

Question No: 156 – (Topic 1)

A system administrator wants to enable WPA2 CCMP. Which of the following is the only encryption used?

  1. RC4

  2. DES

  3. 3DES

  4. AES

Answer: D Explanation:

Cipher Block Chaining Message Authentication Code Protocol (CCMP) makes use of 128- bit AES encryption with a 48-bit initialization vector.

Question No: 157 – (Topic 1)

When designing a new network infrastructure, a security administrator requests that the intranet web server be placed in an isolated area of the network for security purposes. Which of the following design elements would be implemented to comply with the security administrator’s request?

  1. DMZ

  2. Cloud services

  3. Virtualization

  4. Sandboxing

Answer: A

Explanation:

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

Question No: 158 – (Topic 1)

Which of the following protocols operates at the HIGHEST level of the OSI model?

  1. ICMP

  2. IPSec

  3. SCP

  4. TCP

Answer: C Explanation:

SCP (Secure Copy) uses SSH (Secure Shell). SSH runs in the application layer (layer 7) of the OSI model.

Question No: 159 – (Topic 1)

Layer 7 devices used to prevent specific types of html tags are called:

  1. Firewalls

  2. Content filters

  3. Routers

  4. NIDS

Answer: B Explanation:

A content filter is a is a type of software designed to restrict or control the content a reader is authorised to access, particularly when used to limit material delivered over the Internet via the Web, e-mail, or other means. Because the user and the OSI layer interact directly with the content filter, it operates at Layer 7 of the OSI model.

Question No: 160 – (Topic 1)

An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?

  1. RADIUS

  2. Kerberos

  3. TACACS

  4. LDAP

Answer: D Explanation:

LDAP makes use of port 389.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *