[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 191-200

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 191 – (Topic 2)

Acme Corp has selectively outsourced proprietary business processes to ABC Services. Due to some technical issues, ABC services wants to send some of Acme Corp’s debug data to a third party vendor for problem resolution. Which of the following MUST be considered prior to sending data to a third party?

  1. The data should be encrypted prior to transport

  2. This would not constitute unauthorized data sharing

  3. This may violate data ownership and non-disclosure agreements

  4. Acme Corp should send the data to ABC Services’ vendor instead

Answer: C Explanation:

With sending your data to a third party is already a risk since the third party may have a different policy than yours. Data ownership and non-disclosure is already a risk that you will have to accept since the data will be sent for debugging /troubleshooting purposes which will result in definite disclosure of the data.

Question No: 192 – (Topic 2)

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created.

However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?

  1. Eye Witness

  2. Data Analysis of the hard drive

  3. Chain of custody

  4. Expert Witness

Answer: C Explanation:

Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been. The evidence must always be within your custody, or you’re open to dispute about possible evidence tampering.

Question No: 193 – (Topic 2)

The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action?

  1. Create a single, shared user account for every system that is audited and logged based upon time of use.

  2. Implement a single sign-on application on equipment with sensitive data and high-profile shares.

  3. Enact a policy that employees must use their vacation time in a staggered schedule.

  4. Separate employees into teams led by a person who acts as a single point of contact for observation purposes.

Answer: C Explanation:

A policy that states employees should use their vacation time in a staggered schedule is a way of employing mandatory vacations. A mandatory vacation policy requires all users to take time away from work while others step in and do the work of that employee on vacation. This will afford the CSO the opportunity to see who is using the company assets responsibly and who is abusing it.

Question No: 194 – (Topic 2)

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?

  1. Command shell restrictions

  2. Restricted interface

  3. Warning banners

  4. Session output pipe to /dev/null

Answer: C Explanation:

Within Microsoft Windows, you have the ability to put signs (in the form of onscreen pop-up banners) that appear before the login telling similar information-authorized access only, violators will be prosecuted, and so forth. Such banners convey warnings or regulatory information to the user that they must “accept” in order to use the machine or network. You need to make staff aware that they may legally be prosecuted and a message is best given via a banner so that all staff using workstation will get notification.

Question No: 195 – (Topic 2)

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

  1. Warm site

  2. Load balancing

  3. Clustering

  4. RAID

Answer: C Explanation:

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy.

Server clustering is used to provide failover capabilities / redundancy in addition to scalability as demand increases.

Question No: 196 – (Topic 2)

The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?

  1. Application hardening

  2. Application firewall review

  3. Application change management

  4. Application patch management

Answer: C Explanation:

Change management is the structured approach that is followed to secure a company’s assets. Promoting code to application on a SMZ web server would be change management.

Question No: 197 – (Topic 2)

Computer evidence at a crime is preserved by making an exact copy of the hard disk.

Which of the following does this illustrate?

  1. Taking screenshots

  2. System image capture

  3. Chain of custody

  4. Order of volatility

Answer: B Explanation:

A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it.

Question No: 198 – (Topic 2)

A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?

  1. High availability

  2. Load balancing

  3. Backout contingency plan

  4. Clustering

Answer: A Explanation:

High availability (HA) refers to the measures used to keep services and systems operational during an outage. In short, the goal is to provide all services to all users, where they need them and when they need them. With high availability, the goal is to have key services available 99.999 percent of the time (also known as five nines availability).

Question No: 199 – (Topic 2)

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?

  1. Restoration and recovery strategies

  2. Deterrent strategies

  3. Containment strategies

  4. Detection strategies

Answer: C Explanation:

Containment strategies is used to limit damages, contain a loss so that it may be controlled, much like quarantine, and loss incident isolation.

Question No: 200 – (Topic 2)

A technician is investigating intermittent switch degradation. The issue only seems to occur when the building’s roof air conditioning system runs. Which of the following would reduce the connectivity issues?

  1. Adding a heat deflector

  2. Redundant HVAC systems

  3. Shielding

  4. Add a wireless network

Answer: C Explanation:

EMI can cause circuit overload, spikes, or even electrical component failure. In the question it is mentioned that switch degradation occurs when the building’s roof air- conditioning system is also running. All electromechanical systems emanate EMI. Thus you could alleviate the problem using EMI shielding.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *