[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 291-300

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 291 – (Topic 2)

Which of the following disaster recovery strategies has the highest cost and shortest recovery time?

  1. Warm site

  2. Hot site

  3. Cold site

  4. Co-location site

Answer: B

Explanation:

A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. Databases can be kept up-to-date using network connections. These types of facilities are expensive, and they’re primarily suitable for short-term situations.

Question No: 292 – (Topic 2)

A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?

  1. Availability

  2. Integrity

  3. Confidentiality

  4. Fire suppression

Answer: A Explanation:

Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC.

Question No: 293 – (Topic 2)

One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?

  1. Mandatory access

  2. Rule-based access control

  3. Least privilege

  4. Job rotation

Answer: C Explanation:

A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more.

Question No: 294 – (Topic 2)

In order to prevent and detect fraud, which of the following should be implemented?

  1. Job rotation

  2. Risk analysis

  3. Incident management

  4. Employee evaluations

Answer: A Explanation:

A job rotation policy defines intervals at which employees must rotate through positions. Similar in purpose to mandatory vacations, it helps to ensure that the company does not become too dependent on one person and it does afford the company with the opportunity to place another person in that same job and in this way the company can potentially uncover any fraud perhaps committed by the incumbent.

Question No: 295 – (Topic 2)

A user has received an email from an external source which asks for details on the company’s new product line set for release in one month. The user has a detailed spec sheet but it is marked quot;Internal Proprietary Informationquot;. Which of the following should the user do NEXT?

  1. Contact their manager and request guidance on how to best move forward

  2. Contact the help desk and/or incident response team to determine next steps

  3. Provide the requestor with the email information since it will be released soon anyway

  4. Reply back to the requestor to gain their contact information and call them

Answer: B Explanation:

This is an incident that has to be responded to by the person who discovered it- in this case the user. An incident is any attempt to violate a security policy, a successful penetration, a compromise of a system, or any unauthorized access to information. It’s important that an incident response policy establish at least the following items:

Outside agencies that should be contacted or notified in case of an incident Resources used to deal with an incident

Procedures to gather and secure evidence

List of information that should be collected about an incident Outside experts who can be used to address issues if needed Policies and guidelines regarding how to handle an incident

Since the spec sheet has been marked Internal Proprietary Information the user should refer the incident to the incident response team.

Question No: 296 – (Topic 2)

Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

  1. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.

  2. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.

  3. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

  4. MOUs between two companies working together cannot be held to the same legal standards as SLAs.

Answer: C Explanation:

The Memorandum of Understanding This document is used in many settings in the information industry. It is a brief summary of which party is responsible for what portion of the work. For example, Company A may be responsible for maintaining the database server and Company B may be responsible for telecommunications. MOUs are not legally binding but they carry a degree of seriousness and mutual respect, stronger than a gentlemen’s agreement. Often, MOUs are the first steps towards a legal contract.

Question No: 297 – (Topic 2)

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?

  1. Mandatory vacations

  2. Job rotation

  3. Least privilege

  4. Time of day restrictions

Answer: C Explanation:

A least privilege policy is to give users only the permissions that they need to do their work and no more. That is only allowing security administrators to be able to make changes to the firewall by practicing the least privilege principle.

Question No: 298 – (Topic 2)

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

  1. CCTV

  2. Environmental monitoring

  3. Multimode fiber

  4. EMI shielding

Answer: D Explanation:

EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. Thus all wiring should be shielded to mitigate data theft.

Question No: 299 – (Topic 2)

The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur?

  1. EMI emanations

  2. Static electricity

  3. Condensation

  4. Dry-pipe fire suppression

Answer: B Explanation:

Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock.

Question No: 300 – (Topic 2)

After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?

  1. Fencing

  2. Proximity readers

  3. Video surveillance

  4. Bollards

Answer: D Explanation:

To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures.

Bollards are physical barriers that are strong enough to withstand impact with a vehicle.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *