[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 301-310

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 301 – (Topic 2)

Which of the following can result in significant administrative overhead from incorrect reporting?

  1. Job rotation

  2. Acceptable usage policies

  3. False positives

  4. Mandatory vacations

Answer: C Explanation:

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. This causes a significant administrative overhead because the reporting is what results in the false positives.

Question No: 302 – (Topic 2)

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.

Which of the following describes this cause?

  1. Application hardening

  2. False positive

  3. Baseline code review

  4. False negative

Answer: B Explanation:

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

Question No: 303 – (Topic 2)

The security officer is preparing a read-only USB stick with a document of important personal phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At which of the following points in an incident should the officer instruct

employees to use this information?

  1. Business Impact Analysis

  2. First Responder

  3. Damage and Loss Control

  4. Contingency Planning

Answer: B Explanation:

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. In this scenario the security officer is carrying out an incident response measure that will address and be of benefit to those in the vanguard, i.e. the employees and they are the first responders.

Question No: 304 – (Topic 2)

Which of the following is the LEAST volatile when performing incident response procedures?

  1. Registers

  2. RAID cache

  3. RAM

  4. Hard drive

Answer: D Explanation:

An example of OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts. Of the options stated in the question the hard drive would be the least volatile.

Question No: 305 – (Topic 2)

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

  1. No competition with the company’s official social presence

  2. Protection against malware introduced by banner ads

  3. Increased user productivity based upon fewer distractions

  4. Elimination of risks caused by unauthorized P2P file sharing

Answer: B Explanation:

Banner, or header information messages sent with data to find out about the system(s) does happen. Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it.

Question No: 306 – (Topic 2)

Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years.

Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years.

Which of the following should Sara do to address the risk?

  1. Accept the risk saving $10,000.

  2. Ignore the risk saving $5,000.

  3. Mitigate the risk saving $10,000.

  4. Transfer the risk saving $5,000.

Answer: D Explanation:

Risk transference involves sharing some of the risk burden with someone else, such as an insurance company. The cost of the security breach over a period of 5 years would amount to $30,000 and it is better to save $5,000.

Question No: 307 – (Topic 2)

Which of the following provides data the best fault tolerance at the LOWEST cost?

  1. Load balancing

  2. Clustering

  3. Server virtualization

  4. RAID 6

Answer: D Explanation:

RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can achieve fault tolerance using software which can be done using the existing hardware and software thus representing the lowest cost option.

Question No: 308 – (Topic 2)

Certificates are used for: (Select TWO).

  1. Client authentication.

  2. WEP encryption.

  3. Access control lists.

  4. Code signing.

  5. Password hashing.

Answer: A,D Explanation:

Certificates are used in PKI to digitally sign data, information, files, email, code, etc. Certificates are also used in PKI for client authentication.

Question No: 309 – (Topic 2)

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?

  1. Information Security Awareness

  2. Social Media and BYOD

  3. Data Handling and Disposal

  4. Acceptable Use of IT Systems

Answer: A Explanation:

Education and training with regard to Information Security Awareness will reduce the risk of data leaks and as such forms an integral part of Security Awareness. By employing social engineering data can be leaked by employees and only when company users are made aware of the methods of social engineering via Information Security Awareness Training, you can reduce the risk of data leaks.

Question No: 310 – (Topic 2)

Requiring technicians to report spyware infections is a step in which of the following?

  1. Routine audits

  2. Change management

  3. Incident management

  4. Clean desk policy

Answer: C Explanation:

Incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets).

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *