[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 361-370

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 361 – (Topic 2)

Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information?

  1. Employ encryption on all outbound emails containing confidential information.

  2. Employ exact data matching and prevent inbound emails with Data Loss Prevention.

  3. Employ hashing on all outbound emails containing confidential information.

  4. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.

Answer: A Explanation:

Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted.

Question No: 362 – (Topic 2)

A company that has a mandatory vacation policy has implemented which of the following controls?

  1. Risk control

  2. Privacy control

  3. Technical control

  4. Physical control

Answer: A Explanation:

Risk mitigation is done anytime you take steps to reduce risks. Thus mandatory vacation implementation is done as a risk control measure because it is a step that is taken as risk mitigation.

Question No: 363 – (Topic 2)

An administrator has successfully implemented SSL on srv4.comptia.com using wildcard certificate *.comptia.com, and now wishes to implement SSL on srv5.comptia.com. Which of the following files should be copied from srv4 to accomplish this?

  1. certificate, private key, and intermediate certificate chain

  2. certificate, intermediate certificate chain, and root certificate

  3. certificate, root certificate, and certificate signing request

  4. certificate, public key, and certificate signing request

Answer: A Explanation:

a wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. In public-key cryptography, the receiver has a private key known only to them; a public key corresponds to it, which they make known to others. The public key can be sent to all other parties; the private key is never divulged. A symmetric algorithm requires that receivers of the message use the same private key. Thus you should copy the certificate, the private key and the intermediate certificate chain from srv4 to srv5.

Question No: 364 – (Topic 2)

The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed?

  1. Hot and cold aisles

  2. Humidity control

  3. HVAC system

  4. EMI shielding

Answer: A Explanation:

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation.

Infrared cameras are heat detection measures thus it is hot and cold aisle design elements.

Question No: 365 – (Topic 2)

Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?

  1. Acceptable Use Policy

  2. Physical security controls

  3. Technical controls

  4. Security awareness training

Answer: D Explanation:

Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. A good security awareness training program for the entire organization should cover the following areas: Importance of security; Responsibilities of people in the organization; Policies and procedures; Usage policies; Account and password-selection criteria as well as Social engineering prevention.

Question No: 366 – (Topic 2)

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?

  1. Identify user habits

  2. Disconnect system from network

  3. Capture system image

  4. Interview witnesses

Answer: C Explanation:

Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. Very much as helpful in same way that a virus sample is kept in laboratories to study later after a breakout. Also you should act in the order of volatility which states that the system image capture is first on the list of a forensic analysis.

Question No: 367 – (Topic 2)

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

  1. Disable the wireless access and implement strict router ACLs.

  2. Reduce restrictions on the corporate web security gateway.

  3. Security policy and threat awareness training.

  4. Perform user rights and permissions reviews.

Answer: C Explanation:

BYOD (In this case Sara’s smart phone) involves the possibility of a personal device that is infected with malware introducing that malware to the network and security awareness training will address the issue of the company’s security policy with regard to BYOD.

Question No: 368 – (Topic 2)

A company is looking to reduce the likelihood of employees in the finance department being involved with money laundering. Which of the following controls would BEST mitigate this risk?

  1. Implement privacy policies

  2. Enforce mandatory vacations

  3. Implement a security policy

  4. Enforce time of day restrictions

Answer: B Explanation:

A mandatory vacation policy requires all users to take time away from work to refresh. And in the same time it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfy the need to have replication or duplication at all levels in addition to affording the company an opportunity to discover fraud for when others do the same job in the absence of the regular staff member then there is transparency.

Question No: 369 – (Topic 2)

A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern?

  1. Create conduct policies prohibiting sharing credentials.

  2. Enforce a policy shortening the credential expiration timeframe.

  3. Implement biometric readers on laptops and restricted areas.

  4. Install security cameras in areas containing sensitive systems.

Answer: C Explanation:

Biometrics is an authentication process that makes use of physical characteristics to establish identification. This will prevent users making use of others credentials.

Question No: 370 – (Topic 2)

Which of the following technologies uses multiple devices to share work?

  1. Switching

  2. Load balancing

  3. RAID

  4. VPN concentrator

Answer: B Explanation:

Load balancing is a way of providing high availability by splitting the workload across multiple computers.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *