[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 371-380

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 371 – (Topic 2)

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

  1. Recovery

  2. Follow-up

  3. Validation

  4. Identification

  5. Eradication

  6. Containment

Answer: D

Explanation:

To be able to respond to the incident of malware infection you need to know what type of malware was used since there are many types of malware around. This makes identification critical in this case.

Question No: 372 – (Topic 2)

Which of the following risk concepts requires an organization to determine the number of failures per year?

  1. SLE

  2. ALE

  3. MTBF

  4. Quantitative analysis

Answer: B Explanation:

ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.

Question No: 373 – (Topic 2)

A system administrator has been instructed by the head of security to protect their data at- rest.

Which of the following would provide the strongest protection?

  1. Prohibiting removable media

  2. Incorporating a full-disk encryption system

  3. Biometric controls on data center entry points

  4. A host-based intrusion detection system

Answer: B Explanation:

Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the entire volume is encrypted, the data is not accessible to someone who might boot

another operating system in an attempt to bypass the computer’s security. Full disk encryption is sometimes referred to as hard drive encryption. This would be best to protect data that is at rest.

Question No: 374 – (Topic 2)

Which of the following risks could IT management be mitigating by removing an all-in-one device?

  1. Continuity of operations

  2. Input validation

  3. Single point of failure

  4. Single sign on

Answer: C Explanation:

The major disadvantage of combining everything into one, although you do this to save costs, is to include a potential single point of failure and the reliance/dependence on a single vendor.

Question No: 375 – (Topic 2)

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

  1. Succession plan

  2. Business impact document

  3. Continuity of operations plan

  4. Risk assessment plan

Answer: C Explanation:

Continuity of operations plan is the effort to ensure the continued performance of critical business functions during a wide range of potential emergencies.

Question No: 376 – (Topic 2)

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?

  1. HPM technology

  2. Full disk encryption

  3. DLP policy

  4. TPM technology

Answer: C Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. The Software as a Service (SaaS) applications are remotely run over the Web and as such requires DLP monitoring.

Question No: 377 – (Topic 2)

A user was reissued a smart card after the previous smart card had expired. The user is able to log into the domain but is now unable to send digitally signed or encrypted email. Which of the following would the user need to perform?

  1. Remove all previous smart card certificates from the local certificate store.

  2. Publish the new certificates to the global address list.

  3. Make the certificates available to the operating system.

  4. Recover the previous smart card certificates.

Answer: B Explanation:

CAs can be either private or public, with VeriSign being one of the best known of the public variety. Many operating system providers allow their systems to be configured as CA systems. These CA systems can be used to generate internal certificates that are used within a business or in large external settings. The process provides certificates to the users. Since the user in question has been re-issued a smart card, the user must receive a new certificate by the CA to allow the user to send digitally signed email. This is achieved by publishing the new certificates to the global address list.

Question No: 378 – (Topic 2)

Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).

  1. Acceptable use policy

  2. Risk acceptance policy

  3. Privacy policy

  4. Email policy

  5. Security policy

Answer: A,C Explanation:

Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement.

Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.

Question No: 379 – (Topic 2)

Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?

  1. Fault tolerance

  2. Succession planning

  3. Business continuity testing

  4. Recovery point objectives

Answer: B Explanation:

Succession planning outlines those internal to the organization that has the ability to step

into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.

Question No: 380 – (Topic 2)

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

  1. Hashing

  2. Key escrow

  3. Non-repudiation

  4. Steganography

Answer: A Explanation:

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and its main characteristics are:

It must be one-way – it is not reversible.

Variable-length input produces fixed-length output – whether you have two characters or 2 million, the hash size is the same.

The algorithm must have few or no collisions – in hashing two different inputs does not give the same output.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *