[Free] 2017(Nov) Dumps4cert Testinsides CompTIA JK0-022 Dumps with VCE and PDF Download 561-570

Dumps4cert 2017 Nov CompTIA Official New Released JK0-022
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/JK0-022.html

CompTIA Academic/E2C Security Certification Exam Voucher Only

Question No: 561 – (Topic 3)

Which of the following should an administrator implement to research current attack methodologies?

  1. Design reviews

  2. Honeypot

  3. Vulnerability scanner

  4. Code reviews

Answer: B Explanation:

A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies.

According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main purposes:

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned.

The hacker can be caught and stopped while trying to obtain root access to the system.

By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.

There are two main types of honeypots:

Production – A production honeypot is one used within an organization#39;s environment to help mitigate risk.

Research – A research honeypot add value to research in computer security by providing a platform to study the threat.

Question No: 562 – (Topic 3)

A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist. Which of the following is the BEST action for the administrator to take?

  1. Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.

  2. Obtain the vendor’s email and phone number and call them back after identifying the number of systems affected by the patch.

  3. Give the caller the database version and patch level so that they can receive help applying the patch.

  4. Call the police to report the contact about the database systems, and then check system logs for attack attempts.

Answer: A Explanation:

Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat.

In this question, the person making the call may be impersonating someone who works for a well-known database vendor. The actions described in this answer would mitigate the risk. By not divulging information about your database system and contacting the vendor directly, you can be sure that you are talking to the right people.

Question No: 563 – (Topic 3)

Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of.

  1. Scarcity

  2. Familiarity

  3. Intimidation

  4. Trust

Answer: A Explanation:

Scarcity, in the area of social psychology, works much like scarcity in the area of economics. Simply put, humans place a higher value on an object that is scarce, and a lower value on those that are abundant. The thought that we, as humans, want something we cannot have drives us to desire the object even more. This idea is deeply embedded in the intensely popular, “Black Friday” shopping extravaganza that U.S. consumers participate in every year on the day after Thanksgiving. More than getting a bargain on a hot gift idea, shoppers thrive on the competition itself, in obtaining the scarce product.

In this question, people want the brand new latest version of a smartphone. The temptation of being one of the first to get the new phone will tempt people into clicking the link in the email.

Question No: 564 – (Topic 3)

Which of the following application attacks is used to gain access to SEH?

  1. Cookie stealing

  2. Buffer overflow

  3. Directory traversal

  4. XML injection

Answer: B Explanation:

Buffer overflow protection is used to detect the most common buffer overflows by checking that the stack has not been altered when a function returns. If it has been altered, the program exits with a segmentation fault. Microsoft#39;s implementation of Data Execution Prevention (DEP) mode explicitly protects the pointer to the Structured Exception Handler (SEH) from being overwritten.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user#39;s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Question No: 565 – (Topic 3)

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

  1. Zero-day

  2. Buffer overflow

  3. Cross site scripting

  4. Malicious add-on

Answer: B Explanation:

This question describes a buffer overflow attack.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the

extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user#39;s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Question No: 566 – (Topic 3)

Which of the following BEST describes the type of attack that is occurring?

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

Dumps4Cert 2017 PDF and VCE

  1. Smurf Attack

  2. Man in the middle

  3. Backdoor

  4. Replay

  5. Spear Phishing

  6. Xmas Attack

  7. Blue Jacking

  8. Ping of Death

Answer: A Explanation:

The exhibit shows that all the computers on the network are being ‘pinged’. This indicates that the ping request was sent to the network broadcast address. We can also see that all the replies were received by one (probably with a spoofed address) host on the network. This is typical of a smurf attack.

A smurf attack is a type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker#39;s victim. All the hosts receiving the PING request reply to this victim#39;s address instead of the real sender#39;s address. A single attacker sending hundreds or thousands of these PING messages per second can fill the victim#39;s T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees.

Smurfing falls under the general category of Denial of Service attacks – security attacks that don#39;t try to steal information, but instead attempt to disable a computer or network.

Question No: 567 – (Topic 3)

A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?

  1. Spoofing

  2. XSS

  3. Fuzzing

  4. Pharming

Answer: B Explanation:

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.

Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access- privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user.

By validating user input and preventing special characters, we can prevent the injection of client-side scripting code.

Question No: 568 – (Topic 3)

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?

  1. Shoulder surfing

  2. Dumpster diving

  3. Whaling attack

  4. Vishing attack

Answer: A Explanation:

The CCTV camera has recorded people entering their PINs in the ATMs. This is known as shoulder surfing.

Shoulder surfing is using direct observation techniques, such as looking over someone#39;s shoulder, to get information. Shoulder surfing is an effective way to get information in

crowded places because it#39;s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.

Question No: 569 – (Topic 3)

Which of the following will help prevent smurf attacks?

  1. Allowing necessary UDP packets in and out of the network

  2. Disabling directed broadcast on border routers

  3. Disabling unused services on the gateway firewall

  4. Flash the BIOS with the latest firmware

Answer: B Explanation:

A smurf attack involves sending PING requests to a broadcast address. Therefore, we can prevent smurf attacks by blocking broadcast packets on our external routers.

A smurf attack is a type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker#39;s victim. All the hosts receiving the PING request reply to this victim#39;s address instead of the real sender#39;s address. A single attacker sending hundreds or thousands of these PING messages per second can fill the victim#39;s T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees.

Smurfing falls under the general category of Denial of Service attacks – security attacks that don#39;t try to steal information, but instead attempt to disable a computer or network.

Question No: 570 – (Topic 3)

During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use?

  1. Port scanner

  2. Network sniffer

  3. Protocol analyzer

  4. Process list

Answer: A Explanation:

Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server.

A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.

A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine.

100% Free Download!
Download Free Demo:JK0-022 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert JK0-022 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *