Free Download Lastest Pass4sure CompTIA Security+ JK0-018 Pracitce Tests
CompTIA Security+ Certification Exam: JK0-018 Exam
JK0-018 Questions & Answers
Exam Code: JK0-018
Exam Name: CompTIA Security+ Certification Exam
Q & A: 857 Q&As
QUESTION NO: 1
Which of the following elements of PKI are found in a browser’s trusted root CA?
A. Private key
B. Symmetric key
C. Recovery key
D. Public key
QUESTION NO: 2
Which of the following protocols only encrypts password packets from client to server?
QUESTION NO: 3
Where are revoked certificates stored?
A. Recovery agent
C. Key escrow
QUESTION NO: 4
DRPs should contain which of the following?
A. Hierarchical list of non-critical personnel
B. Hierarchical list of critical systems
C. Hierarchical access control lists
D. Identification of single points of failure
QUESTION NO: 5
A system administrator could have a user level account and an administrator account to
A. password sharing.
B. escalation of privileges.
C. implicit deny.
D. administrative account lockout.
QUESTION NO: 6
Which of the following is the BEST way to mitigate data loss if a portable device is
A. Full disk encryption
B. Common access card
C. Strong password complexity
D. Biometric authentication
QUESTION NO: 7
Which of the following protocols should be blocked at the network perimeter to prevent host
enumeration by sweep devices?
QUESTION NO: 8
Which of the following is specific to a buffer overflow attack?
A. Memory addressing
B. Directory traversal
C. Initial vector
D. Session cookies
QUESTION NO: 9
Which of the following asymmetric encryption keys is used to encrypt data to ensure only
the intended recipient can decrypt the ciphertext?
QUESTION NO: 10
Which of the following should a security administrator implement to prevent users from
disruptingnetwork connectivity, if a user connects both ends of a network cable to different switch
A. VLAN separation
B. Access control
C. Loop protection
QUESTION NO: 11
A new enterprise solution is currently being evaluated due to its potential to increase the
company’s profit margins. The security administrator has been asked to review its security
implications. While evaluating the product, various vulnerability scans were performed. It
was determined that the product is not a threat but has the potential to introduce additional
vulnerabilities. Which of the following assessment types should the security administrator
also take into consideration while evaluating this product?
A. Threat assessment
B. Vulnerability assessment
C. Code assessment
D. Risk assessment
QUESTION NO: 12
Which of the following requires special handling and explicit policies for data retention and
A. Personally identifiable information
B. Phishing attacks
C. Zero day exploits
D. Personal electronic devices
QUESTION NO: 13
Centrally authenticating multiple systems and applications against a federated user
database is an
A. smart card.
B. common access card.
C. single sign-on.
D. access control list.
QUESTION NO: 14
WEP is seen as an unsecure protocol based on its improper use of which of the following?
QUESTION NO: 15
Which of the following should be performed if a smartphone is lost to ensure no data can be
retrieved from it?
A. Device encryption
B. Remote wipe
C. Screen lock
D. GPS tracking
QUESTION NO: 16
In an 802.11n network, which of the following provides the MOST secure method of both
encryption and authorization?
A. WEP with 802.1x
B. WPA Enterprise
D. WPA with TKIP
QUESTION NO: 17
Which of the following methods of access, authentication, and authorization is the MOST
secure by default?
QUESTION NO: 18
Which of the following facilitates computing for heavily utilized systems and networks?
A. Remote access
B. Provider cloud
C. VPN concentrator
QUESTION NO: 19
With which of the following is RAID MOST concerned?
QUESTION NO: 20
Which of the following reduces the likelihood of a single point of failure when a server fails?
D. Cold site
QUESTION NO: 21
A user downloads a keygen to install pirated software. After running the keygen, system
performance is extremely slow and numerous antivirus alerts are displayed. Which of the
following BEST describes this type of malware?
A. Logic bomb
QUESTION NO: 22
Which of the following is used in conjunction with PEAP to provide mutual authentication
QUESTION NO: 23
A targeted email attack sent to the company’s Chief Executive Officer (CEO) is known as
which of the following?
D. Dumpster diving
QUESTION NO: 24
Which of the following uses TCP port 22 by default?
A. SSL, SCP, and TFTP
B. SSH, SCP, and SFTP
C. HTTPS, SFTP, and TFTP
D. TLS, TELNET, and SCP
QUESTION NO: 25
Actively monitoring data streams in search of malicious code or behavior is an example of:
A. load balancing.
B. an Internet proxy.
C. URL filtering.
D. content inspection.
QUESTION NO: 26
A user is no longer able to transfer files to the FTP server. The security administrator has
verified the ports are open on the network firewall. Which of the following should the security
A. Anti-virus software
C. Anti-spam software
QUESTION NO: 27
A Human Resource manager is assigning access to users in their specific department
performing the same job function. This is an example of:
A. role-based access control.
B. rule-based access control.
C. centralized access control.
D. mandatory access control.
QUESTION NO: 28
Which of the following BEST describes the process of key escrow?
A. Maintains a copy of a user’s public key for the sole purpose of recovering messages if it
B. Maintains a secured copy of a user’s private key to recover the certificate revocation list
C. Maintains a secured copy of a user’s private key for the sole purpose of recovering the
key if it is lost
D. Maintains a secured copy of a user’s public key in order to improve network performance
QUESTION NO: 29
Which of the following network devices would MOST likely be used to detect but not react to
suspicious behavior on the network?
QUESTION NO: 30
Which of the following is an example of allowing a user to perform a self-service password
A. Password length
B. Password recovery
C. Password complexity
D. Password expiration
…go to http://www.lead2pass.com/jk0-018.html to download the full version Q&As.
Why Choose Lead2pass?
If you want to pass the exam successfully in first attempt you have to choose the best IT study material provider, in my opinion, Lead2pass is one of the best way to prepare for the exam.
|One Time Purchase||✔||✖||✖||✖||✖|
|100% Pass Guarantee||✔||✖||✖||✖||✖|
|100% Money Back||✔||✖||✖||✖||✖|