JK0 018
http://www.TwPass.com
JK0-018
CompTIA
CompTIA Security+ E2C (2011 Edition)
http://www.twpass.com/twpass.com/exam.aspx?eCode= JK0-018
The JK0-018 practice exam is written and formatted by Certified Senior IT Professionals working in
today's prospering companies and data centers all over the world! The JK0-018 Practice Test covers
all the exam topics and objectives and will prepare you for success quickly and efficiently.
The JK0-018 exam is very challenging, but with our JK0-018 questions and answers practice exam,
you can feel confident in obtaining your success on the JK0-018 exam on your FIRST TRY!
CompTIA JK0-018 Exam Features
- Detailed questions and answers for JK0-018 exam
- Try a demo before buying any CompTIA exam
- JK0-018 questions and answers, updated regularly
- Verified JK0-018 answers by Experts and bear almost 100% accuracy
- JK0-018 tested and verified before publishing
- JK0-018 exam questions with exhibits
- JK0-018 same questions as real exam with multiple choice options
Acquiring CompTIA certifications are becoming a huge task in the field of I.T. More over
these
exams like JK0-018 exam are now continuously updating and accepting this challenge is itself a task.
This JK0-018 test is an important part of CompTIA certifications. We have the resources
to
prepare you for this. The JK0-018 exam is essential and core part of CompTIA certifications
and
once you clear the exam you will be able to solve the real life problems yourself.Want to take
advantage of the Real JK0-018 Test and save time and money while developing your skills to pass
your CompTIA JK0-018 Exam? Let us help you climb that ladder of success and pass your JK0-018
now!
JK0-018
QUESTION: 1
Pete, a network administrator, is capturing packets on the network and notices that a large
amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he
do to segment that traffic from the other traffic?
A. Connect the WAP to a different switch
B. Create a voice VLAN
C. Create a DMZ
D. Set the switch ports to 802.1q mode
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=1
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 2
Which of the following security tools can Jane, a security administrator, use to deter theft?
A. Virtualization
B. Cable locks
C. GPS tracking
D. Device encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=2
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 3
Which of the following can be implemented on a laptop hard drive to help prevent
unauthorized access to data?
A. Full disk encryption
B. Key escrow
C. Screen lock
D. Data loss prevention
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=3
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 4
Which of the following network devices allows Jane, a security technician, to perform malware
inspection?
A. Load balancer
B. VPN concentrator
C. Firewall
D. NIPS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=4
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 5
Which of the following is a valid server-role in a Kerberos authentication system?
A. Token issuing system
B. Security assertion server
C. Authentication agent
D. Ticket granting server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=5
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 6
The accounting department needs access to network share A to maintain a number of financial
reporting documents. The department also needs access to network share B in HR to view
payroll documentation for cross-referencing items. Jane, an administrative assistant, needs
access to view one document in network share A to gather data for management reports.
Which of the following gives accounting and Jane the correct rights to these areas?
A. Accounting should be given read/write access to network share A and read access to
network share
B. Jane should be given read access for the specific document on network share A.
B. Accounting should be given read/write access to network share A and read access to
network share
B. Jane should be given read access to network share A.
C. Accounting should be given full access to network share A and read access to
network share
B. Jane should be given read/write access for the specific document on network share
A.
D. Accounting should be given full access to network share A and read access to
network share
B. Jane should be given read/write access to network share A.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=6
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 7
Which of the following creates ciphertext by changing the placement of characters?
A. Transposition cryptography
B. Hashing
C. Elliptical cryptography
D. Digital signatures
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=7
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 8
Which of the following malware types uses stealth techniques to conceal itself, cannot install
itself without user interaction, and cannot automatically propagate?
A. Rootkit
B. Logic bomb
C. Adware
D. Virus
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=8
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 9
When Pete, an employee, leaves a company, which of the following should be updated to
ensure Pete s security access is reduced or eliminated?
A. RSA
B. CA
C. PKI
D. CRL
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=9
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 10
Which of the following should Matt, an administrator, change FIRST when installing a new
access point?
A. SSID broadcast
B. Encryption
C. DHCP addresses
D. Default password
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=10
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 11
A datacenter has two rows of racks which are facing the same direction. Sara, a consultant,
recommends the racks be faced away from each other. This is an example of which of the
following environmental concepts?
A. Fire suppression
B. Raised floor implementation
C. Hot and cool aisles
D. Humidity controls implementation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=11
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 12
Which of the following password policies is the MOST effective against a brute force network
attack?
A. Password complexity
B. Password recovery
C. 30 day password expiration
D. Account lockout
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=12
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 13
Which of the following would BEST be used by Sara, the security administrator, to calculate
the likelihood of an event occurring?
A. SLE
B. ALE
C. ROI
D. ARO
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=13
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 14
Which of the following should Matt, an administrator, implement in a server room to help
prevent static electricity?
A. GFI electrical outlets
B. Humidity controls
C. ESD straps
D. EMI shielding
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=14
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 15
Sara, a company s security officer, often receives reports of unauthorized personnel having
access codes to the cipher locks of secure areas in the building Sara should immediately
implement which of the following?
A. Acceptable Use Policy
B. Physical security controls
C. Technical controls
D. Security awareness training
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=15
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 16
Pete, an IT security technician, has been tasked with implementing physical security controls
for his company s workstations. Which of the following BEST meets this need?
A. Host-based firewalls
B. Safe
C. Cable locks
D. Remote wipe
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=16
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 17
Which of the following creates ciphertext by replacing one set of characters for another?
A. Substitution cryptography
B. Elliptical cryptography
C. Digital signatures
D. Transposition cryptography
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=17
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 18
Sara, the IT Manager, would like to ensure that the router and switches are only available from
the network administrator s workstation. Which of the following would be the MOST cost
effective solution to ensure that only the network administrator can access these devices?
A. Restrict console ports
B. Time of day restrictions
C. Implement ACLs
D. Implement an out-of-band administrative network
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=18
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 19
A company is performing internal security audits after a recent exploitation on one of their
proprietary applications. Sara, the security auditor, is given the workstation with limited
documentation regarding the application installed for the audit. Which of the following types of
testing methods is this?
A. Sandbox
B. White box
C. Black box
D. Gray box
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=19
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 20
A web server sitting in a secure DMZ has antivirus and anti-malware software which updates
daily. The latest security patches are applied and the server does not run any database software.
A day later, the web server is compromised and defaced. Which of the following is the MOST
likely type of attack?
A. Header manipulation
B. Zero day exploit
C. Session hijacking
D. SQL injection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=20
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 21
Which of the following protocols is MOST likely associated with network audit logging?
A. ICMP
B. FTPS
C. DNS
D. SNMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=21
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 22
Pete, a security administrator, is asked to install and configure centralized software to securely
manage and collect statistics from all of the company s network devices. Which of the
following should the software support?
A. 802.1x
B. ICMP
C. SNMPv3
D. SNMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=22
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 23
A network consists of various remote sites that connect back to two main locations. Pete, the
security administrator, needs to block TELNET access into the network. Which of the
following, by default, would be the BEST choice to accomplish this goal?
A. Block port 23 on the L2 switch at each remote site
B. Block port 23 on the network firewall
C. Block port 25 on the L2 switch at each remote site
D. Block port 25 on the network firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=23
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 24
Pete, a security administrator, is informed that people from the HR department should not have
access to the accounting department s server, and the accounting department should not have
access to the HR department s server. The network is separated by switches. Which of the
following is designed to keep the HR department users from accessing the accounting
department s server and vice-versa?
A. ACLs
B. VLANs
C. DMZs
D. NATS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=24
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 25
Which of the following is BEST utilized to actively test security controls on a particular
system?
A. Port scanning
B. Penetration test
C. Vulnerability scanning
D. Grey/Gray box
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=25
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 26
Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a
page is displayed notifying him that this site cannot be visited. Which of the following is
MOST likely blocking Pete s access to this site?
A. Internet content filter
B. Firewall
C. Proxy server
D. Protocol analyzer
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=26
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 27
Which of the following has serious security implications for large organizations and can
potentially allow an attacker to capture conversations?
A. Subnetting
B. NAT
C. Jabber
D. DMZ
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=27
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 28
Upper management decides which risk to mitigate based on cost. This is an example of:
A. Qualitative risk assessment
B. Business impact analysis
C. Risk management framework
D. Quantitative risk assessment
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=28
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 29
Isolation mode on an AP provides which of the following functionality types?
A. Segmentation of each wireless user from other wireless users
B. Disallows all users from communicating directly with the AP
C. Hides the service set identifier
D. Makes the router invisible to other routers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=29
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 30
Employees are reporting that unauthorized personnel are in secure areas of the building. This is
MOST likely due to lack of security awareness in which of the following areas?
A. Impersonation
B. Logical controls
C. Physical security controls
D. Access control policy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=30
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 31
A forensic image of a hard drive has been created. Which of the following can be used to
demonstrate the image has not been tampered with?
A. Chain of custody
B. Document the image file s size and time stamps
C. Encrypt the image file
D. Hash of the image file
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=31
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 32
Which of the following secure protocols is MOST commonly used to remotely administer
Unix/Linux systems?
A. SSH
B. SCP
C. SFTP
D. SNMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=32
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 33
Which of the following security concepts can Matt, a security administrator, implement to
support integrity?
A. Digital signatures
B. Trust models
C. Key escrow
D. Recovery agents
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=33
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 34
Which of the following combinations represents multifactor authentication?
A. Smart card and hard token
B. Voice print analysis and facial recognition
C. Username and PIN
D. Cipher lock combination and proximity badge
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=34
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 35
Matt, a developer, recently attended a workshop on a new application. The developer installs
the new application on a production system to test the functionality. Which of the following is
MOST likely affected?
A. Application design
B. Application security
C. Initial baseline configuration
D. Management of interfaces
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=35
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 36
Which of the following is Jane, a security administrator, MOST likely implementing when
deleting all the unneeded files and modules of a newly installed application?
A. Exception handling
B. Patch management
C. System file clean up
D. Application hardening
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=36
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 37
Matt, a security administrator, wants to ensure that the message he is sending does not get
intercepted or modified in transit. This concern relates to which of the following concepts?
A. Availability
B. Integrity
C. Accounting
D. Confidentiality
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=37
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 38
Which of the following should be used when a business needs a block cipher with minimal key
size for internal encryption?
A. AES
B. Blowfish
C. RC5
D. 3DES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=38
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 39
Which of the following best practices makes a wireless network more difficult to find?
A. Implement MAC filtering
B. UseWPA2-PSK
C. Disable SSD broadcast
D. Power down unused WAPs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=39
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 40
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system
performance is extremely slow and numerous antivirus alerts are displayed. Which of the
following BEST describes this type of malware?
A. Logic bomb
B. Worm
C. Trojan
D. Adware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=40
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 41
The use of social networking sites introduces the risk of:
A. Disclosure of proprietary information
B. Data classification issues
C. Data availability issues
D. Broken chain of custody
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=41
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 42
Which the following flags are used to establish a TCP connection? (Select TWO).
A. PSH
B. ACK
C. SYN
D. URG
E. FIN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=42
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 43
Which of the following is MOST likely to result in data loss?
A. Accounting transferring confidential staff details via SFTP to the payroll department
B. Back office staff accessing and updating details on the mainframe via SSH
C. Encrypted backup tapes left unattended at reception for offsite storage
D. Developers copying data from production to the test environments via a USB stick
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=43
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 44
Sara, a security administrator, sends an email to the user to verify their password has been
reset. Which of the following threats is BEST mitigated by this action?
A. Spear phishing
B. Impersonation
C. Hoaxes
D. Evil twin
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=44
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 45
Which of the following describes an LDAP injection attack?
A. Creating a copy of user credentials during the LDAP authentication session
B. Manipulating an application s LDAP query to gain or alter access rights
C. Sending buffer overflow to the LDAP query service
D. Using XSS to direct the user to a rogue LDAP server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=45
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 46
Which of the following concepts defines the requirement for data availability?
A. Authentication to RADIUS
B. Non-repudiation of email messages
C. Disaster recovery planning
D. Encryption of email messages
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=46
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 47
Which of the following is an example of multifactor authentication?
A. Credit card and PIN
B. Username and password
C. Password and PIN
D. Fingerprint and retina scan
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=47
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 48
Which of the following is an attack designed to steal cell phone data and contacts?
A. Bluesnarfing
B. Smurfing
C. Fuzzing
D. Bluejacking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=48
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 49
Which of the following best practices is commonly found at the end of router ACLs?
A. Time of day restrictions
B. Implicit deny
C. Implicit allow
D. Role-based access controls
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=49
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 50
Which of the following uses TCP / UDP port 53 by default?
A. DNS
B. SFTP
C. SSH
D. NetBIOS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=50
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 51
An organization is recovering data following a datacenter outage and determines that backup
copies of files containing personal information were stored in an unsecure location, because the
sensitivity was unknown. Which of the following activities should occur to prevent this in the
future?
A. Business continuity planning
B. Quantitative assessment
C. Data classification
D. Qualitative assessment
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=51
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 52
Sara, the network administrator, was alerted to an unauthorized email that was sent to specific
VIPs in the company with a malicious attachment. Which of the following types of attacks is
MOST likely being described?
A. Vishing
B. Whaling
C. DDoS
D. Pharming
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=52
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 53
In the event of a mobile device being lost or stolen, which of the following BEST protects
against sensitive information leakage?
A. Cable locks
B. Remote wipe
C. Screen lock
D. Voice encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=53
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 54
Which of the following should Sara, a security administrator, perform periodically to reduce an
organization s risk exposure by verifying employee access?
A. Account revalidation
B. Incident management
C. Qualitative analysis
D. Quantitative analysis
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=54
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 55
Which of the following is the MAIN benefit of server-side versus client-side input validation?
A. Server-side input validation results in a more secure system than client-side input
validation.
B. Client-side input validation can lead to local buffer overflows while server-side input
validation can lead to remote buffer overflow.
C. Client-side input validation results in a more secure system than server-side input
validation.
D. Server-side input validation is prone to buffer overflows while client-side input
validation is not.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=55
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 56
Which of the following is MOST appropriate when storing backup tapes in a physically nonsecure room?
A. Use an in-tape GPS tracking device.
B. Store the tapes in a locked safe.
C. Encrypt the tapes with AES.
D. Securely wipe the tapes.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=56
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 57
Grandfather-Father-Son and Tower of Hanoi are common:
A. Trojans that collect banking information.
B. Backup tape rotation strategies.
C. Penetration testing best practices.
D. Failover practices in clustering.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=57
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 58
Which of the following is the below pseudo-code an example of? IF VARIABLE
(CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=58
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 59
Which of the following can BEST be implemented on a mobile phone to help prevent any
sensitive data from being recovered if the phone is lost?
A. Voice encryption
B. Screen locks
C. Device encryption
D. GPS tracking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=59
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 60
Which of the following security concepts would Sara, the security administrator, use to
mitigate the risk of data loss?
A. Record time offset
B. Clean desk policy
C. Cloud computing
D. Routine log review
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=60
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 61
If Organization A trusts Organization B and Organization B trusts Organization C, then
Organization A trusts Organization C. Which of the following PKI concepts is this describing?
A. Transitive trust
B. Public key trust
C. Certificate authority trust
D. Domain level trust
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=61
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 62
Which of the following is BEST associated with PKI?
A. Private key
B. Block ciphers
C. Stream ciphers
D. NTLMv2
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=62
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 63
Which of the following malware types is BEST described as protecting itself by hooking
system processes and hiding its presence?
A. Botnet
B. Rootkit
C. Logic bomb
D. Virus
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=63
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 64
Sara, a security administrator, manually hashes all network device configuration files daily and
compares them to the previous days hashes. Which of the following security concepts is Sara
using?
A. Confidentiality
B. Compliance
C. Integrity
D. Availability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=64
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 65
Following a security failure incident, the chain of custody must be followed in order to:
A. Determine who accessed the compromised equipment pre-incident.
B. Securely lock down any compromised equipment.
C. Preserve and maintain evidence integrity.
D. Provide an accurate timeline detailing how the incident occurred.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=65
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 66
Jane, an IT administrator, is implementing security controls on a Microsoft Windows based
kiosk used at a bank branch. This kiosk is used by the public for Internet banking. Which of
the following controls will BEST protect the kiosk from general public users making system
changes?
A. Group policy implementation
B. Warning banners
C. Command shell restrictions
D. Host based firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=66
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 67
After Matt, a user, enters his username and password at the login screen of a web enabled
portal, the following appears on his screen: Please only use letters and numbers on these
fields Which of the following is this an example of?
A. Proper error handling
B. Proper input validation
C. Improper input validation
D. Improper error handling
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=67
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 68
The corporate NIPS requires a daily download from its vendor with updated definitions in
order to block the latest attacks. Which of the following describes how the NIPS is
functioning?
A. Heuristics
B. Anomaly based
C. Signature based
D. Behavior based
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=68
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 69
Pete, a security administrator, needs to update the community strings on the router since they
have been compromised. Which of the following needs to be changed?
A. SMTP
B. SNMP
C. ICMP
D. IPSec
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=69
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 70
Which of the following symmetric key algorithms are examples of block ciphers? (Select
THREE)
A. RC4
B. 3DES
C. AES
D. MD5
E. PGP
F. Blowfish
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=70
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 71
Matt, an account manager, arrives at work early in the morning and cannot log into his
workstation. He calls the help desk an hour later to open a trouble ticket, but they tell him there
is nothing wrong with his account. Matt tries his login once more and is granted access. Which
of the following control types BEST explains this anomaly?
A. Discretionary access control
B. Time of day restrictions
C. Separation of duties
D. Single sign-on
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=71
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 72
A targeted email attack sent to Sara, the company s Chief Executive Officer (CEO), is known
as which of the following?
A. Whaling
B. Bluesnarfing
C. Vishing
D. Dumpster diving
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=72
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 73
Which of the following network devices allows web traffic to be distributed amongst servers?
A. Web security gateway
B. Load balancers
C. NIDS
D. Routers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=73
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 74
Which of the following provides the LEAST availability?
A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=74
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 75
Sara, a security guard, reports that the side of the company building has been marked with
spray paint. Which of the following could this be an example of?
A. Interference
B. War driving
C. War chalking
D. War dialing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=75
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 76
Matt, a security administrator, has the VPN tunnel application set up so that after multiple
incorrect attempts, the VPN service is disabled. Which of the following deterrent techniques
does this describe?
A. Intrusions detection system
B. Baseline reporting
C. Failopen
D. Failsafe
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=76
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 77
Sara, a user, receives a call and the caller asks if Sara would be willing to answer a few
marketing questions, and in return be placed in the drawing to win a trip to Hawaii. After Sara
agrees, she is transferred to an automated service which states that some personal information
needs to be collected to verify her full name, birthday, address, and email to be eligible for the
Hawaii trip. After providing the details Sara is then solicited for banking preferences, general
purchasing preferences, and debit card details. Which of the following BEST describes this
type of attack?
A. A hoax
B. Pharming
C. Smurfing
D. Vishing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=77
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 78
Which of the following devices is BEST suited for servers that need to store private keys?
A. Hardware security module
B. Hardened network firewall
C. Solid state disk drive
D. Hardened host firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=78
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 79
Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what
services and operating systems are running on the corporate network. Which of the following
should be used to complete this task?
A. Fingerprinting and password crackers
B. Fuzzing and a port scan
C. Vulnerability scan and fuzzing
D. Port scan and fingerprinting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=79
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 80
Which of the following types of data encryption would Matt, a security administrator, use to
encrypt a specific table?
A. Full disk
B. Individual files
C. Database
D. Removable media
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=80
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 81
Which of the following security controls enforces user permissions based on a job role?
A. Single sign-on access
B. Group based privileges
C. Account policy enforcement
D. User assigned privileges
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=81
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 82
A business has paper forms on hand in the event of a credit processing system failure. This is
an example of which of the following?
A. Business process re-engineering
B. Disaster recovery
C. Continuity of operations
D. Enterprise resource planning
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=82
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 83
By default, which of the following ports would Pete, an administrator, block to prevent
incoming RDP connections to a Windows Server?
A. 22
B. 161
C. 3389
D. 5631
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=83
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 84
Which of the following encrypts the body of a packet, rather than just the password, while
sending information?
A. LDAP
B. TACACS+
C. ACLs
D. RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=84
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 85
Which of the following should Matt, a security administrator, include when encrypting
smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=85
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 86
Which of the following risk related concepts BEST supports the identification of fraud?
A. Risk avoidance
B. Job rotation
C. ALE calculation
D. Clean desk policy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=86
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 87
Which of the following would Pete, a security administrator, do to limit a wireless signal from
penetrating the exterior walls?
A. Implement TKIP encryption
B. Consider antenna placement
C. Disable the SSID broadcast
D. Disable WPA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=87
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 88
Which of the following are restricted to 64-bit block sizes? (Select TWO).
A. PGP
B. DES
C. AES256
D. RSA
E. 3DES
F. AES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=88
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 89
Which of the following would be implemented to create a network inside a network?
A. VLAN
B. NAT
C. NAC
D. VPN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=89
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 90
Which of the following is a system designed to lure attackers away from production systems?
A. Proxy server
B. Spam filter
C. Honeypot
D. Flood guard
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=90
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 91
Sara, a security analyst, discovers which operating systems the client devices on the network
are running by only monitoring a mirror port on the router. Which of the following techniques
did Sara use?
A. Active fingerprinting
B. Passive fingerprinting
C. Protocol analyzing
D. Network enumerating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=91
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 92
Which of the following authentication services uses a ticket granting system to provide access?
A. RADIUS
B. LDAP
C. TACACS+
D. Kerberos
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=92
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 93
Matt, the Chief Information Officer (CIO), wants to protect laptop users from zero day attacks.
Which of the following would BEST achieve Matt�s goal?
A. Host based firewall
B. Host based IDS
C. Anti-virus
D. Anti-spyware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=93
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 94
Which of the following is often rated based on its ability to increase the time it takes to perform
an attack?
A. Safe
B. Screen lock
C. Patch management
D. Visualization
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=94
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 95
The human resources department of a company has requested full access to all network
resources, including those of the financial department. Jane, the administrator, denies this,
citing:
A. Conflict of interest
B. Separation of duties
C. Role authentication
D. Implicit deny
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=95
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 96
Which of the following is a way to gain access to a protected system while another user is
entering credentials?
A. Spim
B. Shoulder surfing
C. DDoS
D. Backdoor
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=96
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 97
Which of the following would Pete, a security administrator, MOST likely implement in order
to allow employees to have secure remote access to certain internal network services such as
file servers?
A. Packet filtering firewall
B. VPN gateway
C. Switch
D. Router
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=97
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 98
Jane, a security administrator, needs to deploy a wireless network where the wireless
encryption key is negotiated automatically. Which of the following MUST be implemented?
A. WPA2-PSK
B. 802.1n
C. MAC filtering
D. WPA enterprise
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=98
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 99
Which of the following can be implemented on the company gateway router to prevent IP
packets with a source IP of the internal company network from being routed by the external
interface of the router into the company s network?
A. 802.1x
B. Flood guards
C. Access control lists
D. Loop protection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=99
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 100
Which of the following BEST explains the security benefit of a standardized server image?
A. All current security updates for the operating system will have already been applied.
B. Mandated security configurations have been made to the operating system.
C. Anti-virus software will be installed and current.
D. Operating system license use is easier to track.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=100
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 101
Jane, the security administrator for a company, needs to assign permissions for users on her
network. Which of the following would allow Jane to give ONLY the appropriate permissions
necessary?
A. Separation of duties
B. Job rotation
C. Privilege escalation
D. Least privilege
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=101
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 102
Users in the marketing department are given a different level of access to files than users in the
accounting department. Which of the following types of access control does this BEST
describe?
A. Standard access control
B. Role based access control
C. Mandatory access control
D. Discretionary access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=102
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 103
Which of the following types of data encryption would Jane, a security administrator, use if
MBR and the file systems needed to be included?
A. Full disk
B. Individual files
C. Database
D. Partial disk
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=103
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 104
Sara, an employee, enters the datacenter but does not ensure the door was fully closed
afterwards. Which of the following could directly result from this situation?
A. Clean desk policy
B. Social engineering
C. Tailgating
D. Chain of custody
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=104
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 105
Which of the following should Pete, the security administrator, change to help mitigate the risk
associated with war drivers discovering the wireless network?
A. WPA encryption
B. WEP encryption
C. MAC filtering
D. AP power levels
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=105
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 106
Which of the following is used to verify the identity of the sender of a signed email?
A. Public key
B. Sender s IP
C. From field
D. Private key
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=106
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 107
Which of the following is the MOST important security requirement for mobile devices storing
PII?
A. Remote data wipe
B. GPS location service
C. VPN pass-through
D. WPA2 wireless
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=107
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 108
Which of the following is a way to confirm that all staff members know their roles and
responsibilities during an IT disaster or other IT contingency event?
A. Table-top exercise
B. Hot site
C. Disaster recovery plan
D. MTTR
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=108
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 109
The main corporate website has a service level agreement that requires availability 100% of the
time, even in the case of a disaster. Which of the following would be required to meet this
demand?
A. Warm site implementation for the datacenter
B. Geographically disparate site redundant datacenter
C. Localized clustering of the datacenter
D. Cold site implementation for the datacenter
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=109
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 110
Which of the following concepts is BEST described as developing a new chain of command in
the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=110
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 111
Which of the following will allow proper ventilation for servers in a data center?
A. Hot/cold aisles
B. Humidity controls
C. EMI shielding
D. Load balancing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=111
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 112
Which of the following combinations represents multifactor authentication?
A. Key and proximity badge
B. Fingerprint and proximity badge
C. Retina scan and voice analysis
D. Password and PIN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=112
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 113
Jane, an administrator, is primarily concerned with blocking external attackers from gaining
information on remote employees by scanning their laptops. Which of the following security
applications is BEST suited for this task?
A. Host IDS
B. Personal firewall
C. Anti-spam software
D. Anti-virus software
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=113
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 114
Which of the following can Pete, the security administrator, implement to filter Internet traffic?
A. Warning banners
B. Spam filters
C. Host-based firewalls
D. Command shell restrictions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=114
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 115
Which of the following should Jane, the security administrator, do FIRST when an employee
reports the loss of a corporate mobile device?
A. Remotely lock the device with a PIN
B. Enable GPS location and record from the camera
C. Remotely uninstall all company software
D. Remotely initiate a device wipe
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=115
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 116
Which of the following protocols is used to authenticate the client and server s digital
certificate?
A. PEAP
B. DNS
C. TLS
D. ICMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=116
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 117
Which of the following authentication services uses the AAA architecture and runs on TCP?
A. LDAP
B. Kerberos
C. RADIUS
D. TACACS+
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=117
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 118
Users have notified Sara, a technician, that the performance of a specific set of servers has
degraded. All of the servers are in the same facility and accessible, but are very slow to
respond. Which of the following is MOST likely the cause?
A. The servers are not configured in a hot aisle and cool aisle containment.
B. Redundancy and data de-duplication has failed.
C. The UPS is overloaded and has begun the shutdown process.
D. HVAC has failed causing server CPUs to overheat and throttle.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=118
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 119
Matt, an administrator, captures malicious DNS traffic on the network. Which of the following
tools would be used to analyze the nature of this traffic?
A. Sniffer
B. Zone transfer
C. Network tap
D. Application firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=119
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 120
Which of the following should Pete, an administrator, use to verify the integrity of a
downloaded file?
A. CRL
B. CSR
C. AES
D. MD5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=120
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 121
Pete, a security analyst, must authenticate himself and his company when obtaining a
certificate. Which of the following would validate this information for Pete?
A. Certification authority
B. Key escrow
C. Registration authority
D. Trust model
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=121
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 122
How often, at a MINIMUM, should Sara, an administrator, review the accesses and right of the
users on her system?
A. Annually
B. Immediately after an employee is terminated
C. Every five years
D. Every time they patch the server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=122
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 123
Jane, a user, has reported an increase in email phishing attempts. Which of the following can be
implemented to mitigate the attacks?
A. Anti-spyware
B. Anti-adware
C. Anti-virus
D. Anti-spam
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=123
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 124
Which of the following is a policy that would force all users to organize their areas as well as
help in reducing the risk of possible data theft?
A. Password behaviors
B. Clean desk policy
C. Data handling
D. Data disposal
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=124
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 125
Which of the following is the BEST reason to have a formal and exercised incident
management plan?
A. All vulnerabilities are mitigated
B. Users do not maintain excessive permissions
C. Patches are not made without testing
D. All parties understand their role in the process
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=125
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 126
Which of the following identifies certificates that have been compromised or suspected of
being compromised?
A. Certificate revocation list
B. Access control list
C. Key escrow registry
D. Certificate authority
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=126
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 127
Which of the following time periods is a best practice for requiring user awareness training?
A. Every 5 years
B. Every 3 years
C. Every 2 years
D. Annually
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=127
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 128
In which of the following locations would Sara, a forensic analyst, look to find a hooked
process?
A. BIOS
B. Slack space
C. RAM
D. Rootkit
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=128
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 129
A company notices that there is a flaw in one of their proprietary programs that the company
runs in-house. The flaw could cause damage to the HVAC system. Which of the following
would the company transfer to an insurance company?
A. Risk
B. Threat
C. Vulnerability
D. Code review
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=129
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 130
Which of the following features would allow Pete, a network administrator, to allow or deny
access to a specific list of network clients?
A. Content filtering
B. Flood guard
C. URL filtering
D. MAC filtering
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=130
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 131
Pete, a system administrator, is using a packet sniffer to troubleshoot remote authentication.
Pete detects a device trying to communicate to UDP ports 1812 and 1813. Which of the
following authentication methods is MOST likely being attempted?
A. TACACS+
B. LDAP
C. Kerberos
D. RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=131
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 132
Which of the following is an example of authentication using something Jane, a user, has and
something she knows?
A. GSM phone card and PIN
B. Username and password
C. Username and PIN
D. Fingerprint scan and signature
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=132
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 133
Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a
company network by using a former employee s credential?
A. Account expiration
B. Password complexity
C. Account lockout
D. Dual factor authentication
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=133
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 134
Which of the following MUST Matt, a security administrator, implement to verify both the
integrity and authenticity of a message while requiring a shared secret?
A. RIPEMD
B. MD5
C. SHA
D. HMAC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=134
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 135
Which of the following does Jane, a software developer, need to do after compiling the source
code of a program to attest the authorship of the binary?
A. Place Jane s name in the binary metadata
B. Use Jane s private key to sign the binary
C. Use Jane s public key to sign the binary
D. Append the source code to the binary
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=135
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 136
During the analysis of malicious code, Matt, a security analyst, discovers JavaScript being used
to send random data to another service on the same system. This is MOST likely an example
of which of the following?
A. Buffer overflow
B. XML injection
C. SQL injection
D. Distributed denial of service
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=136
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 137
Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of
the following attacks? (Select TWO).
A. Spoofing
B. Man-in-the-middle
C. Dictionary
D. Brute force
E. Privilege escalation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=137
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 138
A company s backup solution performs full backups weekly and is running into capacity issues.
Without changing the frequency of backups, which of the following solutions would reduce the
storage requirement?
A. Differential backups
B. Magnetic media backups
C. Load balancing
D. Incremental backups
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=138
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 139
3DES is created when which of the following scenarios occurs?
A. The DES algorithm is run three consecutive times against the item being encrypted.
B. The DES algorithm has been used by three parties: the receiving party, sending party,
and server.
C. The DES algorithm has its key length increased to 256.
D. The DES algorithm is combined with AES and SHA1.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=139
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 140
Which of the following mitigates the risk of proprietary information being compromised?
A. Cloud computing
B. Digital signatures
C. File encryption
D. Virtualization
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=140
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 141
Which of the following security tools can Jane, an administrator, implement to mitigate the
risks of theft?
A. Virtualization
B. Host based firewalls
C. HIPS
D. Device encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=141
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 142
Matt, an attacker, drops a USB flash drive labeled "CEO s music collection" in the reception
area of a bank hoping an employee will find it. The drive actually contains malicious code.
Which of the following attacks is this?
A. Vishing
B. Social engineering
C. Spim
D. Impersonation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=142
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 143
Sara, an employee, visits a website and downloads the PDF application to officially become a
member. The network administrator notices large amounts of bandwidth at night from Sara s
workstation. Which of the following attacks does this describe?
A. Adware
B. Botnets
C. Logic bomb
D. Spyware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=143
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 144
Matt, the Chief Information Security Officer (CISO), tells the network administrator that a
security company has been hired to perform a penetration test against his network. The
security company asks Matt which type of testing would be most beneficial for him. Which of
the following BEST describes what the security company might do during a black box test?
A. The security company is provided with all network ranges, security devices in place,
and logical maps of the network.
B. The security company is provided with no information about the corporate network
or physical locations.
C. The security company is provided with limited information on the network, including
all network diagrams.
D. The security company is provided with limited information on the network,
including some subnet ranges and logical network diagrams.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=144
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 145
If Pete, an administrator, is blocking port 22, which of the following protocols will this affect?
(Select TWO)
A. SNMP
B. SSH
C. SMTP
D. FTP
E. Telnet
F. SCP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=145
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 146
Which of the following allows active exploitation of security vulnerabilities on a system or
network for the purpose of determining true impact?
A. Port scanning
B. Penetration testing
C. Vulnerability scanning
D. Performing risk analysis
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=146
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 147
Which of the following web application security weaknesses can be mitigated by preventing
the use of HTML tags?
A. LDAP injection
B. SQL injection
C. Error and exception handling
D. Cross-site scripting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=147
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 148
A recent virus outbreak has finally been contained and now several users are reporting latency
issues. A vulnerability scan was performed and no backdoors were found. Upon further
investigation, Matt, the security administrator, notices that websites are being redirected to
unauthorized sites. This is an example of which of the following?
A. Botnet
B. Rootkits
C. Trojan
D. Spyware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=148
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 149
Which of the following is BEST used to control access to the LAN?
A. DMZ
B. NAC
C. NAT
D. Remote access
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=149
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 150
Which of the following is a technical preventive control?
A. IDS
B. Data backup
C. Audit logs
D. ACLs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=150
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 151
When deploying virtualized servers, which of the following should a company be the MOST
concerned with?
A. Integrity
B. Non-repudiation
C. Power consumption
D. Availability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=151
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 152
The main difference between symmetric and asymmetric encryption is that:
A. Symmetric encryption uses the same key for encryption and decryption, while
asymmetric encryption uses one key to encrypt and one to decrypt.
B. In symmetric encryption the encryption key must be of even number length so that it
can be split in two, where one part is used for encryption and the other is used for
decryption.
C. Asymmetric encryption uses the same key for encryption and decryption, while
symmetric encryption uses one key to encrypt and one to decrypt.
D. In asymmetric encryption the same key is given to one user in a hashed format and
used for encryption, and to another used in plain text and used for decryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=152
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 153
Jane, an information security manager, often receives reports about the sharing of cipher lock
codes to gain access to secure areas. Jane would like to implement a new control that would
prevent the sharing of codes and limit access points to only key employees. Which of the
following security controls would BEST mitigate this issue?
A. Use ACLs
B. Separation of duties
C. Install proximity readers
D. Time of day restrictions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=153
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 154
Jane, a security administrator, has been tasked with explaining access control aspects to a peer.
Which of the following is a directory service supporting both Windows and Linux
authentication?
A. LDAP
B. Trusted OS
C. TACACS+
D. PAM
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=154
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 155
Pete, a system administrator, has concerns regarding his users accessing systems and secured
areas using others credentials. Which of the following can BEST address this concern?
A. Create conduct policies prohibiting sharing credentials.
B. Enforce a policy shortening the credential expiration timeframe.
C. Implement biometric readers on laptops and restricted areas.
D. Install security cameras in areas containing sensitive systems.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=155
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 156
Which of the following is the MOST secure solution for connecting remote sites to the
corporate headquarters?
A. PPTP
B. L2TP
C. HTTP
D. IPSec
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=156
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 157
Which of the following is the BEST method to use when preventing a cross-site scripting attack
on a Human Resource system?
A. Require all data be filtered through a web application firewall.
B. Restrict permitted HTML encoding to a limited subset of tags and attributes.
C. Provide user education on the threat of cross-site scripting.
D. Input validation upon arrival at the server.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=157
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 158
Jane s, a user, word processing software is exhibiting strange behavior, opening and closing
itself at random intervals. There is no other strange behavior on the system. Which of the
following would mitigate this problem in the future?
A. Install application updates
B. Encrypt the file system
C. Install HIDS
D. Install anti-spam software
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=158
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 159
Jane, a user, has an IP address of 172.16.24.43 and visits a website which states that she has an
IP address of 204.211.38.89. Which of the following is being used on the network? (Select
TWO).
A. NAT
B. NAC
C. Spoofing
D. DMZ
E. VLANs
F. PAT
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=159
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 160
Which of the following data loss prevention strategies mitigates the risk of replacing hard
drives that cannot be sanitized?
A. Virtualization
B. Patch management
C. Full disk encryption
D. Database encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=160
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 161
Which of the following is characterized by Matt, an attacker, attempting to leave identification
markings for open wireless access points?
A. Initialization vector
B. War chalking
C. Packet sniffing
D. War driving
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=161
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 162
Which of the following can Matt, a security administrator, implement to support confidentiality
and integrity?
A. PKI
B. Non-repudiation
C. Digital signatures
D. Recovery agents
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=162
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 163
Which of the following can Pete, an administrator, use to verify that a downloaded file was not
corrupted during the transfer?
A. NTLM tag
B. LANMAN hash
C. MD5 checksum
D. SHA summary
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=163
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 164
Planning what traffic will be separated, assigning tags, and configuring routing are part of
configuring which of the following?
A. IPSec
B. ACL
C. NAT
D. VLAN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=164
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 165
Jane, an employee, receives an error on an encrypted laptop, making the laptop un-bootable.
Jane now cannot access any files on the laptop. The desktop technician is unable to recover the
key from the computer and will have to inform Jane that the files are now unrecoverable.
Which of the following would have prevented Jane from losing access to the files?
A. Certificate Authority
B. Private keys
C. Public keys
D. Key escrow
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=165
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 166
Which of the following combines authentication and authorization, and does not use the TCP
protocol?
A. RADIUS
B. Kerberos
C. LDAP
D. TACACS+
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=166
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 167
Which of the following occurs when two access points share the same SSID broadcast where
one access point is used to capture data?
A. Rogue access point
B. Bluesnarfing
C. Evil twin
D. Packet sniffing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=167
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 168
Pete and Jane, users in a financial office are reporting that they are not being asked for
credentials anymore when successfully connecting to the company wireless. All other offices
are still being authenticated on the wireless. Which of the following is this an example of?
A. Evil twin
B. Interference
C. IV attack
D. War driving
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=168
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 169
Which of the following is BEST described by a scenario where management chooses to
implement security controls to lessen the impact of a given risk?
A. Avoidance
B. Transference
C. Deterrence
D. Mitigation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=169
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 170
A recent network attack caused several random computers to malfunction, even though those
computers had the latest updates and patches applied. Which of the following describes this
type of attack?
A. Targeted
B. DDoS
C. Zero day
D. Buffer overflow
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=170
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 171
Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security
gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the
tethered connection and corporate data is stolen. Which of the following would BEST prevent
this from occurring again?
A. Disable the wireless access and implement strict router ACLs
B. Reduce restrictions on the corporate web security gateway
C. Security policy and threat awareness training
D. Perform user rights and permissions reviews
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=171
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 172
Sara makes a phone call to the help desk pretending to be Jane. Sara states that she has
forgotten her password and asks that it be reset to 12345. Which of the following is Sara
performing?
A. Shoulder surfing
B. Impersonation
C. Dumpster diving
D. Tailgating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=172
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 173
Which of the following default network ports is used by FTP?
A. 20
B. 22
C. 23
D. 25
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=173
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 174
A company recently installed a load balancer for their servers. The company is MOST
concerned with:
A. Integrity
B. Availability
C. Authentication
D. Confidentiality
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=174
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 175
Which of the following pseudocodes MOST likely prevents buffer overflows?
A. If input contains < or > then escape the character and execute the program with user
input
B. If input is less than 100 characters, then prompt for input again
C. If input contains \ then remove \ and execute program with user input
D. If input is greater than 1000 characters then truncate input
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=175
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 176
Which of the following is usually encrypted when stored or transmitted?
A. CRL
B. Private key
C. Root certificate
D. Public key
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=176
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 177
Which of the following could Jane, a security administrator, implement to mitigate the risk of
tailgating for a large organization?
A. Train employees on correct data disposal techniques and enforce policies.
B. Only allow employees to enter or leave through one door at specified times of the
day.
C. Only allow employees to go on break one at a time and post security guards 24/7 at
each entrance.
D. Train employees on risks associated with social engineering attacks and enforce
policies.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=177
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 178
Pete, a security administrator, implemented design changes and moved certain servers into a
dedicated area that is accessible from the outside network, yet separated from the internal
network. Which of the following did Pete implement?
A. NAC
B. NAT
C. DMZ
D. VLAN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=178
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 179
While placing an order at an online bookstore, Sara, a user, enters her correct credentials and is
immediately presented with a pop-up window requesting her username and password again.
Which of the following has MOST likely occurred?
A. LDAP injection attack
B. Evil twin attack
C. Phishing attack
D. SQL injection attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=179
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 180
Identifying a list of all approved software on a system is a step in which of the following
practices?
A. Passively testing security controls
B. Application hardening
C. Host software baselining
D. Client-side targeting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=180
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 181
Pete, an administrator, captures traffic sent between a router and a monitoring server on port
161. The packet payload contains the strings PUBLIC and PRIVATE1. Which of the
following was MOST likely used to capture this traffic?
A. Vulnerability scanner
B. Protocol analyzer
C. SNMPv3
D. SNMPv2c
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=181
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 182
Which of the following is BEST utilized to identify common misconfigurations throughout the
enterprise?
A. Vulnerability scanning
B. Port scanning
C. Penetration testing
D. Black box
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=182
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 183
Which of the following malware types typically allows Pete, an attacker, to monitor a user s
computer, is characterized by a drive-by download, and requires no user interaction?
A. Virus
B. Logic bomb
C. Spyware
D. Adware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=183
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 184
Which of the following BEST describes a common security concern for cloud computing?
A. Data may be accessed by third parties who have compromised the cloud platform
B. Antivirus signatures are not compatible with virtualized environments
C. Network connections are too slow
D. CPU and memory resources may be consumed by other servers in the same cloud
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=184
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 185
Which of the following is the MOST secure authentication protocol?
A. CHAP
B. PEAP
C. EAP
D. LEAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=185
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 186
Which of the following policies could be implemented to help prevent users from displaying
their login credentials in open view for everyone to see?
A. Privacy
B. Clean desk
C. Job rotation
D. Password complexity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=186
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 187
Which of the following should Sara, a security technician, create to articulate the requirements
for what is and what is not condoned on company systems?
A. Acceptable usage policy
B. Retention policy
C. Privacy policy
D. Access control policy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=187
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 188
Users have reported that when they go to the company website they are sent to a competitor s
site instead. Which of the following is the MOST likely explanation?
A. Someone has employed ARP poisoning against the company.
B. Someone has employed DNS poisoning against the company.
C. Someone has accidentally unplugged the company s web server.
D. The competitor has a more powerful web server.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=188
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 189
Sara, an IT Administrator, wants to make sure that only certain devices can connect to the
wireless network. Which of the following can she implement to accomplish this task?
A. MAC filtering
B. Increase the power levels of the WAP
C. Dynamic DHCP
D. Disable SSID broadcast
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=189
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 190
Which of the following is BEST used to determine the source of a network bottleneck?
A. Sniffer
B. Router
C. Firewall
D. Switch
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=190
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 191
Sara, a system administrator, installed new database software and notices that after running port
scan on the server port 21 is now open. The database does not use any type of file transfer
program. Which of the following would reduce the amount of unnecessary services being used?
A. NIPS
B. Application hardening
C. NIDS
D. Application base lining
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=191
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 192
Matt, the administrator, spots a sustained spike in disk activity and CPU utilization; network
activity looks normal. Which of the following might this indicate?
A. This server is now a member of a botnet.
B. There is a virus infecting the server.
C. There is a smurf attack occurring on the server.
D. Users are copying more files from the server than normal.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=192
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 193
Matt, the security administrator, has changed the default settings on a Web server, removing
certain files and directories. This is an example of which of the following?
A. Application configuration baseline
B. Application hardening
C. Cross-site scripting prevention
D. Application patch management
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=193
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 194
Biometrics includes the use of which of the following authentication methods?
A. Single sign-on
B. Retinal scan
C. Common access card
D. ACLs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=194
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 195
Pete, the security administrator, wants to implement password controls to mitigate attacks
based on password reuse. Which of the following password controls used together BEST
accomplishes this? (Select TWO).
A. Minimum password age and password history
B. Password complexity and password history
C. Password history and password expiration
D. Password complexity and password expiration
E. Maximum password age and password expiration
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=195
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 196
A company that trains their users to lock the doors behind them is MOST likely trying to
prevent:
A. Vishing attacks
B. Dumpster diving
C. Shoulder surfing
D. Tailgating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=196
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 197
Which of the following security controls would be applied on individual hosts to monitor
suspicious activities, by actively analyzing events occurring within that host, and blocking any
suspicious or abnormal activity?
A. HIPS
B. Spam filter
C. HIDS
D. Firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=197
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 198
Jane, a security administrator, forgets his card to access the server room. Jane asks Matt if she
could use his card for the day. Which of the following is Jane using to gain access to the server
room?
A. Man-in-the-middle
B. Tailgating
C. Impersonation
D. Spoofing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=198
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 199
During a forensic investigation, which of the following information is compared to verify the
contents of a hard drive image match the original drive and have not been changed by the
imaging process?
A. Hash values
B. Chain of custody
C. Order of volatility
D. Time offset
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=199
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 200
Jane brought a laptop in from home and connected the Ethernet interface on the laptop to a wall
jack with a patch cable. Jane was unable to access any network resources. Which of the
following is the MOST likely cause?
A. Flood guards were enabled on the switch.
B. Loop protection prevented the laptop from accessing the network.
C. Port security was enabled on the switch.
D. Router access control lists prevented the laptop from accessing the network.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=200
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 201
Matt, a new employee, installed an application on his workstation that allowed Internet users to
have access to his workstation. Which of the following security related training could have
mitigated this action?
A. Use of proper password procedures
B. Use of personally owned devices
C. Use of social networking and P2P networks
D. Use of clean desk policies
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=201
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 202
Which of the following threats can result from a lack of controls for personal webmail?
A. Bandwidth exhaustion
B. Cross-site request forgery
C. Data leakage
D. Least privilege
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=202
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 203
Which of the following is identified by the command: INSERT INTO users ("admin",
"admin"); ?
A. SQL Injection
B. Directory traversal
C. LDAP injection
D. Session hijacking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=203
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 204
Which of the following attacks is MOST likely to be performed against an FTP server?
A. DLL injection
B. SQL injection
C. LDAP injection
D. Command injection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=204
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 205
After performing a port scan, Sara, a network administrator, observes that port 443 is open.
Which of the following services is MOST likely running?
A. SSL
B. FTP
C. TELNET
D. SSH
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=205
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 206
Establishing a published chart of roles, responsibilities, and chain of command to be used
during a disaster is an example of which of the following?
A. Fault tolerance
B. Succession planning
C. Business continuity testing
D. Recovery point objectives
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=206
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 207
Matt, a security administrator, conducted a scan and generated a vulnerability report for the
Chief Executive Officer (CEO). The vulnerability report indicated several vulnerabilities but
the CEO has decided that cost and operational impact outweigh the risk. This is an example of
which of the following?
A. Risk transference
B. Risk acceptance
C. Risk avoidance
D. Risk mitigation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=207
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 208
A good password policy should contain which of the following rules? (Select THREE)
A. Length
B. Expiration
C. Tokens
D. Smart card
E. Enrollment
F. Complexity
G. Biometrics
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=208
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 209
Jane, a security administrator, identifies a WEP-encrypted WAP on the network that is located
at the end of the building. Jane has noticed that it is the most utilized WAP on the network.
When trying to manage the WAP, she is unable to gain access. Which of the following has
MOST likely happened to the WAP?
A. The WAP is under an IV attack
B. The WAP s MAC address has been spoofed
C. The WAP is a rogue access point
D. The WAP was victim to a bluejacking attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=209
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 210
Jane, a human resources employee, receives an email from a family member stating there is a
new virus going around. In order to remove the virus, a user must delete the Boot.ini file from
the system immediately. This is an example of which of the following?
A. Hoax
B. Spam
C. Whaling
D. Phishing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=210
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 211
A network IPS is used for which of the following?
A. To identify and document network based intrusions and network traffic
B. To document and analyze network visualization threats and performance
C. To identify and prevent network based intrusions or unwanted network traffic
D. To document and analyze malware and viruses on the Internet
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=211
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 212
A risk is identified that an attacker, given the right credentials, could potentially connect to the
corporate network from a nearby business s parking lot. Which of the following controls can be
put in place to reduce the likelihood of this occurring? (Select TWO).
A. TKIP
B. Antenna placement
C. Power level controls
D. WPA
E. WPA2
F. Disable SSID broadcasting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=212
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 213
Which of the following could cause a browser to display the message below? "The security
certificate presented by this website was issued for a different website s address."
A. The website certificate was issued by a different CA than what the browser
recognizes in its trusted CAs.
B. The website is using a wildcard certificate issued for the company s domain,
C. HTTPS://127.0.01 was used instead of HTTPS://localhost.
D. The website is using an expired self signed certificate.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=213
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 214
Sara, an administrator, is hardening email application communication to improve security.
Which of the following could be performed?
A. Remove gateway settings from the route table
B. Password protect the server BIOS
C. Disabling high I/O services
D. Require TLS when using SMTP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=214
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 215
Which of the following increases proper airflow in a datacenter?
A. Humidity controls
B. Video monitoring
C. Temperature controls
D. Hot and cold aisles
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=215
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 216
Jane, an IT security technician, needs to create a way to secure company mobile devices.
Which of the following BEST meets this need?
A. Implement voice encryption, pop-up blockers, and host-based firewalls.
B. Implement firewalls, network access control, and strong passwords.
C. Implement screen locks, device encryption, and remote wipe capabilities.
D. Implement application patch management, antivirus, and locking cabinets.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=216
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 217
In which of the following orders should Jane, an administrator, capture a system s data for
forensics investigation?
A. Hard disk, swap file, system memory, CPU cache
B. CPU cache, system memory, swap file, hard disk
C. System clock, flash BIOS, memory, hard disk
D. Flash BIOS, system memory, swap file, hard disk
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=217
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 218
In PKI, a key pair consists of:
A. A key ring
B. A public key
C. A private key
D. Key escrow
E. A passphrase
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=218
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 219
Which of the following would MOST likely ensure that swap space on a hard disk is
encrypted?
A. Database encryption
B. Full disk encryption
C. Folder and file encryption
D. Removable media encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=219
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 220
Which of the following can be utilized in order to provide temporary IT support during a
disaster, where the organization sets aside funds for contingencies, but does not necessarily
have a dedicated site to restore those services?
A. Hot site
B. Warm site
C. Cold site
D. Mobile site
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=220
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 221
Which of the following, when used on a file, creates a non-reversible numeric representation of
the file s composition?
A. AES
B. SHA
C. 3DES
D. RC4
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=221
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 222
Banning of personally owned electronic devices at work BEST strengthens which of the
following security principles?
A. Encourages hard drive encryption
B. Impedes shoulder surfing
C. Prevention of data leakage
D. Decreases workplace disruption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=222
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 223
Implementation of routine file hash validation is an example of which of the following security
concepts?
A. Vulnerability
B. Confidentiality
C. Integrity
D. Availability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=223
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 224
Which of the following is the BEST method for ensuring all files and folders are encrypted on
all corporate laptops where the file structures are unknown?
A. Folder encryption
B. File encryption
C. Whole disk encryption
D. Steganography
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=224
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 225
A company is installing a new security measure that would allow one person at a time to be
authenticated to an area without human interaction. Which of the following does this describe?
A. Fencing
B. Mantrap
C. A guard
D. Video surveillance
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=225
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 226
Which of the following provides authentication, authorization, and accounting services?
A. PKI
B. WPA2
C. NTLMv2
D. RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=226
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 227
Which of the following should be considered when implementing WPA vs. WPA2?
A. LEAP vs. PEAP
B. SSID vs. MAC
C. SHA1 vs. MD5
D. CCMP vs. TKIP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=227
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 228
A popular software application is used on all company workstation desktop and laptop
computers. Which of the following is the BEST patch management process?
A. The patch management software should be approved by the change management
group to ensure adherence to corporate policies.
B. The Chief Information Officer should approve and centrally deploy the patch to all
company workstations in a staggered manner.
C. Users should individually download and verify the patch with an MD5 checksum
utility before applying it to their own workstation.
D. The support team should receive vendor update notifications and deploy patches in
test environment before deploying to workstations.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=228
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 229
Which of the following network protocols transmits a user s credentials in clear-text? (Select
TWO).
A. SSH
B. HTTPS
C. SCP
D. Telnet
E. FTP
F. TFTP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=229
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 230
Data classification and labeling is an example of:
A. Preventative administrative control
B. Deterrent technical control
C. Preventative technical control
D. Deterrent administrative control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=230
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 231
Jane, a security administrator, must be able to identify and validate every use of local
administrative accounts across a large number of Windows and Linux servers. Which of the
following offers the BEST solution?
A. Modify the system baseline to increase log retention and enable a host firewall
B. Monitor LDAP and Active Directory for the use of Administrative accounts
C. Add or enable a NIDS signature for administrative activity
D. Implement centralized log collection for each server and define a log review process
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=231
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 232
Which of the following is MOST likely used to establish a secure connection between email
gateways?
A. TLS
B. PGP
C. HTTPS
D. SCP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=232
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 233
Which of the following describes how Pete, an employee, gains access to a location by entering
with a fellow co-worker and not using his own credentials?
A. Impersonation
B. Tailgating
C. Evil twin
D. Shoulder surfing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=233
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 234
Sara, a security administrator, examines a network session to a compromised database server
with a packet analyzer. Within the session there is a repeated series of the hex character 90
(x90). Which of the following attack types has occurred?
A. Buffer overflow
B. Cross-site scripting
C. XML injection
D. SQL injection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=234
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 235
When employees that use certificates leave the company they should be added to which of the
following?
A. PKI
B. CA
C. CRL
D. TKIP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=235
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 236
Which of the following should Matt, a security technician, implement to identify untrusted
certificates?
A. CA
B. PKI
C. CRL
D. Recovery agent
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=236
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 237
Jane, a security analyst, noticed an increase in malware infections on a user s system. She
identified an email that requests the user change her password. This attack would BEST be
described as which of the following?
A. Phishing
B. Spoofing
C. Privilege escalation
D. Shoulder surfing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=237
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 238
A corporate datacenter operates in a humid area near an ocean and often has hardware failures.
Which of the following controls would help prevent these issues?
A. Fire suppression
B. HVAC
C. RAID
D. Cold aisles
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=238
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 239
When Pete, a security administrator, cannot verify who provided a hard drive image, then:
A. Chain of custody is preserved
B. The image must be rehashed
C. The hash must be verified
D. Chain of custody is destroyed
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=239
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 240
If Sara, an attacker, is attempting to determine the operating system using banner information,
which of the following techniques could she be using?
A. Whois lookup
B. nslookup
C. Port scanning
D. Fingerprinting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=240
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 241
Pete, an administrator, is creating a new security policy and must consider many stakeholders
as well as current regulations, and the company direction. For the BEST success in policy roll
out, which stakeholder is the MOST important for Pete to consider?
A. End users
B. Information security team
C. Senior leadership team
D. Customers and vendors
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=241
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 242
Which of the following is an encapsulated authentication protocol?
A. CCMP
B. LEAP
C. TKIP
D. WEP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=242
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 243
Which of the following is a layer three protocol used for VPN connections?
A. SSH
B. ICMP
C. IPSec
D. SSL
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=243
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 244
Which of the following can Matt, a security administrator, implement on a mobile device to
help prevent a conversation from being picked up on another device?
A. Bluetooth
B. Screen locks
C. Strong passwords
D. Voice encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=244
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 245
When a username is checked against an access list, which of the following does it provide?
A. Identification and authentication
B. Identification and authorization
C. Authentication and authorization
D. Authentication and integrity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=245
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 246
A network device that protects an enterprise based only on source and destination addresses is
BEST described as:
A. IDS
B. ACL
C. Stateful packet filtering
D. Simple packet filtering
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=246
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 247
Which of the following terms is used to describe predictable failure points for equipment or
services?
A. RTO
B. MTTR
C. RPO
D. MTBF
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=247
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 248
Which of the following account policies would Sara, a security administrator, implement to
disable a user s account after a certain period of time?
A. Lockout
B. Expiration
C. Complexity
D. Recovery
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=248
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 249
Highly sensitive data is stored in a database and is accessed by an application on a DMZ server.
The disk drives on all servers are fully encrypted. Communication between the application
server and end-users is also encrypted. Network ACLs prevent any connections to the database
server except from the application server. Which of the following can still result in exposure of
the sensitive data in the database server?
A. SQL Injection
B. Theft of the physical database server
C. Cookies
D. Cross-site scripting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=249
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 250
Matt, the security administrator, is implementing a new design to minimize the footprint in the
datacenter and reduce the amount of wasted resources without losing physical control of the
equipment. Which of the following would Matt need to implement?
A. Visualization
B. Cloud computing
C. New ACLs
D. VLAN management
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=250
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 251
A third party application has the ability to maintain its own user accounts or it may use single
signon. To use single sign-on, the application is requesting the following information:
OU=Users, DC=Domain, DC=COM. This application is requesting which of the following
authentication services?
A. TACACS+
B. RADIUS
C. LDAP
D. Kerberos
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=251
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 252
Which of the following can grant access based solely on TCP/IP information?
A. Time of day restrictions
B. Implicit deny
C. ACLs
D. Least privilege
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=252
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 253
Which of the following should Sara, a technician, apply to prevent guests from plugging in
their laptops and accessing the company network?
A. Secure router configuration
B. Port security
C. Sniffers
D. Implicit deny
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=253
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 254
Pete, the Chief Security Officer (CSO), is concerned about misuse of company assets and
wishes to determine who may be responsible. Which of the following would be the BEST
course of action?
A. Create a single, shared user account for every system that is audited and logged
based upon time of use.
B. Implement a single sign-on application on equipment with sensitive data and highprofile shares.
C. Enact a policy that employees must use their vacation time in a staggered schedule.
D. Separate employees into teams led by a person who acts as a single point of contact
for observation purposes.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=254
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 255
Jane, a user, has attempted to enter her username and password three times unsuccessfully.
Jane receives a message to try again in one hour. This is an example of which of the following?
A. Account expiration
B. Account recovery
C. Account lockout
D. Account disablement
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=255
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 256
Sara, an attacker, tricks a user into authenticating to a fake wireless network and then inserts
malicious code into strings as the user passes by. Which of the following describes this attack?
A. SQL injection
B. Malicious insider
C. Evil twin
D. User impersonation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=256
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 257
Which of the following is a vulnerability associated with disabling pop-up blockers?
A. An alert message from the administrator may not be visible
B. A form submitted by the user may not open
C. The help window may not be displayed
D. Another browser instance may execute malicious code
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=257
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 258
Due to limited resources, a company must reduce their hardware budget while still maintaining
availability. Which of the following would MOST likely help them achieve their objectives?
A. Visualization
B. Remote access
C. Network access control
D. Blade servers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=258
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 259
Jane, a security administrator, has been tasked with explaining authentication services to the
company s management team. The company runs an active directory infrastructure. Which of
the following solutions BEST relates to the host authentication protocol within the company s
environment?
A. Kerberos
B. Least privilege
C. TACACS+
D. LDAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=259
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 260
Which of the following could be applied on a router in order to permit or deny certain ports?
A. Port security
B. Subnetting
C. Access control lists
D. Network address translation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=260
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 261
Which of the following incident response procedures BEST allows Sara, the security
technician, to identify who had possession of a hard drive prior to forensics analysis?
A. Chain of custody
B. Tracking man hours
C. Witnesses
D. Capturing system images
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=261
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 262
Ticket-Granting-Tickets (TGTs) are common in which of the following authentication
schemes?
A. LDAP
B. RADIUS
C. Kerberos
D. TACACS+
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=262
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 263
Sara, a security administrator, implemented design changes which allowed for greater
availability of IP addresses. Which of the following did Sara implement?
A. Subnetting
B. DMZ
C. PAT
D. VLAN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=263
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 264
Jane, an IT security administrator, is attempting to implement PKI within her organization.
Which of the following BEST explains why the company needs PKI?
A. The company needs PKI because the organization is based on trust models with
many external organizations.
B. The company needs PKI because they need the ability to encrypt messages with
centralized verification.
C. The company needs PKI because there is insufficient key escrow for outsourced SSL
certificates.
D. The company needs PKI because it only has one recovery agent within the company.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=264
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 265
Which of the following BEST prevents collusion?
A. Separation of duties
B. Signal sign-on
C. Mandatory vacations
D. Job rotation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=265
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 266
Which of the following allows Pete, a security technician, to recover from a loss of staff after
an earthquake?
A. Business continuity plan
B. Continuity of operations
C. Disaster recovery
D. Succession planning
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=266
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 267
Jane, an administrator, values transport security strength above network speed when
implementing an SSL VPN. Which of the following encryption ciphers would BEST meet her
needs?
A. SHA256
B. RC4
C. 3DES
D. AES128
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=267
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 268
Which of the following is an authentication method that can be secured by using SSL?
A. RADIUS
B. LDAP
C. TACACS+
D. Kerberos
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=268
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 269
Which of the following is a symmetrical key block cipher that encrypts MOST quickly?
A. 3DES
B. RSA
C. Blowfish
D. SHA256
E. Diffie-Hellman
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=269
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 270
Which of the following would BEST meet a server authentication requirement for a wireless
network, but the network has no PKI in place?
A. PEAP
B. PAP
C. EAP-TLS
D. LEAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=270
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 271
Which of the following can be used to determine which services may be running on a host, but
not if they are exploitable?
A. Baseline analyzer
B. Port scanner
C. Virus scanner
D. Vulnerability scanner
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=271
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 272
Which of the following, when incorporated into a disk encryption solution, adds the MOST
security?
A. SHA256 hashing
B. Password complexity requirement
C. HMAC
D. Trusted platform module
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=272
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 273
Upon inspecting sniffer traffic, Jane, a technician, observes an entry that originates from port
TCP 53422 with a destination of TCP 22. Which of the following protocols is MOST likely in
use?
A. HTTP
B. HTTPS
C. SSH
D. DNS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=273
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 274
Role-based access control is BEST defined as an authorization system by which:
A. Privileges are granted to persons based on membership in one or more functional
groups.
B. A separate user account is created for each functional role a person has.
C. Access is limited to the time of day a person is expected to work.
D. Privileges are assigned to each person based upon authorized requests.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=274
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 275
Which of the following fire suppression systems should be used in a datacenter that will put out
the fire and not cause physical harm to equipment and data?
A. Water
B. Halon
C. Oxygen
D. Foam
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=275
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 276
In order to enter a corporate office, employees must enter a PIN. Which of the following are
common risks when using this type of entry system? (Select TWO)
A. Shoulder surfing
B. Key logging
C. Tailgating
D. Man-in-the-middle attacks
E. Dumpster diving
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=276
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 277
Which of the following is often used to verify connectivity on a network?
A. DNS
B. DHCP
C. ICMP
D. NAC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=277
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 278
Which of the following is BEST identified as an attack where a large number of users are
fooled into entering user credentials into a fake website?
A. Pharming
B. Whaling
C. Phishing
D. Privilege escalation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=278
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 279
Sara, a student, is interested in learning about distributed denial of service attacks. Which of the
following types of malware is MOST likely the primary focus of her study?
A. Botnets
B. Logic bombs
C. Spyware
D. Trojans
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=279
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 280
Which of the following BEST describes a DMZ?
A. A subnet that allows all outbound activity
B. A network that allows all inbound traffic
C. A transitional subnet that screens all traffic
D. A subnet that denies all inbound connectivity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=280
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 281
Following the order of volatility, taking hashes, and maintaining a chain of custody describes
which of the following?
A. Forensics
B. Incident response
C. Business continuity
D. Disaster recovery
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=281
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 282
Which of the following is an example of a false negative?
A. The IDS does not identify a buffer overflow
B. Anti-virus identifies a benign application as malware.
C. Anti-virus protection interferes with the normal operation of an application.
D. A user account is locked out after the user mistypes the password too many times.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=282
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 283
Sara and Jane, users, are reporting an increase in the amount of unwanted email that they are
receiving each day. Which of the following would be the BEST way to respond to this issue
without creating a lot of administrative overhead?
A. Deploy an anti-spam device to protect the network.
B. Update the anti-virus definitions and make sure that it is set to scan all received email
C. Set up spam filtering rules in each user s mail client.
D. Change the firewall settings to block SMTP relays so that the spam cannot get in.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=283
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 284
Which of the following is similar to a smurf attack, but uses UDP instead to ICMP?
A. X-Mas attack
B. Fraggle attack
C. Vishing
D. Man-in-the-middle attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=284
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 285
Pete, a security administrator, wants to secure remote telnet services and decides to use the
services over SSH. Which of the following ports should Pete allow on the firewall by default?
A. 21
B. 22
C. 23
D. 25
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=285
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 286
Which of the following accurately describes the STRONGEST multifactor authentication?
A. Something you are, something you have
B. Something you have, something you know
C. Something you are near to, something you have
D. Something you have, someone you know
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=286
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 287
Which of the following is the BEST solution to securely administer remote servers?
A. SCP
B. SSH
C. Telnet
D. SFTP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=287
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 288
A company has sent all of its private keys to a third party. The third party company has created
a secure list of these keys. Which of the following has just been implemented?
A. Key escrow
B. CRL
C. CA
D. Recovery agent
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=288
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 289
Which of the following authentication protocols forces centralized wireless authentication?
A. WPA2-Personal
B. WPA2-Enterprise
C. WPA2-CCMP
D. WPA2-TKIP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=289
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 290
The fundamental information security principals include confidentiality, availability and which
of the following?
A. The ability to secure data against unauthorized disclosure to external sources
B. The capacity of a system to resist unauthorized changes to stored information
C. The confidence with which a system can attest to the identity of a user
D. The characteristic of a system to provide uninterrupted service to authorized users
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=290
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 291
Which of the following risks could IT management be mitigating by removing an all-in-one
device?
A. Continuity of operations
B. Input validation
C. Single point of failure
D. Single sign on
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=291
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 292
Social networking sites are used daily by the marketing team for promotional purposes.
However, confidential company information, including product pictures and potential
partnerships, have been inadvertently exposed to the public by dozens of employees using
social networking sites. Which of following is the BEST response to mitigate this threat with
minimal company disruption?
A. Mandate additional security awareness training for all employees.
B. Report each employee to Human Resources for termination for violation of security
policies
C. Implement a data loss prevention program to filter email.
D. Block access to social networking sites from the corporate network
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=292
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 293
A computer is put into a restricted VLAN until the computer s virus definitions are up-to-date.
Which of the following BEST describes this system type?
A. NAT
B. NIPS
C. NAC
D. DMZ
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=293
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 294
Sara, an IT administrator, wants to protect a cluster of servers in a DMZ from zero day attacks.
Which of the following would provide the BEST level of protection?
A. NIPS
B. NIDS
C. ACL
D. Antivirus
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=294
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 295
Which of the following inspects traffic entering or leaving a network to look for anomalies
against expected baselines?
A. IPS
B. Sniffers
C. Stateful firewall
D. Stateless firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=295
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 296
Which of the following BEST describes a software vulnerability that is actively being used by
Sara and Jane, attackers, before the vendor releases a protective patch or update?
A. Buffer overflow
B. IV attack
C. Zero day attack
D. LDAP injection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=296
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 297
Which of the following BEST allows Pete, a security administrator, to determine the type,
source, and flags of the packet traversing a network for troubleshooting purposes?
A. Switches
B. Protocol analyzers
C. Routers
D. Web security gateways
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=297
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 298
Sara, an attacker, is recording a person typing in their ID number into a keypad to gain access
to the building. Sara then calls the helpdesk and informs them that their PIN no longer works
and would like to change it. Which of the following attacks occurred LAST?
A. Phishing
B. Shoulder surfing
C. Impersonation
D. Tailgating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=298
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 299
Sara, a security administrator, is noticing a slow down in the wireless network response. Sara
launches a wireless sniffer and sees a large number of ARP packets being sent to the AP.
Which of the following type of attacks is underway?
A. IV attack
B. Interference
C. Blue jacking
D. Packet sniffing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=299
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 300
Which of the following would Pete, a security administrator, change to limit how far a wireless
signal will travel?
A. SSID
B. Encryption methods
C. Power levels
D. Antenna placement
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=300
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 301
Which of the following ports should be open in order for Sara and Pete, users, to identify
websites by domain name?
A. TCP 21
B. UDP22
C. TCP 23
D. UDP 53
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=301
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 302
Sara, an administrator, suspects a denial of service attack on the network, but does not know
where the network traffic is coming from or what type of traffic it is. Which of the following
would help Sara further assess the situation?
A. Protocol analyzer
B. Penetration testing
C. HTTP interceptor
D. Port scanner
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=302
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 303
Sara, a security administrator, has configured a trusted OS implementation on her servers.
Which of the following controls are enacted by the trusted OS implementation?
A. Mandatory Access Controls
B. Time-based Access Controls
C. Discretionary Access Controls
D. Role Based Access Controls
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=303
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 304
Which of the following ports would be blocked if Pete, a security administrator, wants to deny
access to websites?
A. 21
B. 25
C. 80
D. 3389
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=304
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 305
Pete, the security administrator, is implementing a web content fitter. Which of the following is
the MOST important design consideration in regards to availability?
A. The number of filter categories
B. Other companies who are using the system
C. Fail state of the system
D. The algorithm of the filtering engine
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=305
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 306
Which of the following is where an unauthorized device is found allowing access to a network?
A. Bluesnarfing
B. Rogue access point
C. Honeypot
D. IV attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=306
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 307
When used alone, which of the following controls mitigates the risk of Sara, an attacker,
launching an online brute force password attack?
A. Account expiration
B. Account lockout
C. Password complexity
D. Password length
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=307
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 308
Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches
RDP sessions to five different PCs and notices that the hardware properties are similar.
Additionally, the MAC addresses of all five servers appear on the same switch port. Which of
the following is MOST likely the cause?
A. The system is running 802.1 x
B. The system is using NAC
C. The system is in active-standby mode
D. The system is virtualized
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=308
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 309
Which of the following security concepts establishes procedures where creation and approval
are performed through distinct functions?
A. Discretionary access control
B. Job rotation
C. Separation of duties
D. Principle of least privilege
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=309
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 310
While traveling Matt, an employee, decides he would like to download some new movies onto
his corporate laptop. While installing software designed to download movies from multiple
computers across the Internet. Matt agrees to share portions of his hard drive. This scenario
describes one of the threats involved in which of the following technologies?
A. Social networking
B. ALE
C. Cloud computing
D. P2P
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=310
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 311
Which of the following is an attack where Pete spreads USB thumb drives throughout a bank s
parking lot in order to have malware installed on the banking systems?
A. Tailgating
B. Replay attack
C. Virus
D. Social engineering
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=311
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 312
Pete, a security administrator, has configured and implemented an additional public
intermediate CA. Which of the following must Pete submit to the major web browser vendors
in order for the certificates, signed by this intermediate, to be trusted?
A. Die root CA s private key
B. The root CA s public key
C. The intermediate CA s public key
D. The intermediate CA s private key
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=312
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 313
Which of the following is BEST described by a scenario where organizational management
chooses to implement an internal Incident Response Structure for the business?
A. Deterrence
B. Separation of duties
C. Transference
D. Mitigation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=313
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 314
A data loss prevention strategy would MOST likely incorporate which of the following to
reduce the risk associated with data loss?
A. Enforced privacy policy, encryption of VPN connections, and monitoring of
communications entering the organization.
B. Enforced acceptable usage policy, encryption of confidential emails, and monitoring
of communications leaving the organization.
C. Enforced privacy policy, encryption of VPN connections, and monitoring of
communications leaving the organization.
D. Enforced acceptable usage policy, encryption of confidential emails, and monitoring
of communications entering the organization.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=314
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 315
In a wireless network, which of the following components could cause too much coverage, too
little coverage, and interference?
A. MAC filter
B. AP power levels
C. Phones or microwaves
D. SSID broadcasts
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=315
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 316
Which of the following has a default port of 22?
A. SSH
B. FTP
C. TELNET
D. SCAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=316
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 317
The public key is used to perform which of the following? (Select THREE).
A. Validate the CRL
B. Validate the identity of an email sender
C. Encrypt messages
D. Perform key recovery
E. Decrypt messages
F. Perform key escrow
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=317
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 318
Pete, a network administrator, implements the spanning tree protocol on network switches.
Which of the following issues does this address?
A. Flood guard protection
B. ARP poisoning protection
C. Loop protection
D. Trunking protection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=318
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 319
Matt, a security administrator, has noticed that the website and external systems have been
subject to many attack attempts. To verify integrity of the website and critical files, Matt
should:
A. Require all visitors to the public web home page to create a username and password
to view the pages in the website
B. Configure the web application firewall to send a reset packet to the incoming IP from
where an attack or scan signature has been detected.
C. Create file hashes for website and critical system files, and compare the current file
hashes to the baseline at regular time intervals.
D. Reboot the web server and database server nightly after the backup has been
completed.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=319
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 320
Matt, the administrator, has been told to confirm what account an email was sent from. Which
of the following is this an example of?
A. Surveillance
B. E-discovery
C. Chain of custody
D. Integrity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=320
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 321
Which of the following BEST describes a denial of service attack?
A. Sara, the attacker, attempts to have the receiving server run a payload using
programming commonly found on web servers.
B. Sara, the attacker, overwhelms a system or application, causing it to crash and bring
the server down to cause an outage.
C. Sara, the attacker, overwhelms a system or application, causing it to crash, and then
redirects the memory address to read from a location holding the payload.
D. Sara, the attacker, attempts to have the receiving server pass information to a backend database from which it can compromise the stored information.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=321
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 322
The Chief Information Officer (CIO) wants to protect laptop users from zero day attacks.
Which of the following would BEST achieve the CIO s goal?
A. Host based firewall
B. Host based IDS
C. Anti-virus
D. Anti-spyware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=322
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 323
Matt, a server administrator, sets up database forms based on security rating levels. If a user has
the lowest security rating then the database automatically determines what access that user has.
Which of the following access control methods does this describe?
A. Mandatory access control
B. Role based access control
C. Rule based access control
D. Discretionary access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=323
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 324
Which of the following is a best practice when securing a switch from physical access?
A. Disable unnecessary accounts
B. Print baseline configuration
C. Enable access lists
D. Disable unused ports
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=324
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 325
Pete, a security administrator, has observed repeated attempts to break into the network. Which
of the following is designed to stop an intrusion on the network?
A. NIPS
B. HIDS
C. HIPS
D. NIDS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=325
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 326
Jane, an IT security technician working at a bank, has implemented encryption between two
locations. Which of the following security concepts BEST exemplifies the protection provided
by this example?
A. Integrity
B. Confidentiality
C. Cost
D. Availability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=326
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 327
While Sara is logging into the server from her workstation, she notices Pete watching her enter
the username and password. Which of the following social engineering attacks is Pete
executing?
A. Impersonation
B. Tailgating
C. Piggybacking
D. Shoulder surfing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=327
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 328
The log management system at Company A is inadequate to meet the standards required by
their corporate governance team. A new automated log management system has been put in
place. This is an example of which of the following?
A. Data integrity measurement
B. Network traffic analysis
C. Risk acceptance process
D. Continuous monitoring
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=328
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 329
Several users computers are no longer responding normally and sending out spam email to the
users entire contact list. This is an example of which of the following?
A. Trojan virus
B. Botnet
C. Worm outbreak
D. Logic bomb
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=329
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 330
Which of the following should Sara, a security technician, perform as the FIRST step when
creating a disaster recovery plan for a mission critical accounting system?
A. Implementing redundant systems
B. Removal of single points of failure
C. Succession planning
D. Business impact assessment
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=330
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 331
Which of the following is the MOST secure protocol for Pete, an administrator, to use for
managing network devices?
A. FTP
B. TELNET
C. FTPS
D. SSH
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=331
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 332
Which of the following is the BEST incident response procedure to take when a previous
employee enters a facility?
A. Notify Computer Emergency Response Team (CERT) of the security breach to
document it.
B. Take screenshots of the employee s workstation.
C. Take hashes of the employee s workstation.
D. Notify security to identify employee s whereabouts.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=332
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 333
Which of the following activities should be completed in order to detect anomalies on a
network?
A. Incident management
B. Change management
C. User permissions reviews
D. Log reviews
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=333
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 334
Which of the following reduces the likelihood of a single point of failure when a server fails?
A. Clustering
B. Virtualization
C. RAID
D. Cold site
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=334
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 335
Jane, a security administrator, wants to prevent users in sales from accessing their servers after
6:00 p.m., and prevent them from accessing accounting s network at all times. Which of the
following should Jane implement to accomplish these goals? (Select TWO).
A. Separation of duties
B. Time of day restrictions
C. Access control lists
D. Mandatory access control
E. Single sign-on
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=335
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 336
Which of the following describes the ability for a third party to verify the sender or recipient of
a given electronic message during authentication?
A. Entropy
B. Principle of least privilege
C. Non-repudiation
D. Code signing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=336
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 337
Which of the following protocols provides Pete, an administrator, with the HIGHEST level of
security for device traps?
A. ICMP
B. SNMPv3
C. SSH
D. IPSec
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=337
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 338
Jane has a vendors server in-house for shipping and receiving. She wants to ensure that if the
server goes down that the server in-house will be operational again within 24 hours. Which of
the following should Jane define with the vendor?
A. Mean time between failures
B. A warm recovery site
C. Mean time to restore
D. A hot recovery site
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=338
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 339
Which of the following procedures would be used to mitigate the risk of an internal developer
embedding malicious code into a production system?
A. Audit management
B. Mobile device management
C. Incident management
D. Change management
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=339
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 340
To mitigate the adverse effects of network modifications, which of the following should Matt,
the security administrator, implement?
A. Change management
B. Routine auditing
C. Incident management
D. Log auditing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=340
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 341
Jane, a security technician, wants to implement secure wireless with authentication. Which of
the following allows for wireless to be authenticated via MSCHAPv2?
A. PEAP
B. WPA2 personal
C. TKIP
D. CCMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=341
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 342
Pete, a user, is having trouble dialing into the network from their house. The administrator
checks the RADIUS server, the switch connected to the server, and finds that the switch lost
configuration after a recent power outage. The administrator replaces the switch and is able to
ping the switch, but not the RADIUS server. Which of the following is the MOST likely
cause?
A. The switch needs to have QoS setup correctly.
B. Port security is not enabled on the switch.
C. VLAN mismatch is occurring.
D. The DMZ is not setup correctly
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=342
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 343
Which of the following would MOST likely be implemented in order to prevent employees
from accessing certain websites?
A. VPN gateway
B. Router
C. Proxy server
D. Packet filtering firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=343
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 344
When reviewing a digital certificate for accuracy, which of the following would Matt, a
security administrator, focus on to determine who affirms the identity of the certificate owner?
A. Trust models
B. CRL
C. CA
D. Recovery agent
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=344
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 345
Sara, a security analyst, suspects that a rogue web server is running on the network. Which of
the following would MOST likely be used to identify the server s IP address?
A. Port scanner
B. Telnet
C. Traceroute
D. Honeypot
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=345
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 346
Which of the following is an improved version of the LANMAN hash?
A. LM2
B. NTLM
C. SHA
D. MD5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=346
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 347
Which of the following will help Matt, an administrator; mitigate the risk of static electricity?
A. Lightening rods
B. EMI shielding
C. Humidity controls
D. Temperature controls
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=347
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 348
An application company sent out a software patch for one of their applications on Monday. The
company has been receiving reports about intrusion attacks from their customers on Tuesday.
Which of the following attacks does this describe?
A. Zero day
B. Directory traversal
C. Logic bomb
D. Session hijacking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=348
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 349
A company needs to remove sensitive data from hard drives in leased computers before the
computers are returned to the supplier. Which of the following is the BEST solution?
A. Re-image with a default OS
B. Physical destruction of the hard drive
C. Format drive using a different file system
D. Sanitization using appropriate software
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=349
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 350
Which of the following techniques floods an application with data in an attempt to find
vulnerabilities?
A. Header manipulation
B. Steganography
C. Input validation
D. Fuzzing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=350
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 351
Jane, a security administrator, has applied security labels to files and folders to manage and
restrict access. Which of the following is Jane using?
A. Mandatory access control
B. Role based access control
C. Implicit access control
D. Discretionary access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=351
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 352
Sara, a user, on a public Wi-Fi network logs into a webmail account and is redirected to a
search engine. Which of the following attacks may be occurring?
A. Evil twin
B. Bluesnarfing
C. War chalking
D. Bluejacking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=352
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 353
When moving from an internally controlled environment to a fully outsourced infrastructure
environment, such as cloud computing, it is MOST important to:
A. Implement mandatory access controls.
B. Ensure RAID 0 is implemented on servers.
C. Impose time of day restrictions across all services
D. Encrypt all confidential data.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=353
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 354
Which of the following would help Pete, an administrator, prevent access to a rogue access
point connected to a switch?
A. Enable spanning tree protocol
B. Enable DHCP snooping
C. Disable VLAN trunking
D. Establish a MAC limit and age
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=354
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 355
A company wants to have a backup site that is a good balance between cost and recovery time
objectives. Which of the following is the BEST solution?
A. Hot site
B. Remote site
C. Cold site
D. Warm site
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=355
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 356
While conducting a network audit, Sara, a security administrator, discovers that most clients are
routing their network traffic through a desktop client instead of the company router. Which of
the following is this attack type?
A. ARP poisoning
B. Session hijacking
C. DNS poisoning
D. Pharming attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=356
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 357
Which of the following is a reason why Pete, a security administrator, would implement port
security?
A. To inspect the TPC and UDP ports of incoming traffic
B. To port C++code into Java bit-code in a secure manner
C. To implement secure datacenter electronic access
D. To limit the number of endpoints connected through the same switch port
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=357
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 358
Which of the following is the MAIN benefit of server-side versus client-side input validation?
A. Server-side input validation results in a more secure system than client-side input
validation.
B. Client-side input validation can lead to local buffer overflows while server-side input
validation can lead to remote buffer overflow.
C. Client-side input validation results in a more secure system than server-side input
validation.
D. Server-side input validation is prone to buffer overflows while client-side input
validation is not.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=358
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 359
Which of the following would be the BEST reason for Jane, a security administrator, to initially
select individual file encryption over whole disk encryption?
A. It provides superior key redundancy for individual files.
B. The management of keys is easier to maintain for file encryption
C. It is faster to encrypt an individual file.
D. It provides protected access to all users
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=359
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 360
Which of the following implements two factor authentication based on something you know
and something you have?
A. Users shall authenticate to the system via a Kerberos enabled authentication server
working with an integrated PKI only.
B. The system shall require users to authenticate to the system with a combination of a
password or PIN and a smartcard
C. The system shall authenticate only authorized users by fingerprint and retina scan.
D. Users shall possess a combination of 8 digit PINs and fingerprint scanners.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=360
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 361
Which of the following attacks is characterized by Sara attempting to send an email from a
Chief Information Officer s (CIO s) non-corporate email account to an IT staff member in
order to have a password changed?
A. Spamming
B. Pharming
C. Privilege escalation
D. Impersonation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=361
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 362
Which of the following should be done before resetting a user s password due to expiration?
A. Verify the user s domain membership
B. Verify the user s identity
C. Advise the user of new policies
D. Verity the proper group membership
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=362
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 363
Sara, an attacker, calls the company s from desk and tries to gain insider information by
providing specific company information to gain the attendant s trust. The front desk
immediately alerts the IT department about this incident. This is an example of which of the
following?
A. Shoulder surfing
B. Whaling
C. Tailgating
D. Impersonation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=363
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 364
Which of the following is based on X.500 standards?
A. RADIUS
B. TACACS
C. Kerberos
D. LDAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=364
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 365
Which of the following functions of a firewall allows Pete, an administrator, to map an external
service to an internal host?
A. AP isolation
B. Port forwarding
C. DMZ
D. NAT
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=365
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 366
Which of the following malware types is MOST likely to execute its payload after Jane, an
employee, has left the company?
A. Rootkit
B. Logic bomb
C. Worm
D. Botnet
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=366
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 367
Hashing algorithms are used to address which of the following?
A. Confidentiality
B. Compatibility
C. Availability
D. Integrity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=367
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 368
After setting up a root CA. which of the following can Pete, a security administrator,
implement to allow intermediate CAs to handout keys and certificates?
A. CRL
B. Spanning tree
C. Trust model
D. Key escrow
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=368
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 369
Which of the following should be implemented to restrict wireless access to the hardware
address of a NIC?
A. URL filtering
B. WPA2 and EAP
C. PEAP and WPA
D. MAC filtering
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=369
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 370
Which of the following is the purpose of the spanning tree protocol?
A. Loop protection
B. Access control lists
C. Secure device configuration
D. Implicit deny
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=370
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 371
Sara, the security engineer, has discovered that a breach is in progress on a non-production
system of moderate importance. Which of the following should Sara collect FIRST?
A. Memory dump, ARP cache
B. Live system image, route table
C. Temp files, hosts file
D. Offline system image, router logs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=371
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 372
While traveling, users need access to an internal company web server that contains proprietary
information. Pete, the security administrator, should implement a:
A. NAC
B. VLAN
C. DMZ
D. RAS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=372
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 373
Which of the following is used by Matt, a security administrator, to lower the risks associated
with electrostatic discharge, corrosion, and thermal breakdown?
A. Temperature and humidity controls
B. Routine audits
C. Fire suppression and EMI shielding
D. Hot and cold aisles
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=373
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 374
Workers of a small local organization have implemented an off-site location in which the
organization can resume operations within 10 business days in the event of a disaster. This type
of site is BEST known as which of the following?
A. Hot site
B. High-availability site
C. Cold site
D. Warm site
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=374
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 375
Which of the following may cause Jane, the security administrator, to seek an ACL work
around?
A. Zero day exploit
B. Dumpster diving
C. Virus outbreak
D. Tailgating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=375
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 376
Which of the following ports would be blocked if Pete, a security administrator, wants to
disable FTP?
A. 21
B. 23
C. 25
D. 110
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=376
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 377
Sara, a security administrator, suspects that a web server may be under attack. The web logs
have several entries containing variations of the following entries: or 1=1-- or1 =1-- or1=1
� Which of the following attacks is MOST likely occurring?
A. Zero day exploit
B. Buffer overflow
C. SQL injection
D. Man-in-the-middle
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=377
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 378
Which of the following attacks would be used if Sara, a user, is receiving unwanted text
messages?
A. Packet sniffing
B. Bluesnarfing
C. Smurf attack
D. Blue jacking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=378
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 379
Which of the following practices reduces the attack surface of a wireless network? (Select
TWO)
A. Antenna placement
B. Using TKIP instead on AES
C. Power-level control
D. Using WPA2 instead of WPA
E. Using RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=379
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 380
Matt, a security administrator, is responsible for provisioning role-based user accounts in an
enterprise environment. A user has a temporary business need to perform multiple roles within
the organization. Which of the following is the BEST solution to allow the user to perform
multiple roles?
A. Create expiring unique user IDs per role
B. Allow access to an existing user ID
C. Assign multiple roles to the existing user ID
D. Create an additional expiring generic user ID
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=380
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 381
An application programmer reports to Sara, the security administrator, that the antivirus
software installed on a server is interfering with one of the production HR applications, and
requests that antivirus be temporarily turned off. How should Sara respond to this request?
A. Ask the programmer to replicate the problem in a test environment.
B. Turn off antivirus, but install a host intrusion prevention system on the server.
C. Update the server s antivirus and anti-malware definitions from the vendor s site
D. Turn off antivirus, but turn on the host-based firewall with a deny-all rule set.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=381
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 382
A packet filtering firewall can protect from which of the following?
A. SOL injection
B. Brute force attack
C. Port scan
D. DNS poisoning
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=382
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 383
Which of the following can Matt, an administrator, use to ensure the confidentiality of a file
when it is being sent over FTP?
A. WPA2
B. PGP
C. MD5
D. NTLMv2
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=383
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 384
Pete, a user, submitted a form on the Internet but received an unexpected response shown
below Server Error in �/� Application Runtime error in script on asp.net version 2.0 Which
of the following controls should be put in place to prevent Pete from learning this information
about the web server in the future?
A. Patch management
B. Error handling
C. Fuzzing
D. Input validation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=384
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 385
Employees are reporting that they are receiving unusual calls from the help desk for the
purpose of verifying their user credentials. Which of the following attack types is occurring?
A. Vishing
B. Spear phishing
C. Phishing
D. Pharming
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=385
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 386
Sara, a forensic invest gator, believes that the system image she was presented with is not the
same as the original source. Which of the following should be done to verify whether or not the
image has been tampered with?
A. Compare file sizes from the original with the system image.
B. Reimage the original source with a read-only tool set to ignore errors.
C. Compare hashes of the original source and system image.
D. Compare time stamps from the original with the system image.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=386
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 387
Which of the following is a feature of Kerberos?
A. One-way encryption
B. Vendor patch management
C. Only available for Linux systems
D. Single sign-on
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=387
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 388
An SQL injection vulnerability can be caused by which of the following?
A. Password complexity
B. Improper input validation
C. Discretionary access controls
D. Cross-site request forgery
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=388
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 389
Which of the following is BEST used to break a group of IP addresses into smaller network
segments or blocks?
A. NAT
B. Virtualization
C. NAC
D. Subnetting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=389
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 390
Which of the following would Sara, a security administrator, utilize to identity a weakness
within various applications without exploiting that weakness?
A. Protocol analyzer
B. Port scanner
C. Vulnerability scan
D. Penetration test
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=390
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 391
Matt, a security administrator, wants to allow content owners to determine who has access to
tiles. Which of the following access control types does this describe?
A. Rule based access control
B. Discretionary access control
C. Role based access control
D. Mandatory access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=391
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 392
Which of the following commands can Matt, an administrator, use to create a forensically
sound hard drive image?
A. grep
B. dump
C. dcfldd
D. hex
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=392
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 393
Which of the following technologies would allow the removal of a single point of failure?
A. Dual-homing a server
B. Clustering a SQL server
C. Adding a second VLAN to a switch
D. Assigning a second IP address to a NIC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=393
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 394
Jane, the administrator, is tasked with deploying a strong encryption cipher. Which of the
following ciphers would she be the LEAST likely to choose?
A. DES
B. Two fish
C. 3DES
D. AES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=394
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 395
Jane, a security administrator, has completed the imaging process for 20 computers that were
deployed. The image contains the operating system and all required software. Which of the
following is this an example of?
A. Implementing configuration hardening
B. Implementing configuration baseline
C. Implementing due diligence
D. Deploying and using a trusted OS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=395
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 396
Which of the following open standards should Pete, a security administrator, select for remote
authentication of users?
A. TACACS
B. RADIUS
C. WPA2
D. RIPEMD
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=396
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 397
Matt, a system administrator, wants to establish a nightly available SQL database. Which of the
following would be implemented to eliminate a single point of failure in storage and servers?
A. RAID 5 and a storage area network
B. Two striped drives and clustering
C. Two mirrored drives and clustering
D. RAID 0 and load balancing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=397
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 398
Which of the following malware types is MOST commonly associated with command and
control?
A. Rootkits
B. Logic bombs
C. Botnets
D. Backdoors
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=398
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 399
Which of the following security chips does BitLocker utilize?
A. BIOS
B. CPU
C. CMOS
D. TPM
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=399
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 400
While performing basic forensic analysis of a hard drive in Sara s, the security administrator,
possession, which of the following should be verified during the analysis?
A. Witness statements
B. Image hashes
C. Chain of custody
D. Order of volatility
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=400
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 401
Which of the following policies is implemented in order to minimize data loss or theft?
A. PII handling
B. Password policy
C. Chain of custody
D. Zero day exploits
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=401
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 402
Which of the following allows Pete, a security technician, to prevent email traffic from entering
the company servers?
A. IDS
B. URL filtering
C. VPN concentrators
D. Spam filter
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=402
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 403
Which of the following should be implemented to secure Pete s, a network administrator, daytoday maintenance activities? (Select TWO).
A. TFTP
B. Telnet
C. TACACS+
D. FTP
E. SSH
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=403
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 404
When integrating source material from an open source project into a highly secure
environment, which of the following precautions should prevent hidden threats?
A. Design review
B. Code review
C. Risk assessment
D. Vulnerability scan
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=404
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 405
Which of the following can Sara, a security administrator, implement to ensure that encrypted
files and devices can be recovered if the passphrase is lost?
A. Private key rings
B. Trust models
C. Registration
D. Key escrow
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=405
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 406
An administrator responsible for building and validating security configurations is a violation
of which of the following security principles?
A. Least privilege
B. Job rotation
C. Separation of duties
D. Best business practices
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=406
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 407
Sara, a network security administrator, has been tasked with setting up a guest wireless network
for her corporation. The requirements for this connection state that it must have password
authentication, with passwords being changed every week. Which of the following security
protocols would meet this goal in the MOST secure manner?
A. WPA �CCMP
B. WPA �PSK
C. WPA2-CCMP
D. WPA2-PSK
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=407
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 408
Which of the following are security relevant policies? (Select THREE)
A. Information classification policy
B. Network access policy
C. Data security standard
D. Procurement policy
E. Domain name policy
F. Auditing and monitoring policy
G. Secure login process
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=408
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 409
Which of the following attacks is manifested as an embedded HTML image object or
JavaScript image tag in an email?
A. Exception handling
B. Adware
C. Cross-site request forgery
D. Cross-site scripting
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=409
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 410
Which of the following network solutions would BEST allow Jane, a security technician, to
host an extranet application for her company?
A. Platform as a Service
B. Infrastructure as a Service
C. Storage as a Service
D. Software as a Service
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=410
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 411
Jane, a VPN administrator, was asked to implement an encryption cipher with a MINIMUM
effective security of 128-bits. Which of the following should Jane select for the tunnel
encryption?
A. Blowfish
B. DES
C. SHA256
D. HMAC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=411
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 412
Which of the following could Sara, an administrator, use in a workplace to remove sensitive
data at rest from the premises?
A. Network sniffer
B. Personally owned devices
C. Vulnerability scanner
D. Hardware locks
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=412
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 413
Which of the following administrative controls BEST mitigates the risk of ongoing
inappropriate employee activities in sensitive areas?
A. Mandatory vacations
B. Collusion
C. Time of day restrictions
D. Least privilege
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=413
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 414
Traffic has stopped flowing to and from the company network after the inline IPS hardware
failed. Which of the following has occurred?
A. Failsafe
B. Congestion
C. Fuzzing
D. Disaster recovery
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=414
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 415
A company is installing a wireless network in a building that houses several tenants. Which of
the following should be considered to make sure none of the other tenants can detect the
company s wireless network? (Select TOO).
A. Static IP addresses
B. Wireless encryption
C. MAC filtering
D. Antenna placement
E. Power levels
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=415
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 416
Pete is reporting an excessive amount of junk mail on the network email server. Which of the
following would ONLY reduce the amount of unauthorized mail?
A. Network firewall
B. Port 25 restriction
C. Spam fitters
D. URL filters
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=416
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 417
Which of the following network devices will prevent port scans?
A. Firewall
B. Load balancers
C. NIDS
D. Sniffer
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=417
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 418
Which of the following multifactor authentication methods uses biometrics?
A. Somewhere you are
B. Something you have
C. Something you know
D. Something you are
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=418
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 419
Marketing creates a new folder and requests the following access be assigned: Sales
Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an
example of which of the following?
A. RBAC
B. MAC
C. RSA
D. DAC
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=419
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 420
Sara, the software security engineer, is trying to detect issues that could lead to buffer
overflows or memory leaks in the company software. Which of the following would help Sara
automate this detection?
A. Input validation
B. Exception handling
C. Fuzzing
D. Code review
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=420
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 421
Which of the following control types is video monitoring?
A. Detective
B. Management
C. Preventative
D. Access
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=421
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 422
Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the
next two years to improve business relations. Which of the following would need to be in
place in case something happens to Pete?
A. Succession planning
B. Disaster recovery
C. Separation of duty
D. Removing single loss expectancy
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=422
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 423
Which of the following allows a server to request a website on behalf of Jane, a user?
A. Sniffers
B. Proxies
C. Load balancers
D. Firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=423
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 424
Matt, a systems security engineer, is determining which credential-type authentication to use
within a planned 802.1x deployment. He is looking for a method that does not require a client
certificate, has a server side certificate, and uses TLS tunnels for encryption. Which
credentialtype authentication method BEST fits these requirements?
A. EAP-TLS
B. EAP-FAST
C. PEAP-CHAP
D. PEAP-MSCHAPv2
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=424
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 425
Sara, a security administrator, has generated a key pair for the company web server. Which of
the following should she do next to ensure all web traffic to the company web server is
encrypted?
A. Install both the private and the public key on the client machine.
B. Install both the private and the public key on the web server.
C. Install the public key on the web server and the private key on the client machine.
D. Install the public key on the client machine and the private key on the web server.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=425
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 426
Pete, a security administrator, would like to implement laptop encryption to protect data. The
Chief Executive Officer (CEO) believes this will be too costly to implement and decides the
company will purchase an insurance policy instead. Which of the following is this an example
of?
A. Risk avoidance
B. Risk deterrence
C. Risk acceptance
D. Risk transference
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=426
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 427
Matt, a security administrator, needs to Telnet into a router to change some configurations.
Which of the following ports would need to be open to allow Matt to change the
configurations?
A. 23
B. 125
C. 143
D. 3389
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=427
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 428
The IT Security Department has completed an internal risk assessment and discovered the use
of an outdated antivirus definition file. Which of the following is the NEXT step that
management should take?
A. Analyze the vulnerability results from the scan.
B. Mitigate risk and develop a maintenance plan.
C. Ignore risk and document appropriately to address at a later time.
D. Transfer risk to web application developers.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=428
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 429
Which of the following elements makes up the standard equation used to define risk? (Select
TWO).
A. Confidence
B. Reproducibility
C. Impact
D. Likelihood
E. Exploitability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=429
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 430
Matt�s CRL is over six months old. Which of the following could Matt do in order to ensure
he has the current information? (Select TWO).
A. Update the CRL
B. Change the trust model
C. Deploy a key escrow
D. Query the intermediate CA
E. Deploy a recovery agent
F. Deploy OCSP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=430
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 431
Matt, the security administrator, notices a spike in the number of SQL injection attacks against
a web server connected to a backend SQL database. Which of the following practices should
be used to prevent an application from passing these attacks on to the database?
A. OS hardening
B. Application patch management
C. Error and exception handling
D. Input validation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=431
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 432
Jane s guest, Pete, comes to her office to meet her for lunch. She uses her encoded badge to
enter, and he follows in behind her. This is an example of which of the following?
A. Tailgating
B. Least privilege
C. Whaling
D. Vishing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=432
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 433
A vulnerability has been found in a service that is unnecessary for the corporate environment.
Which of the following is the BEST way to mitigate this vulnerability?
A. Issue a hotfix to lower the vulnerability risk on the network
B. Issue a group policy to disable the service on the network.
C. Issue a service pack to ensure the service is current with all available patches
D. Issue a patch to ensure the service has a lower level of risk if compromised.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=433
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 434
Broadcast traffic is having a negative impact on network performance. Which of the following
might help minimize this issue?
A. Use NAT to hide the IPs of each of the workstations.
B. Separate the network onto a number of different switches.
C. Separate the network into a number of different VLANs.
D. Route all the Unicast traffic through the proxy server.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=434
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 435
One of the concerns regarding portable digital music devices in a corporate environment is
they:
A. can distract users during various security training exercises.
B. can also be used as a USB removable drive.
C. can be used as recorders during meetings.
D. may cause interference with wireless access points
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=435
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 436
Which of the following describes separating encryption keys into multiple parts to store with
trusted third parties?
A. Ticket granting ticket
B. Key recovery
C. Key escrow
D. Key registration
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=436
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 437
Which of the following authentication services relies on a shared secret?
A. RADIUS
B. LDAP
C. Kerberos
D. Tokens
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=437
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 438
Which of the following is characterized by an attack against a mobile device?
A. Evil twin
B. Header manipulation
C. Blue jacking
D. Rogue AP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=438
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 439
Which of the following should Pete, a security technician, apply to a server to BEST prevent
SYN attacks?
A. Loop protection
B. Flood guards
C. Port security
D. ACL
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=439
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 440
When implementing a wireless network, which of the following will decrease the visibility of
the network?
A. Decreasing the encryption strength
B. Disabling the SSID broadcast
C. Enabling WPA2 encryption
D. Enabling MAC filtering
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=440
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 441
Which of the following describes the process of removing unnecessary accounts and services
from an application to reduce risk exposure?
A. Error and exception handling
B. Application hardening
C. Application patch management
D. Cross-site script prevention
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=441
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 442
Mandatory vacation, job rotation, and separation of duties policies all enhance the overall
security posture by doing which of the following?
A. Making it more convenient to review logs for malicious activity
B. Making it more difficult to hide malicious activity by insiders
C. Reducing risks associated with viruses and malware
D. Reducing risks associated with Internet attackers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=442
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 443
A recent policy change requires Pete, a security administrator, to implement TLS wherever
possible. Which of the following can TLS secure? (Select THREE).
A. SNMP
B. HTTP
C. LDAP
D. ICMP
E. SMTP
F. IPSec
G. SSH
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=443
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 444
Which of the following allows a company to correct security issues within their software?
A. Application fuzzing
B. Cross-site scripting
C. Configuration baseline
D. Patch management
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=444
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 445
Matt, a security analyst, discovered that a commonly used website is serving up a script that
redirects users to a questionable website. Which of the following solutions MOST likely
prevents this from occurring?
A. Anti-malware
B. NIDS
C. Pop-up blocker
D. Anti-spam
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=445
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 446
Matt, a network engineer, is setting up an IPSec VPN. Which network-layer key management
standard and its protocol can be used to negotiate the connection?
A. AH
B. Kerberos
C. EAP
D. IKE
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=446
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 447
Which of the following devices can Sara, an administrator, implement to detect and stop known
attacks?
A. Signature-based NIDS
B. Anomaly-based NIDS
C. Signature-based NIPS
D. Anomaly-based NIPS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=447
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 448
Which of the following represents the WEAKEST password?
A. PaSsWoRd
B. P@sSWOr&
C. P@sSW1r&
D. PassW1rD
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=448
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 449
Which of the following is mainly used for remote access into the network?
A. XTACACS
B. TACACS+
C. Kerberos
D. RADIUS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=449
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 450
In order to prevent users from surfing the web at work, Jane, the administrator, should block
which of the following ports? (Select TWO).
A. TCP 25
B. TCP 80
C. TCP 110
D. TCP 443
E. UDP 80
F. UDP 8080
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=450
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 451
Matt, the IT administrator, wants to ensure that if any mobile device gets lost no data can be
retrieved. Which of the following can he implement on the mobile devices to help accomplish
this?
A. Cable locks
B. Strong passwords
C. Voice encryption
D. Remote sanitization
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=451
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 452
Matt, a security administrator, wants to configure all the switches and routers in the network in
order to security monitor their status. Which of the following protocols would he need to
configure on each device?
A. SMTP
B. SNMPv3
C. IPSec
D. SNMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=452
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 453
Jane, a security administrator, recently configured the firewall for the corporate office. Some
users report that they are unable to access any resources outside of the company. Which of the
following is the MOST likely reason for the lack of access?
A. Jane forgot to save the configuration on the firewall
B. Jane forgot to account for the implicit deny statement
C. Jane forgot to connect the internal firewall port back to the switch
D. Jane specifically denied access for all users
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=453
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 454
Which of the following describes common concerns when implementing IPS?
A. Legitimate traffic will be incorrectly blocked
B. False negatives will disrupt network throughput
C. Incompatibilities with existing routers will result in a DoS
D. Security alerts will be minimal until adequate traffic is collected
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=454
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 455
Which of the following network design elements will allow Jane, a security technician, to
access internal company resources without the use of a DS3, Satellite, or T1 connection?
A. CSU/DSU
B. Firewall
C. Router
D. DSL
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=455
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 456
Which of the following utilizes the ECHO function of Internet Control Message Protocol
(ICMP) to overwhelm a victim s system?
A. Logic bomb
B. Whaling
C. Man-in-the-middle
D. Smurf attack
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=456
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 457
Matt, an administrator, is concerned about the wireless network being discovered by war
driving. Which of the following can be done to mitigate this?
A. Enforce a policy for all users to authentic through a biometric device.
B. Disable all SSID broadcasting
C. Ensure all access points are running the latest firmware.
D. Move all access points into public access areas.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=457
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 458
Jane, the administrator of a small company, wishes to track people who access the secured
server room, which is secured only by a simple hardware key lock. Jane does not have much of
a budget or the approval to make significant construction changes. Given the limitations,
which of the following can she do in the meantime?
A. Implement a sign in/out sheet with on-site security personnel
B. Install a 24/7 closed-circuit camera system
C. Install a separate hardware lock with limited keys
D. Implement a cipher key lock
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=458
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 459
Which of the following enterprise security controls is BEST implemented by the use of a
RADIUS server?
A. ACL
B. NAT
C. VLAN
D. 802.1X
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=459
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 460
Pete, the security administrator at a financial institution, has finished downloading a new
system patch and needs to verify its authenticity. Which of the following is the correct MD5
string for the file he downloaded?
A. 1a03b7fe4c67d9012gb42b4de49d9f3b
B. b42b4de49d9f3b1a03b7fe4c67d9012
C. 303b7fe4c67d9012b42b4de49d9f3b134
D. ab42b4de49d9f3b1a03b7f34c67d9012
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=460
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 461
One of the advantages of Trusted Platform Modules (TPM) is:
A. it cannot be modified by a silent background process.
B. it is tied to the system s MAC address for secured tracking.
C. it cannot be used as the basis for securing other encryption methods.
D. it can be tied to the user s logon account for additional authentication
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=461
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 462
Which of the following protocols is MOST closely linked with SSL?
A. SNMP
B. TLS
C. FTP
D. ICMP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=462
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 463
Which of the following would Jane, an administrator, use to detect an unknown security
vulnerability?
A. Patch management
B. Application fuzzing
C. ID badge
D. Application configuration baseline
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=463
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 464
Which of the following data center environmental controls must be property configured to
prevent equipment failure from water?
A. Lighting
B. Temperature
C. Humidity
D. Halon fire suppression
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=464
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 465
Matt, a corporate user, has volunteered to participate in a test group for full disk encryption on
employees laptops. After his laptop s hard drive has been fully encrypted, the network
administrator is still able to access Matt s files across a SMB share. Which of the following is
the MAIN reason why the files are still accessible to the administrator?
A. Matt must reboot his laptop before the encryption is activated.
B. Files moved by the network administrator off Matt s laptop are automatically
decrypted
C. Full disk encryption only secures files when the laptop is powered off
D. The network administrator can decrypt anyone s files.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=465
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 466
Hashing and encryption provide for which of the following? (Select TWO)
A. Authentication
B. Availability
C. Identification
D. Confidentiality
E. Authorization
F. Integrity
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=466
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 467
Which of the following will require exceptions when considering the use of 802.1x port
security?
A. Switches
B. Printers
C. Laptops
D. Desktops
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=467
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 468
Which of the following data encryption types will BEST protect data in motion and at rest to a
cloud provider?
A. File encryption
B. Transport
C. PKI
D. SHA-256
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=468
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 469
Which of the following will mitigate the effects of devices in close proximity?
A. EMI shielding
B. Load balancing
C. Grounding
D. Video monitoring
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=469
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 470
A major CA has been compromised and a new patch has been released to make necessary
changes on user machines. Which of the following is likely to be updated as a part of this
patch?
A. Recovery agent
B. CRL
C. Key escrow
D. PKI
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=470
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 471
Which of the following uses both a public and private key?
A. RSA
B. AES
C. MD5
D. SHA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=471
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 472
Visitors entering a building are required to close the back door before the front door of the
same entry room is open. Which of the following is being described?
A. Tailgating
B. Fencing
C. Screening
D. Mantrap
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=472
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 473
Symmetric encryption utilizes________. While asymmetric encryption utilizes__________.
A. Public keys, one time
B. Shared keys, private keys
C. Private keys, session keys
D. Private keys, public keys
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=473
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 474
Jane, an administrator, notices that after 2.000 attempts a malicious user was able to
compromise an employee s password. Which of the following security controls BEST
mitigates this type of external attack? (Select TWO).
A. Account expiration
B. IDS
C. Password complexity
D. Server logging
E. Account lockout
F. Proxy server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=474
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 475
Matt, the network engineer, has been tasked with separating network traffic between virtual
machines on a single hypervisor. Which of the following would he implement to BEST address
this requirement? (Select TWO).
A. Virtual switch
B. NAT
C. System partitioning
D. Access-list
E. Disable spanning tree
F. VLAN
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=475
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 476
Sara, an IT manager, wants to change the firewall rules to allow RemoteOfficeB to connect to
the corporate network using SSH. Which of the following rules would only allow necessary
access?
A. Permit RemoteOfficeB any port 69
B. Permit RemoteOfficeB any all
C. Permit RemoteOfficeB any port 22
D. Permit any corporate port 443
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=476
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 477
Which of the following attacks is characterized by someone following a staff member who is
entering a corporate facility?
A. Evil twin
B. Tailgating
C. Shoulder surfing
D. Impersonation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=477
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 478
Speaking a passphrase into a voice print analyzer is an example of which of the following
security concepts?
A. Two factor authentication
B. Identification and authorization
C. Single sign-on
D. Single factor authentication
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=478
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 479
Jane, a corporate user, is trying to secure her laptop from drive-by download before she leaves
for a computer conference. Which of the following should be installed to keep Jane s laptop
secure from these attacks?
A. Full disk encryption
B. Host based firewall
C. Antivirus system
D. Network based firewall
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=479
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 480
Which of the following detection methods may generate an alert when Matt, an employee,
accesses a server during non-business hours?
A. Signature
B. Time of Day restrictions
C. Heuristic
D. Behavioral
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=480
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 481
Which of the following data is typically left unencrypted in software based full disk
encryption?
A. OS registry
B. Extended partition
C. BIOS
D. MBR
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=481
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 482
Which of the following is an authentication service that uses symmetrical keys and tickets?
A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=482
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 483
Which of the following application attacks is identified by use of the <SCRIPT> tag?
A. XSS
B. Buffer overflow
C. Directory traversal
D. Zero day
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=483
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 484
Jane, a security architect, is working on setting up a secure email solution between internal
employees and external customers. Which of the following would BEST meet her goal?
A. Public key infrastructure
B. Key escrow
C. Internal certificate authority
D. Certificate revocation list
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=484
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 485
Which of the following allows multiple internal IP addresses to be mapped to one specific
external IP address?
A. VLAN
B. NAT
C. NAC
D. PAT
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=485
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 486
Which of the following would Jane, a security administrator, use to encrypt transmissions from
streaming video transmissions, keeping in mind that each bit must be encrypted as it comes
across the network?
A. IDEA
B. AES
C. RC4
D. 3DES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=486
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 487
Matt, a user, finds a flash drive in the parking lot and decides to see what is on it by using his
company laptop. A few days later Matt reports his laptop is running slow and is unable to
perform simple tasks. The security administrator notices several unauthorized applications
have been installed. CPU usage is unusually high, and a collection of screenshots of Matt s
recent activity has been transmitted over the network .This is an example of which of the
following?
A. Backdoor
B. Logic bomb
C. Rootkit
D. Spyware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=487
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 488
Pete, the security administrator, found that several of the company s workstations are infected
with a program aimed at stealing users cookies and reporting them back to the malicious user.
Which of the following attack types is the malicious user MOST likely to carry out with this
information?
A. Man-in-the-middle
B. Session hijacking
C. Command injection
D. Trojan infection
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=488
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 489
Sara, a security administrator, is implementing remote management for network infrastructure
using SNMP. Which of the following statements is true about SNMP?
A. Read communities allow write permissions
B. Relays mail based on domain keys and access headers
C. SNMP communities are encrypted using PKI
D. Write communities allow both read and write permissions
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=489
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 490
Which of the following mitigation techniques is Pete, a security administrator, MOST likely to
implement after the software has been released to the public?
A. Error and exception handling
B. Fuzzing
C. Secure coding
D. Patch management
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=490
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 491
Which of the following BEST defines risk?
A. A threat will have a larger impact than anticipated
B. Remediation of a known vulnerability is cost prohibitive
C. A degree of probability of loss
D. A user leaves a system unsecure
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=491
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 492
Companies allowing remote access to internal systems or systems containing sensitive data
should provide access using:
A. dial-up or broadband networks using passwords.
B. wireless networks using WPA encryption.
C. VPN with two factor authentication.
D. carrier based encrypted data networks
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=492
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 493
Which of the following is the proper order for incident response?
A. Detection, preparation, containment, eradication, recovery
B. Preparation, detection, containment, eradication, recovery
C. Preparation, detection, recovery, eradication, containment
D. Detection, containment, eradication, recovery, preparation
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=493
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 494
Which of the following is considered the MOST secure wireless encryption measure to
implement?
A. TKIP
B. CCMP
C. WPA2
D. WEP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=494
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 495
Sara, a security engineer, is testing encryption ciphers for performance. Which of the following
ciphers offers strong encryption with the FASTEST speed?
A. 3DES
B. Blowfish
C. Serpent
D. AES256
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=495
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 496
A team is developing a new application with many different screens that users can access. The
team decides to simplify access by creating just two internal application roles. One role is
granted read-only access to the summary screen. The other role is granted update access to all
screens. This simplified access model may have a negative security impact on which of the
following?
A. Remote access
B. Identity management
C. Least privilege
D. Authentication
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=496
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 497
Which of the following would be the BEST choice for attacking a complex password hash?
A. Man in the middle
B. Dictionary files
C. Rainbow tables
D. Brute-force intrusion
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=497
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 498
In order for Pete, a user, to logon to his desktop computer, he must provide his username,
password, and use a common access card with a PIN. Which of the following authentication
methods is Pete using?
A. Single factor
B. Two factor
C. Three factor
D. Four factor
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=498
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 499
Which of the following is a reason why a company might deploy data encryption?
A. To maintain the integrity of the information
B. To keep information confidential
C. To prevent data corruption
D. To prevent backup tape theft
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=499
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 500
Which of the following would Sara, a security administrator, implement to divert and analyze
attacks?
A. Protocol analyzer
B. DMZ
C. Port scanner
D. Honeypot
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=500
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 501
In PKI, the public key is used to:
A. Decrypt the signature CRC
B. Decrypt an email message
C. Encrypt an email message
D. Encrypt the signature hash
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=501
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 502
Jane, a security technician, needs to open ports on a firewall to allow for domain name
resolution. Which of the following ports should Jane open? (Select TWO).
A. TCP 21
B. TCP 23
C. TCP 53
D. UDP 23
E. UDP 53
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=502
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 503
After a new firewall has been installed, devices cannot obtain a new IP address. Which of the
following ports should Matt, the security administrator, open on the firewall?
A. 25
B. 68
C. 80
D. 443
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=503
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 504
The health care department is storing files with names, addresses, and social security numbers
on a corporate file server. Matt, the security analyst, comes across this data in an audit. Which
of the following has Matt discovered?
A. Personal identifiable information
B. Data classification rules
C. Data disposal procedures
D. Data handling rules
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=504
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 505
Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The
message is 160-bits long. Which of the following hashing methods would Matt have to use to
obtain this digital fingerprint?
A. SHA1
B. MD2
C. MD4
D. MD5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=505
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 506
Which of the following would Jane, a security administrator, use to authenticate remote users
into the network?
A. RADIUS
B. XTACACS
C. TACACS
D. ACLs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=506
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 507
A company wants to implement a policy that helps reduce employee stress and decrease the
likelihood of security incidents caused by job dissatisfaction. Which of the following will
MOST likely have a positive impact on the employee stress and job satisfaction?
A. Change management
B. Mandatory vacations
C. Due care
D. Service Level Agreements
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=507
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 508
Pete would like to implement a new tape backup plan for HR to speed up the process of nightly
backups on their file systems HR does not make many file alterations on Tuesday through
Thursday. Pete does a full backup on Monday and again on Friday. Which of the following
should Pete do to speed up the backups Tuesday through Thursday?
A. Incremental backups Tuesday through Thursday
B. Full backups Tuesday through Thursday
C. Differential backups Tuesday through Thursday
D. Differential backups Tuesday and Wednesday
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=508
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 509
Sara, a user, needs to copy a file from a Linux workstation to a Linux server using the MOST
secure file transfer method available. Which of the following protocols would she use?
A. SCP
B. FTP
C. SNMP
D. TFTP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=509
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 510
Which of the following would Matt, a security administrator, use to encrypt transmissions from
an internal database to an internal server, keeping in mind that the encryption process must add
as little latency to the process as possible?
A. ECC
B. RSA
C. SHA
D. 3DES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=510
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 511
Matt, a system administrator, notices that there have been many failed login attempts to the
virtual server s management interface. Which of the following would be the BEST way for
him to secure the virtual server s OS?
A. Implement QoS
B. Create an access control list
C. Isolate the management network
D. Enable SSH
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=511
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 512
Which of the following wireless attacks MOST likely targets a smart phone?
A. War driving
B. Whaling
C. IV attack
D. Bluesnarfing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=512
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 513
Which of the following host security procedures will facilitate in the identification of Advanced
Persistent Threats (APT)?
A. Remote wipe
B. Group policy implementation
C. Host software baselining
D. Antivirus
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=513
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 514
Jane, a security technician, has been called into a meeting with the management team who has
a requirement for comprehensive vetting of specialized employees as part of the hiring
process. Funding and resources are not an issue since staff members are in high risk positions
and have access to sensitive data. Which of the following access control types BEST meets the
requirement?
A. Rule based access control
B. Discretionary access control
C. Mandatory access control
D. Role based access control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=514
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 515
A company wants to ensure that its hot site is prepared and functioning. Which of the following
would be the BEST process to verily the backup datacenter is prepared for such a scenario?
A. Site visit to the backup data center
B. Disaster recovery plan review
C. Disaster recovery exercise
D. Restore from backup
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=515
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 516
Pete, the security administrator, would like all users connecting to the corporate SSL VPN
router to have up-to-date patches and antivirus signatures verified prior to accessing the
internal network. Which of the following would MOST likely be employed as the verification
process?
A. The router ACL matches VPN traffic. The NAC server verifies antivirus signatures
are supported and up-to-date.
B. The NAC server processes the authentication, and then it matches patches and
antivirus signatures with its local database.
C. The access control server connects to the agent on the users�client to set minimal
accepted levels of patching and signatures allowed. The agent creates a token which the
router can match for access.
D. The router sends queries to the access control server; the access control server
handles proxy requests to third party patching and antivirus servers.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=516
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 517
In which of the following access control types does the operating system data classification
determine who has access to certain resources?
A. Discretionary Access Control
B. Role based Access Control
C. Mandatory Access Control
D. Rule based Access Control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=517
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 518
Sara, a security administrator, needs to simplify the management of access to remote files and
folders. Which of the following can she implement to BEST accomplish this?
A. Group based ACLs
B. Creating multiple copies of the files and folders
C. Discretionary access control
D. User based ACLs
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=518
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 519
Matt, a security administrator, wants to implement a secure wireless network. Which of the
following is the MOST secure wireless protocol?
A. WPA2
B. WPA
C. WEP
D. AES
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=519
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 520
Which of the following protocols allows for the LARGEST address space?
A. IPX
B. IPv4
C. IPv6
D. Appletalk
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=520
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 521
In order to justify the cost of a new security appliance, the administrator should do which of the
following?
A. RIO analysis
B. Benchmarking
C. Market analysis
D. Usability testing
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=521
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 522
Which of the following is responsible for masking the activity of an on-going attack from the
administrator s operating system monitoring tools?
A. Rootkit
B. Botnet
C. Spyware
D. Trojan
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=522
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 523
Which of the following forms of FTP uses TLS to securely send information?
A. SCP
B. FTPS
C. SFTP
D. HTTPS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=523
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 524
Which of the following BEST allows Jane, a security administrator, to perform ongoing
assessments of existing weaknesses within an enterprise?
A. Vulnerability scanning
B. NIPS
C. HIDS
D. Protocol analyzer
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=524
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 525
Jane, an attacker, compromises a payroll system and replaces a commonly executed application
with a modified version which appears to run as normal but also executes additional functions.
Which of the following would BEST describe the slightly modified application?
A. Trojan
B. Rootkit
C. Spyware
D. Adware
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=525
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 526
To protect corporate data on removable media, a security policy should mandate that all
removable devices use which of the following?
A. Full disk encryption
B. Application isolation
C. Digital rights management
D. Data execution prevention
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=526
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 527
Which of the following would allow Pete, a security analyst, to assess his company s
proficiency with a particular security process?
A. Risk Assessment
B. Capability Maturity Model
C. Risk Calculation
D. Trusted Platform Module
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=527
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 528
The Chief Security Officer (CSO) informs Jane, the technician, that there is a new requirement
for all data repositories where data must be encrypted when not in use. The CSO wants Jane to
apply this requirement to all corporate servers. Which of the following data encryption types
will BEST fill this requirement?
A. Mobile device encryption
B. Full disk encryption
C. Transport encryption
D. Database encryption
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=528
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 529
Jane, a security technician, needs to develop access controls for the network. In which of the
following access control types does a user determine who has access to certain network
resources?
A. Mandatory Access Control
B. Rule based Access Control
C. Role based Access Control
D. Discretionary Access Control
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=529
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 530
Which of the following should Pete, the security technician, use to secure DNS zone transfers?
A. VLAN
B. DIMSSEC
C. ACL
D. 802.1X
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=530
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 531
Matt, a network engineer, is implementing a VPN solution. Which of the following can Matt
use to secure the user authentication session?
A. GPG
B. PGP
C. CHAP
D. RSA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=531
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 532
Sara, a user in the human resources department, requests a privacy screen for her monitor at
work. Which of the following social engineering attack is Sara attempting to prevent?
A. Impersonation
B. Vishing
C. Shoulder surfing
D. Tailgating
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JK0-018&qno=532
-------------------------------------------------------------------------------------------------------------------------------------
TwPass Certification Exam Features;
-
TwPass offers over 2500 Certification exams for professionals.
More than 98,800 Satisfied Customers Worldwide.
Average 99.8% Success Rate.
Over 120 Global Certification Vendors Covered.
Services of Professional & Certified Experts available via support.
Free 90 days updates to match real exam scenarios.
Instant Download Access! No Setup required.
Price as low as $19, which is 80% more cost effective than others.
Verified answers researched by industry experts.
Study Material updated on regular basis.
Questions / Answers are downloadable in PDF format.
Mobile Device Supported (Android, iPhone, iPod, iPad)
No authorization code required to open exam.
Portable anywhere.
Guaranteed Success.
Fast, helpful support 24x7.
View list of All Exams (AE);
http://www.twpass.com/twpass.com/vendors.aspx
Download Any Certication Exam DEMO.
http://www.twpass.com/twpass.com/vendors.aspx
To purchase Full version of exam click below;
http://www.TwPass.com/
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising