[Free] 2018(Aug) Dumps4cert CompTIA JK0-018 Dumps with VCE and PDF Download 171-180
Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!
CompTIA Security E2C
Question No: 171 – (Topic 2)
After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points:
Corpnet Coffeeshop FreePublicWifi
Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created?
-
Infrastructure as a Service
-
Load balancer
-
Evil twin
-
Virtualized network
Answer: C
Question No: 172 – (Topic 2)
Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?
-
Key escrow
-
Non-repudiation
-
Multifactor authentication
-
Hashing
Answer: B
Question No: 173 – (Topic 2)
After a recent breach, the security administrator performs a wireless survey of the corporate network. The security administrator notices a problem with the following output:
MACSSIDENCRYPTIONPOWERBEACONS 00:10:A1:36:12:CCMYCORPWPA2 CCMP601202
00:10:A1:49:FC:37MYCORPWPA2 CCMP709102 FB:90:11:42:FA:99MYCORPWPA2 CCMP403031 00:10:A1:AA:BB:CCMYCORPWPA2 CCMP552021
00:10:A1:FA:B1:07MYCORPWPA2 CCMP306044
Given that the corporate wireless network has been standardized, which of the following attacks is underway?
-
Evil twin
-
IV attack
-
Rogue AP
-
DDoS
Answer: A
Question No: 174 – (Topic 2)
Input validation is an important security defense because it:
-
rejects bad or malformed data.
-
enables verbose error reporting.
-
protects mis-configured web servers.
-
prevents denial of service attacks.
Answer: A
Question No: 175 – (Topic 2)
In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?
-
Continuous security monitoring
-
Baseline configuration and host hardening
-
Service Level Agreement (SLA) monitoring
-
Security alerting and trending
Answer: A
Question No: 176 – (Topic 2)
A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).
-
Automatically disable accounts that have not been utilized for at least 10 days.
-
Utilize automated provisioning and de-provisioning processes where possible.
-
Request that employees provide a list of systems that they have access to prior to leaving the firm.
-
Perform regular user account review / revalidation process.
-
Implement a process where new account creations require management approval.
Answer: B,D
Question No: 177 – (Topic 2)
The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?
-
Software as a Service
-
Infrastructure as a Service
-
Platform as a Service
-
Hosted virtualization service
Answer: A
Question No: 178 – (Topic 2)
Which of the following provides the BEST application availability and is easily expanded as demand grows?
-
Server virtualization
-
Load balancing
-
Active-Passive Cluster
-
RAID 6
Answer: B
Question No: 179 – (Topic 2)
An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?
-
Create three VLANs on the switch connected to a router
-
Define three subnets, configure each device to use their own dedicated IP address
range, and then connect the network to a router
-
Install a firewall and connect it to the switch
-
Install a firewall and connect it to a dedicated switch for each device type
Answer: A
Question No: 180 – (Topic 2)
Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?
-
WEP
-
MAC filtering
-
Disabled SSID broadcast
-
TKIP
Answer: B
100% Dumps4cert Free Download!
–JK0-018 PDF
100% Dumps4cert Pass Guaranteed!
–JK0-018 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |