[Free] 2018(Aug) Dumps4cert CompTIA JK0-018 Dumps with VCE and PDF Download 431-440

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!

CompTIA Security E2C

Question No: 431 – (Topic 5)

A team of firewall administrators have access to a ‘master password list’ containing service account passwords. Which of the following BEST protects the master password list?

  1. File encryption

  2. Password hashing

  3. USB encryption

  4. Full disk encryption

Answer: A

Question No: 432 – (Topic 5)

An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests. Which of the following describes how this private key should be stored so that it is protected from theft?

  1. Implement full disk encryption

  2. Store on encrypted removable media

  3. Utilize a hardware security module

  4. Store on web proxy file system

Answer: C

Question No: 433 – (Topic 5)

An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process?

  1. Employee is required to share their password with authorized staff prior to leaving the firm

  2. Passwords are stored in a reversible form so that they can be recovered when needed

  3. Authorized employees have the ability to reset passwords so that the data is accessible

  4. All employee data is exported and imported by the employee prior to them leaving the firm

Answer: C

Question No: 434 – (Topic 5)

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access. Which of the following is the BEST approach to implement this process?

  1. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site.

  2. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset.

  3. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password.

  4. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login.

Answer: D

Question No: 435 – (Topic 5)

A bank has a fleet of aging payment terminals used by merchants for transactional

processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?

  1. AES

  2. 3DES

  3. RC4

  4. WPA2

Answer: B

Question No: 436 – (Topic 5)

A new MPLS network link has been established between a company and its business partner. The link provides logical isolation in order to prevent access from other business partners. Which of the following should be applied in order to achieve confidentiality and integrity of all data across the link?

  1. MPLS should be run in IPVPN mode.

  2. SSL/TLS for all application flows.

  3. IPSec VPN tunnels on top of the MPLS link.

  4. HTTPS and SSH for all application flows.

Answer: C

Question No: 437 – (Topic 5)

Which of the following authentication services should be replaced with a more secure alternative?

  1. RADIUS

  2. TACACS

  3. TACACS

  4. XTACACS

Answer: B

Question No: 438 – (Topic 5)

A financial company requires a new private network link with a business partner to cater for real-time and batched data flows. Which of the following activities should be performed by the IT security staff member prior to establishing the link?

  1. Baseline reporting

  2. Design review

  3. Code review

  4. SLA reporting

Answer: B

Question No: 439 – (Topic 5)

A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?

  1. Identification

  2. Authorization

  3. Access control

  4. Authentication

Answer: A

Question No: 440 – (Topic 5)

Which of the following is designed to ensure high availability of web based applications?

  1. Proxies

  2. Load balancers

  3. URL filtering

  4. Routers

Answer: B

100% Dumps4cert Free Download!
JK0-018 PDF
100% Dumps4cert Pass Guaranteed!
JK0-018 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No