Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!
CompTIA Security E2C
Question No: 271 – (Topic 3)
Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented?
-
SQL injection
-
Session hijacking and XML injection
-
Cookies and attachments
-
Buffer overflow and XSS
Answer: A
Question No: 272 – (Topic 3)
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
-
HIPS on each virtual machine
-
NIPS on the network
-
NIDS on the network
-
HIDS on each virtual machine
Answer: A
Question No: 273 – (Topic 3)
A security administrator wants to get a real time look at what attackers are doing in the
wild, hoping to lower the risk of zero-day attacks. Which of the following should be used to accomplish this goal?
-
Penetration testing
-
Honeynets
-
Vulnerability scanning
-
Baseline reporting
Answer: B
Question No: 274 – (Topic 3)
Which of the following protocols is the security administrator observing in this packet capture?
12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK
-
HTTPS
-
RDP
-
HTTP
-
SFTP
Answer: B
Question No: 275 – (Topic 3)
Which of the following is true about asymmetric encryption?
-
A message encrypted with the private key can be decrypted by the same key
-
A message encrypted with the public key can be decrypted with a shared key.
-
A message encrypted with a shared key, can be decrypted by the same key.
-
A message encrypted with the public key can be decrypted with the private key.
Answer: D
Question No: 276 – (Topic 3)
Which of the following is true about an email that was signed by User A and sent to User B?
-
User A signed with User B’s private key and User B verified with their own public key.
-
User A signed with their own private key and User B verified with User A’s public key.
-
User A signed with User B’s public key and User B verified with their own private key.
-
User A signed with their own public key and User B verified with User A’s private key.
Answer: B
Question No: 277 – (Topic 3)
The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?
-
HPM technology
-
Full disk encryption
-
DLP policy
-
TPM technology
Answer: C
Question No: 278 – (Topic 3)
Which of the following protocols encapsulates an IP packet with an additional IP header?
-
SFTP
-
IPSec
-
HTTPS
-
SSL
Answer: B
Question No: 279 – (Topic 3)
A program has been discovered that infects a critical Windows system executable and
stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone’s boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?
-
Zero-day
-
Trojan
-
Virus
-
Rootkit
Answer: C
Question No: 280 – (Topic 3)
A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host:
Old ‘hosts’ file:
127.0.0.1 localhost New ‘hosts’ file:
127.0.0.1 localhost
Which of the following attacks has taken place?
-
Spear phishing
-
Pharming
-
Phishing
-
Vishing
Answer: B
100% Dumps4cert Free Download!
–Download Free Demo:JK0-018 Demo PDF
100% Dumps4cert Pass Guaranteed!
–JK0-018 Dumps
| Dumps4cert | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |