Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released JK0-018
100% Free Download! 100% Pass Guaranteed!
CompTIA Security E2C
Question No: 341 – (Topic 4)
Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).
-
Acceptable use policy
-
Risk acceptance policy
-
Privacy policy
-
Email policy
-
Security policy
Answer: A,C
Question No: 342 – (Topic 4)
A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:
-
Black box testing
-
White box testing
-
Black hat testing
-
Gray box testing
Answer: A
Question No: 343 – (Topic 4)
Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?
-
Honeypot
-
Port scanner
-
Protocol analyzer
-
Vulnerability scanner
Answer: C
Question No: 344 – (Topic 4)
Which of the following should an administrator implement to research current attack methodologies?
-
Design reviews
-
Honeypot
-
Vulnerability scanner
-
Code reviews
Answer: B
Question No: 345 – (Topic 4)
Which of the following consists of peer assessments that help identify security threats and vulnerabilities?
-
Risk assessment
-
Code reviews
-
Baseline reporting
-
Alarms
Answer: B
Question No: 346 – (Topic 4)
Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?
-
Structured walk through
-
Full Interruption test
-
Check list test
-
Table top exercise
Answer: A
Question No: 347 – (Topic 4)
An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?
-
Add reverse encryption
-
Password complexity
-
Increase password length
-
Allow single sign on
Answer: B
Question No: 348 – (Topic 4)
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
-
Intrusion Detection System
-
Flood Guard Protection
-
Web Application Firewall
-
URL Content Filter
Answer: C
Question No: 349 – (Topic 4)
Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each production release?
-
Product baseline report
-
Input validation
-
Patch regression testing
-
Code review
Answer: D
Question No: 350 – (Topic 4)
Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the system, Ann would use which of the following?
-
Vulnerability scanning
-
SQL injection
-
Penetration testing
-
Antivirus update
Answer: A
100% Dumps4cert Free Download!
–Download Free Demo:JK0-018 Demo PDF
100% Dumps4cert Pass Guaranteed!
–JK0-018 Dumps
| Dumps4cert | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |