JK0-022 CompTIA Academic/E2C Security+ Certification Exam Voucher Only

Page 1   
Question 1

Which of the following protocols is used by IPv6 for MAC address resolution?

  • A. NDP
  • B. ARP
  • C. DNS
  • D. NCP


Answer : A

Explanation: The Neighbor Discovery Protocol (NDP) is a protocol in the Internet protocol suite used with Internet Protocol Version 6 (IPv6).

Question 2

After a network outage, a PC technician is unable to ping various network devices. The
network administrator verifies that those devices are working properly and can be accessed
securely.
Which of the following is the MOST likely reason the PC technician is unable to ping those
devices?

  • A. ICMP is being blocked
  • B. SSH is not enabled
  • C. DNS settings are wrong
  • D. SNMP is not configured properly


Answer : A

Explanation: ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked.

Question 3

Which of the following components of an all-in-one security appliance would MOST likely
be configured in order to restrict access to peer-to-peer file sharing websites?

  • A. Spam filter
  • B. URL filter
  • C. Content inspection
  • D. Malware inspection


Answer : B

Explanation: The question asks how to prevent access to peer-to-peer file sharing websites. You access a website by browsing to a URL using a Web browser or peer-to-peer file sharing client software. A URL filter is used to block URLs (websites) to prevent users accessing the website. Incorrect Answer: A: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam according to the spam filter configuration. Spam filters do not prevent users accessing peer-to-peer file sharing websites. C: Content inspection is the process of inspecting the content of a web page as it is downloaded. The content can then be blocked if it doesnt comply with the companys web policy. Content-control software determines what content will be available or perhaps more often what content will be blocked. Content inspection does not prevent users accessing peer-to-peer file sharing websites (although it could block the content of the sites as it is downloaded). D: Malware inspection is the process of scanning a computer system for malware. Malware inspection does not prevent users accessing peer-to-peer file sharing websites. References: http://www.provision.ro/threat-management/web-application-security/url-filtering#pagei- 1|pagep-1| , Sybex, Indianapolis, 2014, pp 18, 19.

Question 4

Which of the following should the security administrator implement to limit web traffic based
on country of origin? (Select THREE).

  • A. Spam filter
  • B. Load balancer
  • C. Antivirus
  • D. Proxies
  • E. Firewall
  • F. NIDS
  • G. URL filtering


Answer : D,E,G

Explanation: A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. Firewalls manage traffic using a rule or a set of rules. A URL is a reference to a resource that specifies the location of the resource. A URL filter is used to block access to a site based on all or part of a URL.

Question 5

A network engineer is setting up a network for a company. There is a BYOD policy for the
employees so that they can connect their laptops and mobile devices.
Which of the following technologies should be employed to separate the administrative
network from the network in which all of the employees devices are connected?

  • A. VPN
  • B. VLAN
  • C. WPA2
  • D. MAC filtering


Answer : B

Explanation: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

Question 6

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of
the following ports should be opened on the firewall?

  • A. TCP 23
  • B. UDP 69
  • C. TCP 22
  • D. TCP 21


Answer : C

Explanation: SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file- transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).

Question 7

A security administrator has configured FTP in passive mode. Which of the following ports
should the security administrator allow on the firewall by default?

  • A. 20
  • B. 21
  • C. 22
  • D. 23


Answer : B

Explanation: When establishing an FTP session, clients start a connection to an FTP server that listens on TCP port 21 by default.

Question 8

Which of the following security devices can be replicated on a Linux based computer using
IP tables to inspect and properly handle network based traffic?

  • A. Sniffer
  • B. Router
  • C. Firewall
  • D. Switch


Answer : C

Explanation: Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.

Question 9

A company has implemented PPTP as a VPN solution. Which of the following ports would
need to be opened on the firewall in order for this VPN to function properly? (Select TWO).

  • A. UDP 1723
  • B. TCP 500
  • C. TCP 1723
  • D. UDP 47
  • E. TCP 47


Answer : C,D

Explanation: A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a second GRE tunnel to the same peer. The PPTP GRE packet format is non-standard, including an additional acknowledgement field replacing the typical routing field in the GRE header. However, as in a normal GRE connection, those modified GRE packets are directly encapsulated into IP packets, and seen as IP protocol number 47.

Question 10

Which of the following firewall rules only denies DNS zone transfers?

  • A. deny udp any any port 53
  • B. deny ip any any
  • C. deny tcp any any port 53
  • D. deny all dns packets


Answer : C

Explanation: DNS operates over TCP and UDP port 53. TCP port 53 is used for zone transfers.

Question 11

Which of the following best practices makes a wireless network more difficult to find?

  • A. Implement MAC filtering
  • B. UseWPA2-PSK
  • C. Disable SSID broadcast
  • D. Power down unused WAPs


Answer : C

Explanation: Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so its a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isnt for public use.

Question 12

Which of the following would Pete, a security administrator, do to limit a wireless signal
from penetrating the exterior walls?

  • A. Implement TKIP encryption
  • B. Consider antenna placement
  • C. Disable the SSID broadcast
  • D. Disable WPA


Answer : B

Explanation: Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical.

Question 13

A security team has identified that the wireless signal is broadcasting into the parking lot.
To reduce the risk of an attack against the wireless network from the parking lot, which of
the following controls should be used? (Select TWO).

  • A. Antenna placement
  • B. Interference
  • C. Use WEP
  • D. Single Sign on
  • E. Disable the SSID
  • F. Power levels


Answer : A,F

Explanation: Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.

Question 14

Which of the following is required to allow multiple servers to exist on one physical server?

  • A. Software as a Service (SaaS)
  • B. Platform as a Service (PaaS)
  • C. Virtualization
  • D. Infrastructure as a Service (IaaS)


Answer : C

Explanation: Virtualization allows a single set of hardware to host multiple virtual machines.

Question 15

After entering the following information into a SOHO wireless router, a mobile devices user
reports being unable to connect to the network:

  • A. WPA2-PSK requires a supplicant on the mobile device.
  • B. Hardware address filtering is blocking the device.
  • C. TCP/IP Port filtering has been implemented on the SOHO router.
  • D. IP address filtering has disabled the device from connecting.


Answer : B

Explanation: MAC filtering allows you to include or exclude computers and devices based on their MAC address.

Page 1