Technicians know the instruments and test setups. Engineers need good writing and verbal skills. Technicians need to know the CompTIA JK0-022 of real measurements. If you want to succeed as part of your work and even acquire change among the different opposition then simply can come together with adhere to each of our Flydumps CompTIA JK0-022 exam sample questions. All applicants have to be competent in the fundamentals, i.e., Flydumps CompTIA JK0-022 exam sample questions, as well as the specifications which apply to their particular specialty. Flydumps CompTIA JK0-022 exam sample questions, CompTIA https://www.pass4itsure.com/jk0-022.html Exam has unified the performance tiers into a single file system, consolidating its compositing, computer graphics and stop motion workflows onto a single, shared storage resource, streamlining production operations and improving IT efficiency.
QUESTION 1
Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?
A. 21/UDP
B. 21/TCP
C. 22/UDP
D. 22/TCP
Correct Answer: D Explanation
Explanation/Reference:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Incorrect Answers:
A, C: FTP ,and SSH do not make use of UDP ports.
B: FTP uses TCP port 21.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51.
QUESTION 2
A network administrator is asked to send a large file containing PII to a business associate.
Which of the following protocols is the BEST choice to use?
A. SSH
B. SFTP
C. SMTP
D. FTP
Correct Answer: B Explanation
Explanation/Reference:
SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server.
Incorrect Answers:
A: SSH is employed by SFTP.
C: SMTP is the email-forwarding protocol used on the Internet and intranets.
D: Standard FTP does not provide any confidentiality protection because it sends all data in the clear.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 49, 50.
QUESTION 3
Which of the following is a difference between TFTP and FTP?
A. TFTP is slower than FTP.
B. TFTP is more secure than FTP.
C. TFTP utilizes TCP and FTP uses UDP.
D. TFTP utilizes UDP and FTP uses TCP.
Correct Answer: D Explanation
Explanation/Reference:
FTP employs TCP ports 20 and 21 to establish and maintain client-to-server communications, whereas TFTP makes use of UDP port 69.
Incorrect Answers:
A: UDP is faster than TCP is because there is no form of flow control or error correction.
B: TFTP requires no authentication, whereas FTP allows authenticated connections.
C: As stated above, FTP employs TCP ports 20 and 21 and TFTP makes use of UDP port 69.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 49, 50.
http://www.skullbox.net/tcpudp.php
QUESTION 4
Which of the following is the default port for TFTP?
A. 20
B. 69
C. 21
D. 68
Correct Answer: B Explanation
Explanation/Reference:
TFTP makes use of UDP port 69.
Incorrect Answers:
A, C: FTP (File Transfer Protocol) uses ports 20 and 21
D: Port 68 TCP/UDP is used by Bootstrap Protocol (BOOTP) Client; as well Dynamic Host Configuration Protocol (DHCP).
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 5
A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal?
A. Block port 23 on the L2 switch at each remote site
B. Block port 23 on the network firewall
C. Block port 25 on the L2 switch at each remote site
D. Block port 25 on the network firewall
Correct Answer: B Explanation
Explanation/Reference:
Telnet is a terminal-emulation network application that supports remote connectivity for executing commands and running applications but doesn’t support transfer
of fi les. Telnet uses TCP port 23. Because it’s a clear text protocol and service, it should be avoided and replaced with SSH.
Incorrect Answers:
A, C: L2 switches may interconnect a small number of devices in a home or the office. They are normally used for LANs.
D: Port 25 is used by Simple Mail Transfer Protocol (SMTP) for e-mail routing between mail servers.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51.
http://en.wikipedia.org/wiki/Network_switch#Layer_2
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 6
A security analyst noticed a colleague typing the following command:
`Telnet some-host 443′
Which of the following was the colleague performing?
A. A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.
B. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.
C. Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.
D. A mistaken port being entered because telnet servers typically do not listen on port 443.
Correct Answer: B Explanation
Explanation/Reference:
B: The Telnet program parameters are: telnet <hostname> <port> <hostname> is the name or IP address of the remote server to connect to. <port> is the port number of the service to use for the connection. TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL port. By running the Telnet some-host 443 command, the security analyst is checking that routing is done properly and not blocked by a firewall.
Incorrect Answers:
A: The telnet command parameter used by the colleague is done to check what service is running, i.e. HTTPS, not an attempt to get a denial of service attack.
C: TCP port 443 will not allow an insecure remote session because is the default SSL port.
D: TCP port 443 is the default SSL port and SSH makes use of TCP port 22.
References:
https://support.microsoft.com/en-us/kb/290051
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 83.
QUESTION 7
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?
A. ICMP
B. BGP
C. NetBIOS
D. DNS
Correct Answer: C Explanation
Explanation/Reference:
The LMHOSTS file provides a NetBIOS name resolution method that can be used for small networks that do not use a WINS server. NetBIOS has been adapted to run on top of TCP/IP, and is still extensively used for name resolution and registration in Windows-based environments.
Incorrect Answers:
A: Internet Control Message Protocol (ICMP) is a network health and link-testing protocol that is commonly used by tools such as ping, traceroute, and pathping. It
is not include in the LMHOSTS file.
B: Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous
systems (AS) on the Internet. It is not include in the LMHOSTS file.
C: Domain Name System (DNS) distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative
name servers for each domain.
It is not include in the LMHOSTS file.
References: https://technet.microsoft.com/library/Cc977602 http://en.wikipedia.org/wiki/Border_Gateway_Protocol http://en.wikipedia.org/wiki/Domain_Name_System
QUESTION 8
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port
389. Which of the following authentication services should be used on this port by default?
A. RADIUS
B. Kerberos
C. TACACS+
D. LDAP
Correct Answer: D Explanation
Explanation/Reference:
LDAP makes use of port 389.
Incorrect Answers:
A: RADIUS makes use of various UDP ports.
B: Kerberos makes use of port 88.
C: TACACS makes use of TCP port 49 by default.
References: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 9
A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?
A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP
B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS
C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS
D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS
Correct Answer: B Explanation
Explanation/Reference:
The question states that traffic on port 21, 69, 80, and 137-139 is blocked, while ports 22 and 443 are allowed.
Port 21 is used for FTP by default.
Port 69 is used for TFTP.
Port 80 is used for HTTP.
Ports 137-139 are used for NetBIOS.
VMM uses SFTP over default port 22.
Port 22 is used for SSH by default.
SCP runs over TCP port 22 by default.
Port 443 is used for HTTPS.
Incorrect Answers:
A: FTP uses port 21, which is blocked.
C: SFTP uses port 22, which is allowed.
D: HTTPS uses port 443, which is allowed. NetBIOS uses ports 137-139, which is blocked.
References:
https://technet.microsoft.com/en-us/library/dd548299.aspx https://technet.microsoft.com/en-us/library/hh545212(v=sc.20).aspx https://technet.microsoft.com/en-us/
library/dd425238(v=office.13).aspx https://technet.microsoft.com/en-us/library/hh427328.aspx
QUESTION 10
A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO).
A. UDP 1723
B. TCP 500
C. TCP 1723
D. UDP 47
E. TCP 47
Correct Answer: CD Explanation
Explanation/Reference:
A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a second GRE tunnel to
the same peer. The PPTP GRE packet format is non-standard, including an additional acknowledgement field replacing the typical routing field in the GRE header.
However, as in a normal GRE connection, those modified GRE packets are directly encapsulated into IP packets, and seen as IP protocol number 47.
Incorrect Answers:
A, E: PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
B: TCP port 500 is used by the Internet Security Association and Key Management Protocol (ISAKMP) References: http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 11
After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?
A. 25
B. 68
C. 80
D. 443
Correct Answer: B Explanation
Explanation/Reference:
The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks for distributing IP addresses for interfaces and services. DHCP makes use of port 68.
Incorrect Answers: A: SMTP makes use of port 25.
C: HTTP makes use of port 80.
D: HTTPS makes use of port 443
References:
http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 12
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?
A. 20
B. 21
C. 22
D. 23
Correct Answer: B Explanation
Explanation/Reference:
When establishing an FTP session, clients start a connection to an FTP server that listens on TCP port 21 by default.
Incorrect Answers:
A: FTP uses port 20, but it is not the default port.
C: SSH uses TCP port 22.
D: Telnet uses port 23.
References:
http://compnetworking.about.com/od/tcpip/p/port-numbers-21-ftp.htm http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 13
Which of the following ports is used for SSH, by default?
A. 23
B. 32
C. 12
D. 22
Correct Answer: D Explanation
Explanation/Reference:
Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command- line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
Incorrect Answers:
A: Port 23 is used by the Telnet protocol, not by SSH.
B: Port 32 is an unassigned port.
C: Port 12 is an unassigned port.
References: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers http://en.wikipedia.org/wiki/Secure_Shell http://www.planetlinks.com/tec236/notes-terms/4-10-06/default-tcp-ports-list.html
QUESTION 14
By default, which of the following uses TCP port 22? (Select THREE).
A. FTPS
B. STELNET
C. TLS
D. SCP
E. SSL
F. HTTPS
G. SSH
H. SFTP
Correct Answer: DGH Explanation
Explanation/Reference:
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command- line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.
Incorrect Answers:
A: FTPS stands for File Transfer Protocol Secure. FTPS is similar to SFTP in that it is used to securely transfer files. The difference between the two is the encryption protocol used. FTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
B: STelnet stands for secure telnet. STelnet uses SSL by default and therefore uses port 443.
C: TLS (Transport Layer Security) is a successor to SSL and uses port 443.
E: SSL (Secure Sockets Layer) uses port 443.
F: HTTPS (Hypertext transfer protocol secure) is used by web sites to encrypt and security transmit data. HTTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
References: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 15
Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?
A. TCP 23
B. UDP 69
C. TCP 22
D. TCP 21
Correct Answer: C Explanation
Explanation/Reference:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).
Incorrect Answers:
A: Telnet uses port 23.
B: Port 69 is used by TFTP.
D: Port 21 is used by FTP.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 51.
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 16
Which of the following uses port 22 by default? (Select THREE).
A. SSH
B. SSL
C. TLS
D. SFTP
E. SCP
F. FTPS
G. SMTP
H. SNMP
Correct Answer: ADE Explanation
Explanation/Reference:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Incorrect Answers:
B: SSL operates over TCP port 443.
C: TLS can operate over TCP ports 443 and 80.
F: FTPS uses ports 989 and 990.
G: SMTP uses TCP port 25.
H: SNMP makes use of UDP ports 161 and 162.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 45, 51.
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 17
Which of the following ports should be used by a system administrator to securely manage a remote server?
A. 22
B. 69
C. 137
D. 445
Correct Answer: A Explanation
Explanation/Reference:
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command- line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.
Incorrect Answers:
B: Port 69 is used by TFTP.
C: NetBIOS uses port 137.
D: Port 445 is used by Microsoft-DS.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 51.
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 18
Which of the following ports is used to securely transfer files between remote UNIX systems?
A. 21
B. 22
C. 69
D. 445
Correct Answer: B Explanation
Explanation/Reference:
SCP copies files securely between hosts on a network. It uses SSH for data transfer, and uses the same authentication and provides the same security as SSH. Unlike RCP, SCP will ask for passwords or passphrases if they are needed for authentication. SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Incorrect Answers:
A: Port 21 is used by FTP.
C: Port 69 is used by TFTP.
D: Port 445 is used by Microsoft-DS.
References: http://www.computerhope.com/unix/scp.htm Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 19
Which of the following secure file transfer methods uses port 22 by default?
A. FTPS
B. SFTP
C. SSL
D. S/MIME
Correct Answer: B Explanation
Explanation/Reference:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Incorrect Answers:
A: FTPS uses ports 989 and 990.
C: SSL operates over TCP port 443.
D: S/MIME is an Internet standard for encrypting and digitally signing e-mail.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 45, 51, 313.
QUESTION 20
During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic?
A. FTP
B. DNS
C. Email
D. NetBIOS
Correct Answer: B Explanation
Explanation/Reference:
DNS (Domain Name System) uses port 53.
Incorrect Answers:
A: FTP (File Transfer Protocol) uses ports 20 and 21, not port 53.
C: Email uses multiple ports depending on what aspect of `email’ we’re talking about. For example SMTP (Simple Mail Transfer Protocol) used for sending email uses port 25. POP3 and IMAP, two methods of accessing and downloading email use ports 110 and 143 respectively.
D: NetBIOS uses ports 137, 138 and 139.
References: http://en.wikipedia.org/wiki/Domain_Name_System http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 21
A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO).
A. TCP 21
B. TCP 23
C. TCP 53
D. UDP 23
E. UDP 53
Correct Answer: CE Explanation
Explanation/Reference:
DNS uses TCP and UDP port 53. TCP port 53 is used for zone transfers, whereas UDP port 53 is used for queries.
Incorrect Answers:
A:
FTP uses TCP port 21.
B.
D: Telnet uses port 23.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 51. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 22
A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?
A. HTTP
B. DHCP
C. DNS
D. NetBIOS
Correct Answer: C Explanation
Explanation/Reference:
DNS links IP addresses and human-friendly fully qualified domain names (FQDNs), which are made up of the Top-level domain (TLD), the registered domain name, and the Subdomain or hostname.
Therefore, if the DNS ports are blocked websites will not be reachable.
Incorrect Answers:
A: HTTP is responsible for the transmission of HTML documents and embedded multimedia components.
B: Dynamic Host Configuration Protocol (DHCP) allows DHCP servers to assign, or lease, IP addresses to computers and other devices that are enabled as DHCP clients.
D: NetBIOS is a program that allows applications on different computers to communicate within a local area network (LAN).
References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 46. https://technet.microsoft.com/en-us/library/cc896553 (v=ws.10).aspx http://en.wikipedia.org/wiki/NetBIOS
QUESTION 23
Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites?
A. 21
B. 25
C. 80
D. 3389
Correct Answer: C Explanation
Explanation/Reference:
Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web.
Incorrect Answers:
A: FTP uses TCP port 21.
B: SMTP uses TCP port 25.
D: Remote Desktop Protocol (RDP) uses TCP port 3389.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 51, 52.
QUESTION 24
A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).
A. 22
B. 135
C. 137
D. 143
E. 443
F. 3389
Correct Answer: AF Explanation
Explanation/Reference:
A secure remote administration solution and Remote Desktop protocol is required. Secure Shell (SSH) is a secure remote administration solution and makes use
of TCP port 22.
Remote Desktop Protocol (RDP) uses TCP port 3389.
Incorrect Answers:
B: Port 135 is used by Microsoft EPMAP (End Point Mapper), also known as DCE/RPC Locator service, which is used to remotely manage services including DHCP server, DNS server and WINS.
C: NetBIOS Name Service uses TCP port 137.
D: Internet Message Access Protocol v4 (IMAP4) uses TCP port 143.
E: HTTPS uses TCP port 443
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 51, 52.
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
QUESTION 25
Ann, a technician, is attempting to establish a remote terminal session to an end user’s computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open?
A. 22
B. 139
C. 443
D. 3389
Correct Answer: D Explanation
Explanation/Reference:
Remote Desktop Protocol (RDP) uses TCP port 3389.
Incorrect Answers:
A: SSH uses TCP port 22. All protocols encrypted by SSH also use TCP port 22, such as SFTP, SHTTP, SCP, SExec, and slogin.
B: NetBIOS Session service uses TCP port 139.
C: HTTPS uses TCP port 443
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 51, 52.
QUESTION 26
Which of the following protocols operates at the HIGHEST level of the OSI model?
A. ICMP
B. IPSec
C. SCP
D. TCP
Correct Answer: C Explanation
Explanation/Reference:
SCP (Secure Copy) uses SSH (Secure Shell). SSH runs in the application layer (layer 7) of the OSI model.
Incorrect Answers:
A: ICMP (Internet Control Message Protocol) works in the network layer (Layer 3) of the OSI model.
B: IPSec (Internet Protocol Security) works in the network layer (Layer 3) of the OSI model.
D: TCP (Transmission Control Protocol) works in the transport layer (Layer 4) of the OSI model.
References: http://www.rhyshaden.com/osi.htm http://en.wikipedia.org/wiki/List_of_network_protocols_%28OSI_model%29 http://en.wikipedia.org/wiki/OSI_model
QUESTION 27
Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation?
A. Implement WPA
B. Disable SSID
C. Adjust antenna placement
D. Implement WEP
Correct Answer: A Explanation
Explanation/Reference:
Of the options supplied, WiFi Protected Access (WPA) is the most secure and is the replacement for WEP.
Incorrect Answers:
B: Disabling the SSID will only hide the wireless network, and is not more secure than WPA.
C: This will increase or decrease signal strength and availability, but will not make the network secure.
D: WEP was replaced by WPA to offer a more secure solution.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 59- 62.
QUESTION 28
A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place?
A. IV attack
B. WEP cracking
C. WPA cracking
D. Rogue AP
Correct Answer: C Explanation
Explanation/Reference:
There are three steps to penetrating a WPA-protected network. Sniffing Parsing Attacking Incorrect Answers:
A: Packet sniffing is not used for an IV attack.
B: WEP provides protection from packet sniffing and eavesdropping against wireless transmissions
D: Packet sniffing is not used for the Rogue AP.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 64, 189, 192.
www.tomshardware.com/reviews/wireless-security-hack,2981-6.html
QUESTION 29
Which of the following is a step in deploying a WPA2-Enterprise wireless network?
A. Install a token on the authentication server
B. Install a DHCP server on the authentication server
C. Install an encryption key on the authentication server
D. Install a digital certificate on the authentication server
Correct Answer: D Explanation
Explanation/Reference:
When setting up a wireless network, you’ll find two very different modes of Wi-Fi Protected Access (WPA) security, which apply to both the WPA and WPA2 versions. The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK) mode. It doesn’t require anything beyond the wireless router or access points (APs) and uses a single passphrase or password for all users/devices.
The other is the Enterprise mode –which should be used by businesses and organizations–and is also known as the RADIUS, 802.1X, 802.11i, or EAP mode. It provides better security and key management, and supports other enterprise-type functionality, such as VLANs and NAP. However, it requires an external authentication server, called a Remote Authentication Dial In User Service (RADIUS) server to handle the 802.1X authentication of users.
To help you better understand the process of setting up WPA/WPA2-Enterprise and 802.1X, here’s the basic overall steps: Choose, install, and configure a RADIUS server, or use a hosted service. Create a certificate authority (CA), so you can issue and install a digital certificate onto the RADIUS server, which may be done as a part of the RADIUS server installation and configuration. Alternatively, you could purchase a digital certificate from a public CA, such as GoDaddy or Verisign, so you don’t have to install the server certificate on all the clients. If using EAP-TLS, you’d also create digital certificates for each end-user. On the server, populate the RADIUS client database with the IP address and shared secret for each AP. On the server, populate user data with usernames and passwords for each end-user. On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS server IP address and the shared secret you created for that particular AP. On each Wi-Fi computer and device, configure the security for WPA/WPA2- Enterprise and set the 802.1X authentication settings.
Incorrect Answers:
A: A token is not required on the authentication server when configuring WPA-Enterprise.
B: DHCP (Dynamic Host Configuration Protocol) does not have to be installed on the authentication server. You don’t have to use DHCP at all although it is easier if you do. However, DHCP is usually configured on a dedicated device, not on the authentication server.
C: You don’t install an encryption key on the authentication server when configuring WPA- Enterprise. You install a digital certificate. The private key of the certificate is then used to create secure connections.
References:
http://www.windowsnetworking.com/articles-tutorials/wireless-networking/Deploying-WPA2- Enterprise-Wi-Fi-Security-Small-Businesses.html
QUESTION 30
A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption.
Which of the following should be implemented?
A. WPA2-CCMP with 802.1X
B. WPA2-PSK
C. WPA2-CCMP
D. WPA2-Enterprise
Correct Answer: D Explanation
Explanation/Reference:
D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security (e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts.
Incorrect Answers:
A & C: CCMP is a block cipher that makes use of a 128 bit key. CCMP provides the following security services: Data confidentiality; ensures only authorized
parties can access the information; Authentication; provides proof of genuineness of the user; Access control in conjunction with layer management. However,
WPA2 includes support for CCMP.
B: EAP-PSK is documented in an experimental RFC that provides a lightweight and extensible EAP method that does not require any public-key cryptography.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 145, 172, 182.
All our Cisco products are up to date! When you buy any CompTIA JK0-022 product from Certpaper, as “CompTIA JK0-022 Questions & Answers with explanations”,you are automatically offered the CompTIA JK0-022 updates for a total of 90 days from the day you bought it.If you want to renew your CompTIA https://www.pass4itsure.com/jk0-022.html Certification purchase during the period of these 90 days,your CompTIA JK0-022 Certification product is renewed and you are further enabled to enjoy the free Cisco updates.