NO.1 The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to
determine who may be responsible. Which of the following would be the BEST course of action?
A. Implement a single sign-on application on equipment with sensitive data and high-profile shares.
B. Enact a policy that employees must use their vacation time in a staggered schedule.
C. Create a single, shared user account for every system that is audited and logged based upon time
of use.
D. Separate employees into teams led by a person who acts as a single point of contact for
observation purposes.
Answer: B

JK0-022 Actual Test Exam Dumps
Explanation:
A policy that states employees should use their vacation time in a staggered schedule is a way of
employing mandatory vacations. A mandatory vacation policy requires all users to take time away
from work while others step in and do the work of that employee on vacation. This will afford the
CSO the opportunity to see who is using the company assets responsibly and who is abusing it.

NO.2 Which of the following allows an organization to store a sensitive PKI component with a
trusted third party?
A. Public Key Infrastructure
B. Private key
C. Key escrow
D. Trust model
Answer: C

JK0-022 Actual Test Exam Cram JK0-022 Actual Test Exam PDF
Explanation:
Sensitive PKI data, such as private keys, can be put into key escrow data. The key escrow data can be
kept at a trusted third party.
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow
so that, under certain circumstances, an authorized third party may gain access to those keys. These
third parties may include businesses, who may want access to employees' private communications,
or governments, who may wish to be able to view the contents of encrypted communications.

NO.3 Which of the following tools would allow Ann, the security administrator, to be able to BEST
quantify all traffic on her network?
A. Vulnerability scanner
B. Port scanner
C. Honeypot
D. Protocol analyzer
Answer: D


Explanation:
A Protocol Analyzer is a hardware device or more commonly a software program used to capture
network data communications sent between devices on a network. By capturing and analyzing the
packets sent between the systems on the network, Ann would be able to quantify the amount of
traffic on the network.
Well known software protocol analyzers include Message Analyzer (formerly Network Monitor)
from Microsoft and Wireshark (formerly Ethereal).

NO.4 Users have been reporting that their wireless access point is not functioning. They state that it
allows slow connections to the internet, but does not provide access to the internal network. The
user provides the SSID and the technician logs into the company's access point and finds no issues.
Which of the following should the technician do?
A. Change the access point from WPA2 to WEP to determine if the encryption is too strong
B. Clear all access logs from the AP to provide an up-to-date access list of connected users
C. Check the MAC address of the AP to which the users are connecting to determine if it is an
imposter
D. Reconfigure the access point so that it is blocking all inbound and outbound traffic as a
troubleshooting gap
Answer: C

JK0-022 Actual Test questions
Explanation:
The users may be connecting to a rogue access point. The rogue access point could be hosting a
wireless network that has the same SSID as the corporate wireless network. The only way to tell for
sure if the access point the users are connecting to is the correct one is to check the MAC address.
Every network card has a unique 48-bit address assigned. A media access control address (MAC
address) is a unique identifier assigned to network interfaces for communications on the physical
network segment. MAC addresses are used as a network address for most IEEE 802 network
technologies, including Ethernet and WiFi. Logically, MAC addresses are used in the media access
control protocol sublayer of the OSI reference model. MAC addresses are most often assigned by the
manufacturer of a network interface controller (NIC) and are stored in its hardware, such as the
card's read-only memory or some other firmware mechanism. If assigned by the manufacturer, a
MAC address usually encodes the manufacturer's registered identification number and may be
referred to as the burned-in address (BIA). It may also be known as an Ethernet hardware address
(EHA), hardware address or physical address. This can be contrasted to a programmed address,
where the host device issues commands to the NIC to use an arbitrary address. A network node may
have multiple NICs and each NIC must have a unique MAC address. MAC addresses are formed
according to the rules of one of three numbering name spaces managed by the Institute of Electrical
and Electronics Engineers (IEEE): MAC-48, EUI-48, and EUI-64.

NO.5 LDAP and Kerberos are commonly used for which of the following?
A. To store usernames and passwords for Federated Identity
B. To sign SSL wildcard certificates for subdomains
C. To perform queries on a directory service
D. To utilize single sign-on capabilities
Answer: D

JK0-022 Actual Test exam dumps
Explanation:
Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although
Kerberos can also be used.

NO.6 Which of the following provides data the best fault tolerance at the LOWEST cost?
A. Clustering
B. Load balancing
C. Server virtualization
D. RAID 6
Answer: D

JK0-022 Actual Test Dumps PDF JK0-022 Actual Test Dumps PDF
Explanation:
RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more
than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can
achieve fault tolerance using software which can be done using the existing hardware and software
thus representing the lowest cost option.

NO.7 Which of the following protocols allows for secure transfer of files? (Select TWO).
A. SNMP
B. SCP
C. ICMP
D. TFTP
E. SFTP
Answer: B,E

JK0-022 Actual Test Test Questions
Explanation:
Standard FTP is a protocol often used to move files between one system and another either over the
Internet or within private networks. SFTP is a secured alternative to standard FTP. Secure Copy
Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).

NO.8 The main corporate website has a service level agreement that requires availability 100% of the
time, even in the case of a disaster. Which of the following would be required to meet this demand?
A. Localized clustering of the datacenter
B. Geographically disparate site redundant datacenter
C. Warm site implementation for the datacenter
D. Cold site implementation for the datacenter
Answer: B


Explanation:
Data backups, redundant systems, and disaster recovery plans all support availability. AN in this case
a geographically disparate site redundant datacenter represents 100% availability regardless of
whether a disaster event occurs.

ITCertKey have the latest CompTIA certification JK0-022 Actual Test training materials. The industrious ITCertKey's IT experts through their own expertise and experience continuously produce the latest CompTIA JK0-022 Actual Test training materials to facilitate IT professionals to pass the CompTIA certification JK0-022 Actual Test. The certification of CompTIA JK0-022 Actual Test more and more valuable in the IT area and a lot people use the products of ITCertKey to pass CompTIA certification JK0-022 Actual Test. Through so many feedbacks of these products, our ITCertKey products prove to be trusted.

Do you think it is difficult to success? Do you think it is difficult to pass IT certification exam? Are you worrying about how to pass CompTIA JK0-022 Actual Test? I think it is completely unnecessary. IT certification exam is not mysterious as you think and we can make use of learning tools to pass the exam. As long as you choose the proper learning tools, success is a simple matter. Do you want to know what tools is the best? ITCertKey CompTIA JK0-022 Actual Test materials are your best learning tools. ITCertKey exam dumps collect and analysis many outstanding questions that have come up in the past exam. According to the latest syllabus, the dumps add many new questions and it can guarantee you pass the exam at the first attempt.

Exam Code: JK0-022 Actual Test
Exam Name: CompTIA Academic/E2C Security+ Certification Exam Voucher Only
One year free update, No help, Full refund!
JK0-022 Actual Test Practice Exam Total Q&A: 1149 Questions and Answers
Last Update: 12-23,2015

JK0-022 Actual Test VCE Dumps Detail : JK0-022 Actual Test Practice Exam

ITCertKey offer the latest 412-79v8 exam material and high-quality M6040-419 pdf questions & answers. Our 70-981 VCE testing engine and CAT-221 study guide can help you pass the real exam. High-quality H13-622 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.