A system administrator has concerns regarding their users accessing systems and secured areas using others' credentials. Which of the following can BEST address this concern?
A. Enforce a policy shortening the credential expiration timeframe.
B. Create conduct policies prohibiting sharing credentials.
C. Implement biometric readers on laptops and restricted areas.
D. Install security cameras in areas containing sensitive systems.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
While rarely enforced, mandatory vacation policies are effective at uncovering:
A. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
B. Acts of incompetence by a systems engineer designing complex architectures as a member of a team.
C. Collusion between two employees who perform the same business function.
D. Help desk technicians with oversight by multiple supervisors and detailed quality control systems.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Which of the following BEST describes a SQL Injection attack?
A. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.
B. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.
C. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.
D. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following concepts are included on the three sides of the "security triangle"? (Select THREE).
A. Authentication
B. Authorization
C. Confidentiality
D. Integrity
E. Availability
F. Continuity
正解:C,D,E
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?
A. Application based IPS
B. Anomaly based IDS
C. Signature based IDS
D. Signature based IPS
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?
A. VLAN
B. DMZ
C. VPN
D. Subnet
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?
A. The file containing the private key.
B. The file containing the public key.
C. The file containing the recovery agent's keys.
D. The file containing the server's encrypted passwords.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced?
A. Non disclosure policy
B. Telecommuting policy
C. Acceptable use policy
D. Data ownership policy
正解:C
田中** -
JK0-022の問題集はとっってもわかりやすく、お猿さんでもわかるような内容になっています。これ一冊あれば十分に事足りると私は思いました。