220-902 Dumps

1
Want to Know How To Pass CompTIA 220-902 exam
2
You Need To Know Something About CompTIA 220-902
Exam?

• Job Opportunities ?
• How To Prepare The 220-902 Exam?
• How To Pass 220-902 Exam?
• Sample Questions

https//www.certs4you.com/comptia/220-902-dumps.ht
ml
3
Will Help You To Prepare The Exam
Visit Us
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
4
How to Pass 220-902 Exam Dumps
Click Here
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
5
Here Are CompTIA 220-902 Exam Questions
6
Question No 1
Which of the following is a hardware requirement
that either an IDS/IPS system or a proxy server
must have in order to properly function? A. Fast
processor to help with network traffic
analysis B. They must be dual-homed C. Similar
RAM requirements D. Fast network interface
cards Answer B
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
7
Question No 2
In order to show improvement of security over
time, what must be developed? A. Reports B.
Testing tools C. Metrics D. Taxonomy of
vulnerabilities Answer C
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
8
Question No 3
Passive reconnaissance involves collecting
information through which of the following? A.
Social engineering B. Network traffic sniffing C.
Man in the middle attacks D. Publicly accessible
sources Answer D
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
9
Question No 4
How can rainbow tables be defeated? A. Password
salting B. Use of non-dictionary words C. All
uppercase character passwords D. Lockout accounts
under brute force password cracking
attempts Answer A
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
10
Question No 5
An NMAP scan of a server shows port 25 is open.
What risk could this pose? A. Open printer
sharing B. Web portal data leak C. Clear text
authentication D. Active mail relay Answer D
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
11
Question No 6
What type of OS fingerprinting technique sends
specially crafted packets to the remote OS and
analyzes the received response? A. Passive B.
Reflective C. Active D. Distributive Answer C
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
12
Question No 7
Which of the following lists are valid
data-gathering activities associated with a risk
assessment? A. Threat identification,
vulnerability identification, control analysis B.
Threat identification, response identification,
mitigation identification C. Attack profile,
defense profile, loss profile D. System profile,
vulnerability identification, security
determination Answer A
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
13
Question No 8
Which system consists of a publicly available set
of databases that contain domain name
registration contact information? A. WHOIS B.
IANA C. CAPTCHA D. IETF Answer A
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
14
Question No 9
A penetration tester was hired to perform a
penetration test for a bank. The tester began
searching for IP ranges owned by the bank,
performing lookups on the bank's DNS servers,
reading news articles online about the bank,
watching what times the bank employees come into
work and leave from work, searching the bank's
job postings (paying special attention to IT
related jobs), and visiting the local dumpster
for the bank's corporate office. What phase of
the penetration test is the tester currently
in? A. Information reporting B. Vulnerability
assessment C. Active information gathering D.
Passive information gathering Answer D
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
15
Question No 10
An NMAP scan of a server shows port 69 is open.
What risk could this pose? A. Unauthenticated
access B. Weak SSL version C. Cleartext login D.
Web portal data leak Answer A
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
16
20 Off
By Use This Coupon Code 4yc20
https//www.certs4you.com/comptia/220-902-dumps.ht
ml
17
Thank You For More Information Visit
Us _at_https//www.certs4you.com/comptia/220-902-dump
s.html