351-400

Question 1

When implementing fire suppression controls in a datacenter it is important to:

Answer 1

B.
Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.

Water-based systems can cause serious damage to all electrical equipment and the sprinkler lines in a fire suppression control system should be placed in such a way so as not to leak onto computers, when it gets activated, because it works with overhead nozzles.

Question 2

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

Answer 2

D.
EMI shielding

EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. Thus, all wiring should be shielded to mitigate data theft.

Question 3

Which of the following includes environmental control measures?

Answer 3

D.
EMI shielding

Environmental controls include HVAC, Fire Suppression, EMI Shielding, Hot and Cold Aisles, Environmental monitoring as well as Temperature and Humidity controls.

Question 4

When a new network drop was installed, the cable was run across several fluorescent lights. The users of the new network drop experience intermittent connectivity.

Which of the following environmental controls was MOST likely overlooked during installation?

Answer 4

B.

EMI shielding

Question 5

The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked.

Which of the following datacenter elements is being designed?

Answer 5

A.
Hot and cold aisles

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation.

Infrared cameras are heat detection measures, thus, it is hot and cold aisle design elements.

Question 6

Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?

Answer 6

D.

Hot or cool aisle containment

Question 7

Which of the following results in datacenters with failed humidity controls? (Choose two.)

Answer 7

B.
Electrostatic charge

D.
Condensation

Question 8

The datacenter manager is reviewing a problem with a humidity factor that is too low.

Which of the following environmental problems may occur?

Answer 8

B.
Static electricity

Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock.

Question 9

A technician is investigating intermittent switch degradation. The issue only seems to occur when the building’s roof air conditioning system runs.

Which of the following would reduce the connectivity issues?

Answer 9

C.
Shielding

EMI can cause circuit overload, spikes, or even electrical component failure. In the question it is mentioned that switch degradation occurs when the building’s roof air-conditioning system is also running. All electromechanical systems emanate EMI. Thus, you could alleviate the problem using EMI shielding.

Question 10

Drag the items on the left to show the different types of security for the shown devices. Not all fields need to be filled. Not all items need to be used.

Answer 10

SEE QUESTION 360 FOR ANSWER

Question 11

You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan-Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.

Answer 11

SEE QUESTION 361 FOR ANSWER

Question 12

A malicious person gained access to a datacenter by ripping the proximity badge reader off the wall near the datacenter entrance. This caused the electronic locks on the datacenter door to release because the:

Answer 12

B.
system was designed to fail open for life-safety.

It describes a design the lock to fail open for life safety, causing the door to stay open when power is lost – in this case the proximity badge reader was ripped off the wall.

Question 13

A company is trying to implement physical deterrent controls to improve the overall security posture of their data center.

Which of the following BEST meets their goal?

Answer 13

C.

Hardware locks

Question 14

Pete, an IT Administrator, needs to secure his server room.

Which of the following mitigation methods would provide the MOST physical protection?

Answer 14

B.

Mantrap

Question 15

Visitors entering a building are required to close the back door before the front door of the same entry room is open.

Which of the following is being described?

Answer 15

D.

Mantrap

Question 16

A company is installing a new security measure that would allow one person at a time to be authenticated to an area without human interaction.

Which of the following does this describe?

Answer 16

B.
Mantrap

Mantraps make use of electronic locks and are designed to allow you to limit the amount of individual allowed access to an area at any one time.

Question 17

Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas.

Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?

Answer 17

B.
Video surveillance

Video surveillance is making use of a camera, or CCTV that is able to record everything it sees and is always running. This way you will be able to check exactly who enters secure areas.

Question 18

A datacenter requires that staff be able to identify whether or not items have been removed from the facility.

Which of the following controls will allow the organization to provide automated notification of item removal?

Answer 18

C.
RFID

RFID is radio frequency identification that works with readers that work with 13.56 MHz smart cards and 125 kHz proximity cards and can open turnstiles, gates, and any other physical security safeguards once the signal is read. Fitting out the equipment with RFID will allow you to provide automated notification of item removal in the event of any of the equipped items is taken off the premises.

Question 19

Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft.

Which of the following MUST be prevented in order for this policy to be effective?

Answer 19

D.
Tailgating

Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. This should be prevented in this case.

Question 20

Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition.

Which of the following will address this requirement?

Answer 20

B.
Place a guard at the entrance to approve access.

A guard can be instructed to deny access until authentication has occurred will address the situation adequately.

Question 21

A security administrator wants to deploy a physical security control to limit an individual’s access into a sensitive area.

Which of the following should be implemented?

Answer 21

A.
Guards

A guard can be intimidating and respond to a situation and in a case where you want to limit an individual’s access to a sensitive area a guard would be the most effective.

Question 22

After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos.

Which of the following security measures can be put in place to mitigate the issue from occurring in the future?

Answer 22

D.
Bollards

To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures. Bollards are physical barriers that are strong enough to withstand impact with a vehicle.

Question 23

A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials.

Which of the following can BEST address this concern?

Answer 23

C.
Implement biometric readers on laptops and restricted areas.

Biometrics is an authentication process that makes use of physical characteristics to establish identification. This will prevent users making use of others credentials.

Question 24

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Answer 24

D.

Disabling unnecessary services

Question 25

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function.

Which of the following is the ALE of this server?

Answer 25

B.
$5,000

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.
(5000 x 10) x 0.1 = 5000

Question 26

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%.

Which of the following is the ALE that Sara should report to management for a security breach?

Answer 26

B.
$3,750

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.

SLE = 250 x $300; ARO = 5%

$75000 x 0.05 = $3750

Question 27

An advantage of virtualizing servers, databases, and office applications is:

Answer 27

A.
Centralized management.

Virtualization consists of allowing one set of hardware to host multiple virtual Machines and in the case of software and applications; one host is all that is required. This makes centralized management a better prospect.

Question 28

Which of the following tasks should key elements of a business impact analysis include?

Answer 28

D.
Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

Question 29

A security administrator is tasked with calculating the total ALE on servers. In a two-year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000.

Which of the following is the ALE for the company?

Answer 29

C.
$17,500

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.

SLE = ($4000 + $3000) x 5 = $35000

ARO = 2 years Thus per year it would be 50% = 0,5

The ALE is thus $35000 x 0.5 = $17500

Question 30

In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service.

Which of the following would include the MOST detail on these objectives?

Answer 30

A.

Business Impact Analysis

Question 31

Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Choose two.)

Answer 31

B.
ALE

C.
SLE

ALE (Annual Loss Expectancy) is equal to the SLE (Single Loss Expectancy) times the annualized rate of occurrence. SLE (Single Loss Expectancy) is equal to asset value (AV) times exposure factor (EF).

Question 32

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum.

Which of the following documents is the CIO MOST likely updating?

Answer 32

D.
Business impact analysis

Business impact analysis (BIA) is the process of evaluating all of the critical systems in an organization to define impact and recovery plans. BIA isn’t concerned with external threats or vulnerabilities; the analysis focuses on the impact a loss would have on the organization. A BIA comprises the following: identifying critical functions, prioritizing critical business functions, calculating a timeframe for critical systems loss, and estimating the tangible impact on the organization.

Question 33

A network administrator has recently updated their network devices to ensure redundancy is in place so that:

Answer 33

C.
single points of failure are removed.

Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction. The best way to remove an SPOF from your environment is to add redundancy.

Question 34

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections.

Which of the following is MOST likely the reason for this recommendation? (Choose two.)

Answer 34

B.
To allow for business continuity if one provider goes out of business

C.
To eliminate a single point of failure

A high-speed internet connection to a second data provider could be used to keep an up-to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site.
Note: Recovery Time Objective
The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation.

Question 35

Which of the following utilities can be used in Linux to view a list of users’ failed authentication attempts?

Answer 35

B.
faillog

var/log/faillog - This Linux log file contains failed user logins. You’ll find this log useful when tracking attempts to crack into your system.
/var/log/apport.log This log records application crashes. Sometimes these can reveal attempts to compromise the system or the presence of a virus or spyware.

Question 36

Which of the following risks could IT management be mitigating by removing an all-in-one device?

Answer 36

C.
Single point of failure

The major disadvantage of combining everything into one, although you do this to save costs, is to include a potential single point of failure and the reliance/dependence on a single vendor.

Question 37

Which of the following risk concepts requires an organization to determine the number of failures per year?

Answer 37

B.
ALE

ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.

Question 38

Upper management decides which risk to mitigate based on cost. This is an example of:

Answer 38

D.
Quantitative risk assessment

Quantitative analysis / assessment is used to the show the logic and cost savings in replacing a server for example before it fails rather than after the failure. Quantitative assessments assign a dollar amount.

Question 39

Corporate IM presents multiple concerns to enterprise IT.

Which of the following concerns should Jane, the IT security manager, ensure are under control? (Choose three.)

Answer 39

B.
Data leakage

C.
Compliance

D.
Malware

In a joint enterprise, data may be combined from both organizations. It must be determined, in advance, who is responsible for that data and how the data backups will be managed. Data leakage, compliance and Malware issues are all issues concerning data ownership and backup which are both impacted on by corporate IM.

Question 40

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

Answer 40

C.
Continuity of operations plan

Continuity of operations plan is the effort to ensure the continued performance of critical business functions during a wide range of potential emergencies.

Question 41

A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days.

Which of the following is the plan describing?

Answer 41

C.

Systems should be restored within six hours with a minimum of two days’ worth of data.

Question 42

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability.

Which of the following would be Pete’s BEST option?

Answer 42

A.

Use hardware already at an offsite location and configure it to be quickly utilized.

Question 43

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site.

Which of the following types of tests is this?

Answer 43

A.
Structured walkthrough

A structured walkthrough test of a recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required.

Question 44

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Choose two.)

Answer 44

A.
Methods and templates to respond to press requests, institutional and regulatory reporting requirements.

B.
Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.

Question 45

After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?

Answer 45

B.
Disaster recovery plan

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.

Question 46

Which of the following concepts defines the requirement for data availability?

Answer 46

C.
Disaster recovery planning

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.

Question 47

Which of the following is the MOST specific plan for various problems that can arise within a system?

Answer 47

D.
IT Contingency Plan

An IT contingency plan would focus on the IT aspect in particular to ensure business continuity.

Question 48

Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours.

Which of the following should Joe take into consideration?

Answer 48

D.
A back-out strategy planned out anticipating any unforeseen problems that may arise.

A backout is a reversion from a change that had negative consequences. It could be, for example, that everything was working fine until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied.

Backout plans can include uninstalling service packs, hotfixes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout.

Question 49

Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?

Answer 49

D.
Succession planning

Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.

Question 50

Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations.

Which of the following would need to be in place in case something happens to Pete?

Answer 50

A.
Succession planning

Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.