Architecture and Design (1) Flashcards

1
Q

Bobby’s management has asked him to explore an alternate site solution that can be operational somewhat quickly when needed but does not require duplication of the primary network. What is the best solution?

Hot site

Cold site

Warm site

A

Warm site

A warm site is Bobby’s best choice, as it can be prewired for systems to become operational quickly but still requires systems to be moved or purchased if a disaster does occur

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

__________ is a data protection approach that obfuscates sensitive data by substituting it with a different value (“dummy” value), available to unauthorized users.

Data masking

Data obfuscation

Data transference

A

Data masking

Data masking is a data protection approach that obfuscates sensitive data by substituting it with a different value (“dummy” value), available to unauthorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SAN storage security often implements the concept of __________, which allows segmentation of data by classifications and restriction of that data by device.

masking

encryption

zones

A

zones

Storage area network (SAN) storage security often implements the concept of zones, which allows segmentation of data by classifications and restriction of that data by device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Barbara needs to destroy a set of sensitive printed documents. Her management tasks her to find the most secure solution, as shredding is not up to standard. Which of the following is the best option?

Degaussing

Pulverizing

Washing

A

Pulverizing

Of the options presented, pulverizing, which would reduce the printed documents to dust, is the best option

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have been tasked by your manager with performing an evaluation of the benefits of using virtualization in your quality assurance (QA) testing environment. Which of the following is an advantage of using virtual machines in terms of security and cost efficiency?

It reduces the need to install operating system software updates.

Multiple operating systems can be installed and run in their own separate, secure area on a single hardware device.

Antivirus and other security software must be installed only once.

A

Multiple operating systems can be installed and run in their own separate, secure area on a single hardware device.

Virtual machines all run in their own separate and isolated area on the system as if they were each on a separate physical machine. This greatly increases security because any issues arising in one VM will not affect another VM. This also allows multiple operating systems to be installed on the same physical hardware, which saves money by avoiding the need to buy multiple hardware systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Sam’s manager is fed up with managing the dozens of service providers across the corporate portfolio and tasks Sam with finding the best way to provide a seamless view to the corporation’s users. What is the best option?

Security information and event management (SIEM)

Services integration and management (SIAM)

Managed service provider (MSP)

A

Services integration and management (SIAM)

Services integration and management (SIAM) providers can be hired to corral the corporation’s entire services chain and manage it for ease of use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

As part of your application-hardening process, which of the following activities helps to prevent existing vulnerabilities in applications from being exploited?

Exception handling

Fuzzing

Updating to the latest software version or patch

A

Updating to the latest software version or patch

Application vendors will release updated software versions of their products or provide a security patch to resolve any security vulnerabilities in previous versions of the software. It is a best practice to always keep your application software up to date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is not part of the secure deployment process?

Testing (TEST)

Quality control/quality assurance (QC/QA)

Sandbox (SAND)

A

Sandbox (SAND)

A sandbox allows for malicious code testing as well as preventing legitimate code from conducting unexpected activities that could cause harm, but it is not part of the secure deployment process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

__________ is the design of a database to remove redundancies and improve integrity through simplification of the design.

Normalization

Anonymization

Masking

A

Normalization

Normalization is the design of a database to remove redundancies and improve integrity through simplifying the design

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You are tasked with setting up a single sign-on authentication system for a large enterprise network of 5000 users. Which of the following is the best option?

Local login and password database

Login and password with a security token

Authenticated access to an LDAP database

A

Authenticated access to an LDAP database

An LDAP server provides a centralized directory that can be used to securely authenticate a user to multiple services on the same network. This is the most efficient and secure method for a large network of 5000 users. Other methods would require tedious configuration and management of each individual user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Bobby is tasked with creating a high-security authentication system for physical access control to a military installation. Which of the following authentication systems would be most appropriate?

Smart card and PIN

Security badge and guard

Biometric eye scanner

A

Smart card and PIN

Of the examples, the smart card (something you have) and the PIN (something you know) combine as a multifactor authentication solution that is more robust than single-factor solutions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A web services provider wants to improve its security through the implementation of two-factor authentication. What would be the most likely authentication method?

TOTP

SIEM

TACACS

A

TOTP

Time-based One-time Passwords (TOTPs) allow users to log in to a system with a username and password combination and then a one-time token, usually generated from a separate device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

After a user is identified and authenticated to the system, what else must be performed to enable the user to use a resource?

Authorization

Authentication by token

Encryption of network access

A

Authorization

Although a user has been given access to log in to the network, the user still needs to be authorized to use a particular resource based on access permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly