Architecture and Design (2) Flashcards
Max is installing a database server that requires several hard drives in a RAID array. In the event one of the drives fails, he needs to be able to swap out a failed hard drive with no downtime. Which of the following types of hard drives should he use?
Suspend swap
Warm swap
Hot swap
Hot swap
A hot-swap device, such as a hard drive, can be inserted or removed without the need to shut down the server. This enables you to retain the availability of the services on that server
Bobby must ensure that power is always available, 24/7, for a critical web and database server that accepts customer orders and processes transactions. Which of the following devices should Bobby install?
Power conditioner
UPS
Power generator
Power generator
A power generator is required to ensure that there is always power for your server. A UPS battery typically contains only enough power to run a system for about 10 to 20 minutes, while a power conditioner or redundant power supply will not help if there is no power to run them
AJ’s company is in the middle of budgeting for disaster recovery. He has been asked to justify the cost for offsite backup media storage. Which of the following reasons should he offer as the primary security purpose for storing backup media at an offsite storage facility?
So that the facility can copy the data to a RAID system
So that if the primary site is down, the offsite storage facility can reload the systems from backup
To prevent a disaster onsite from destroying the only copies of the backup media
To prevent a disaster onsite from destroying the only copies of the backup media
All backup plans should require backup media to be sent to an offsite storage facility. That way, if a disaster destroys your physical location, the backup media will be safe
A __________ system is often used to control utilities, automated systems, and machinery of all sorts.
sensor
wearable
SCADA
SCADA
A supervisory control and data acquisition (SCADA) system is often used to control utilities, automated systems, and machinery of all sorts
Tom wants to replace his company’s “plain old telephone service” (POTS) with an integrated, network-enabled phone system. What is this type of system called?
VoIP
Narrowband
Smartphone
VoIP
A voice over IP (VoIP) system replaces POTS with an integrated phone system that runs over the same network as all other data services
How should lighting installed along a perimeter fence be programmed?
To activate when someone approaches the fence
To activate only when alarms detect an intruder
To activate between dusk and dawn
To activate between dusk and dawn
Lighting installed along a perimeter fence should be programmed to activate from dusk to dawn
Which of the following are advantages to employing security guards in a facility? (Choose two.)
CCTVs can be in places where guards cannot always be.
Guards can make split-second decisions during security incidents.
The vast majority of facility security issues can be handled by well-trained guards.
Guards are not susceptible to social engineering.
Guards can make split-second decisions during security incidents.
The vast majority of facility security issues can be handled by well-trained guards.
Guards can make split-second decisions during security incidents, and most facility security issues can be handled by well-trained guards
Which of the following is not a benefit of using an access control vestibule?
It can serve as a single controlled entry point into a facility.
It can prevent unauthorized individuals from entering a secure facility.
It can protect individual information systems from unauthorized access.
It can protect individual information systems from unauthorized access.
An access control vestibule cannot protect individual information systems from unauthorized access
You have encrypted an e-mail message because you want to ensure that it is read only by the recipient. A hacker has intercepted the message. When the hacker views the message, what does he see?
The plaintext of the e-mail
The one-way hash of the message
Ciphertext
Ciphertext
Cleartext is transformed into ciphertext after being put through some type of cipher or encryption algorithm system. The ciphertext is unreadable unless it is decrypted back into cleartext form
You have been tasked with implementing information assurance principles within your organization’s security and encryption functions. Which of the following isn’t a function of information assurance within encryption systems?
Entropy
Confidentiality
Integrity
Entropy
Entropy is not a function of information assurance within encryption systems. The basic functions pertaining to information assurance are confidentiality, integrity, authentication, nonrepudiation, and obfuscation
You have sent your friend a secret, encrypted message. The key you used to encrypt the message is the same key with which your friend will decrypt the message. What type of encryption scheme is used?
Asymmetric
Symmetric
RSA
Symmetric
In a symmetric encryption scheme, both parties use the same key for encryption and decryption purposes. Both users must possess the same key to send encrypted messages to each other
Which of the following encryption schemes would you use if your company wants to create an invisible watermark hidden within the images on its website to identify the images in case they are used by another company?
Elliptical-curve
One-way hash
Steganography
Steganography
Steganography hides data in another type of media that effectively conceals the existence of the data
Your organization wants you to implement an encryption system that ensures that the sender and receiver of the encrypted message use different keys for encryption and decryption. Which type of encryption scheme would you use?
Elliptical-curve
Quantum
Asymmetric
Asymmetric
An asymmetric encryption scheme relies on the sender and receiver of a message to use different keys for encryption and decryption. The keys are mathematically related, but they can’t be derived from each other
Which of the following protocols would you use for message authentication and integrity in your encryption systems?
Steganography
Elliptical-curve
HMAC
HMAC
HMAC (Hash-based Message Authentication Code) is used to authenticate a message and provide data integrity. The Message Authentication Code (MAC) is sent along with the message itself so that the receiver can authenticate the sender of the message and verify the integrity of the message contents