Chapter 1 - Security Basics .

Question 1

You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution?

A). Use Hashes
B). Encrypt it before sending
C). Protect it with a digital signature
D). Use RAID

Answer 1

B). Encrypt it before sending

Encryption - provides confidentiality of any type of information, including proprietary data.

Question 2

Austin manages network devices in his store and maintains copies of the configuration filed for all the managed routers and switches. On a weekly basis, he creates hashes for these filed and compares them with hashes he created on the same files the previous week. Which of the following cases is he MOST likely using?

A). Supporting confidentiality
B). Supporting integrity
C). Supporting encryption
D). Supporting availability

Answer 2

B). Supporting Integrity

Question 3

Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions?

A). To support steganography
B). To support integrity
C). To support availability
D). To support obfuscation

Answer 3

D). To support obfuscation

Question 4

Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support?

A). Supporting confidentiality
B). Supporting availability
C). Supporting obfuscation
D). Supporting non-repudiation

Answer 4

D). Supporting non-repudiation

Question 5

As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include?

A). Ensure critical systems provide uninterrupted service.
B). Protect data-in-transit from unauthorized disclosure.
C). Ensure systems are not susceptible to unauthorized changes.
D). Secure data to prevent unauthorized disclosure.

Answer 5

C). Ensure systems are not susceptible to unauthorized changes.

Question 6

Your organization wants to reduce the amount of money it is losing due to thefts. Which of the following is the BEST example of an equipment theft deterrent?

A). Snapshots
B). Cable locks
C). Strong passwords
D). Persistent VDI

Answer 6

B). Cable locks - are effective equipment theft deterrents for laptops and other systems.

Question 7

Your organization is considering virtualization solutions. Management wants to ensure that any solution provides the best ROI. Which of the following situations indicates that virtualization would provide the best ROI?

A). Most physical servers within the organization are currently utilized at close to 100% .
B). The organization has many servers that do not require failover services.
C). Most desktop PCs require fast processors and a high amount of memory.
D). Most physical servers within the organization the organization are currently underutilized.

Answer 7

D). Most physical servers within the organization are currently underutilized.

Question 8

You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application?

A). Take a snapshot of the VM before deploying the new application.
B). Take a snapshot of the VM after deploying the new application.
C). Ensure the server is configured for non-persistence.
D). Back up the server after installing the new application.

Answer 8

A). Take a snapshot of the VM before deploying the new application.

Question 9

Lopez is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system?

A). ifconfig
B). ipconfig
C). netstat
D). tracert

Answer 9

B). ifconfig - command displays network setting in a Linux computer.

Question 10

Administrators frequently create VMs for testing. They sometimes leave these running without using them again after they complete their tests. Which of the following does this describe?

A). VM escape
B). VDI snapshot
C). VM sprawl
D). Type ll hypervisor

Answer 10

C). VM sprawl - occurs when an organization has many VMs that aren’t managed properly.

Question 11

Hashes provide integrity, not confidentiality (T/F) ?

Answer 11

True!

Question 12

What three things do digital signatures provide?

Answer 12

• Authentication
• Non-Repudiation
• Integrity

Question 13

What does a redundant array of inexpensive disk (RAID) provide?

Answer 13

A higher availability for disk subsystem.

Question 14

What does it mean if the hashes are the same on the configuration files?

Answer 14

That the files have NOT changed.

Question 15

What three things enforce confidentiality?

Answer 15

• Encryption
• Access Controls
• Steganography

Question 16

Encryption uses hashes (T/F) ?

Answer 16

False!

Question 17

What does availability ensure?

Answer 17

That systems are up and operational when needed.

Question 18

What is steganography?

Answer 18

Hiding files within the image.

Question 19

Redundant and fault-tolerance methods increase what?

Answer 19

Availability

Question 20

Digital signatures encrypt data (T/F) ?

Answer 20

False!

Question 21

Protecting data and securing data to prevent unauthorized disclosure addresses what?

Answer 21

Confidentiality?

Question 22

Digital snapshots that capture the state of a virtual machine at a moment in time refers to what?

Answer 22

Snapshots

Question 23

Passwords prevent unauthorized access to systems, but don’t provide physical security (T/F) ?

Answer 23

True!

Question 24

A virtual desktop infrastructure (VDI) allows users to access a desktop on a remote server (T/F) ?

Answer 24

True!

Question 25

A persistent VDI saves the user changes on the desktop, but it does not deter thefts (T/F) ?

Answer 25

True!

Question 26

Taking a snapshot after the installation allows you to revert the image (T/F) ?

Answer 26

False!

Question 27

Is it necessary to back up the server before & after installing the new application?

Answer 27

No.

Backing up BEFORE the installation is necessary, but NOT afterwards.

Question 28

What three things does the ‘ifconfig’ command include?

Answer 28

• IP address
• Subnet Mask
• Default Gateway assigned to the NIC

Question 29

What kind of computers is the ‘ipconfig’ command given to, to view configurations?

Answer 29

Windows computers

Question 30

What does “Netstat” show?

Answer 30

Shows network statistics and active connections.

Question 31

“Netstat” shows the network settings (T/F)?

Answer 31

False! - only the network statistics & active connections.

Question 32

What does the ‘tracert’ command trace?

Answer 32

Traces the route of data and can help determine which network devices are failing.

Question 33

When does a VM sprawl occur?

Answer 33

When an organization has many VMs that aren’t managed properly.

Question 34

Unmonitored VMs typically won’t get updated and can be vulnerable to attacks (T/F) ?

Answer 34

True!

Question 35

What is a VM escape?

Answer 35

An attack that allows an attacker to access the host system from within the virtual system.

Question 36

Users within your organization access virtual desktops hosted on remote servers. This describes which of the following?

A). VDE
B). Snapshots for non-persistence
C). Type l hypervisors
D). VM sprawl

Answer 36

A). VDE

Question 37

Your organization has implemented a VDI for most users. When a user logs off, the desktop reverts to its original state without saving any changes made by the user. Which of the following BEST describes this behavior?

A). Container virtualization
B). VM escape
C). Non-persistence
D). Elasticity

Answer 37

C). Non-persistence

Question 38

Which type of virtualization allows a computer’s operating system kernel to run multiple isolated instances of a guest virtual machine, with each guest sharing the kernel?

A). Container virtualization
B). Type l hypervisor virtualization
C). Type ll hypervisor virtualization
D). VDE

Answer 38

A). Container virtualization

Question 39

Type l hypervisor virtualization runs directly on the system hardware (T/F) ?

Answer 39

True!

Question 40

Type ll hypervisor virtualization runs ___ that all include their own _____ _____ , including their own _____ .

Answer 40

• VMs
• operating system
• kernel

Question 41

What does VDE (virtual desktop environment) provide?

Answer 41

A full desktop operating system to users.

Question 42

You are considering rebooting a database server and want to identify if it had any active network connections. Which of the following commands will list active network connections?

A). arp
B). ipconfig
C). ping
D). netstat

Answer 42

D). netstat

Question 43

ARP displays information related to what?

Answer 43

Media access control (MAC) addresses.

Question 44

What is the purpose of a Ping?

Answer 44

Checks connectivity with remote systems.

Question 45

You have configured a firewall in your network to block ICMP traffic. You want to verify that it is blocking this traffic. Which of the following commands would you use?

A). arp
B). ipconfig
C). netstat
D). ping

Answer 45

D). Ping

Question 46

The ping command sends ______ ______ ______ ______ echo requests and checks for ICMP echo ______ .

Answer 46

• Internet Control Message Protocol (ICMP)

- replies

Question 47

What is a use case?

Answer 47

Describes a goal that an organization wants to achieve.

Question 48

What starts a use case?

Answer 48

A Trigger.

Question 49

What occurs after the Trigger process in a use case?

Answer 49

Postcondition.

Question 50

What must occur before the Trigger process can start in a use case?

Answer 50

Precondition.

Question 51

A ______ ______ helps professionals identify and clarify requirements to achieve a goal.

Answer 51

Use case

Question 52

What are the three primary security control types?

Answer 52

• Technical
- implemented with Technology

• Administrative
- using administrative or management methods

• Physical
- using controls that you can physically touch

Question 53

Encryption, antivirus software, IDSs, firewalls, and the principle of least privilege are examples of what type of control?

Answer 53

Technical Controls

Question 54

Security awareness & training, configuration management, and change management are examples of what type of control?

Answer 54

Administrative controls

Question 55

Preventive controls attempt to prevent ________ incidents.

Answer 55

Security

Question 56

System hardening, user training, guards, change management, and account disablement policies are examples of what type of control?

Answer 56

Preventive controls

Question 57

______ controls attempt to detect when a vulnerability has been exploited.

Answer 57

Detective

Question 58

Log monitoring, trend analysis, security audits, video surveillance systems, and motion detection systems are examples of what types of controls?

Answer 58

Detective Controls

Question 59

Corrective controls attempt to ______ the impact of an incident or problem after it had occurred.

Answer 59

Reverse

Question 60

Intrusion prevention systems (IPSs), backups, and system recovery plans are examples of what type of controls?

Answer 60

Corrective controls

Question 61

______ controls attempt to prevent incidents by dis outraging threats.

Answer 61

Deterrent

Question 62

Compensating controls are alternative controls used when it isn’t feasible or possible to use the primary controls (T/F)?

Answer 62

True!

Question 63

_______ provides increased availability with various tools such as snapshots and easy restoration.

Answer 63

Virtualization

Question 64

_______ virtualization is a specialized version of a Type ___ hypervisor.

Answer 64

Container

Type 2 hypervisor