Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Advanced Information Security > Chapter 9 > Flashcards

Chapter 9 Flashcards

1
Q

You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk.

Which of the following actions would BEST protect your system?

Run the browser in protected mode.

Change the security level for the internet zone to High.

Run the browser within a virtual environment.

Configure the browser to block all cookies and pop-ups.

A

Run the browser within a virtual environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is an advantage of a virtual browser?

Prevents adware and spyware that monitor your internet activity

Prevents phishing and drive-by downloads

Protects the host operating system from malicious downloads

Filters internet content based on ratings

A

Protects the host operating system from malicious downloads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?

Load balancing
Bottleneck
Escape
Jump

A

Escape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following devices is computer software, firmware, or hardware that creates and runs virtual machines?

Virtual switch
Hypervisor
Virtual router
Virtual firewall

A

Hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is a technique that disperses a workload between two or more computers or resources to achieve optimal resource utilization, throughput, or response time?

Hypervisor
Bottleneck
Virtualization
Load balancing

A

Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is isolating a virtual machine from the physical network to allow testing to be performed without impacting the production environment called?

Workload balancing
Resource pooling
Testing
Sandboxing

A

Sandboxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following are disadvantages of server virtualization?

A compromised host system might affect multiple servers.

Systems are isolated from each other and cannot interact with other systems.

A compromised guest system might affect multiple servers.

It increases hardware costs.

A

A compromised host system might affect multiple servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which type of hypervisor runs as an application on the host machine?

Type 4
Type 3
Type 1
Type 2

A

Type 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following are advantages of virtualization? (Select two.)

Redundancy of hardware components for fault tolerance

Reduced utilization of hardware resources

Improved host-based attack detection

Easy migration of systems to different hardware

Centralized administration

A

Easy migration of systems to different hardware

Centralized administration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which load balancing method distributes a workload across multiple computers?

Virtualization
Bottleneck
Workload balancing
Resource pooling

A

Workload balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following provides the network virtualization solution called XenServer?

VMWare
Citrix
Microsoft
Cisco

A

Citrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is a network virtualization solution provided by Microsoft?

Hyper-V
Citrix
VMware
VirtualBox

A

Hyper-V

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the limit of virtual machines that can be connected to a virtual network?

65,534
16,777,214
Unlimited
54

A

Unlimited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating systems’ versions and editions.

Currently, all of your virtual machines used for testing are connected to the production network through the hypervisor’s network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code.

To prevent issues, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other.

What should you do? (Select two. Both responses are part of the complete solution.)

Connect the virtual network interfaces in the virtual machines to the virtual switch.

Disable the switch port the hypervisor’s network interface is connected to.

Create a new virtual switch configured for bridged (external) networking.

Create MAC address filters on the network switch that block each virtual machine’s virtual network interfaces.

Create a new virtual switch configured for host-only (internal) networking.

Disconnect the network cable from the hypervisor’s network interface.

A

Connect the virtual network interfaces in the virtual machines to the virtual switch.

Create a new virtual switch configured for host-only (internal) networking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following statements about virtual networks is true? (Select two.)

A virtual network is dependent on the configuration and physical hardware of the host operating system.

Accessing network resources requires that the operating system on the virtual machine be configured on an isolated network.

Each virtual network must be associated with a single physical network adapter.

Multiple virtual networks can be associated with a single physical network adapter.

A virtual network is independent of the configuration and physical hardware of the host operating system.

A

A virtual network is dependent on the configuration and physical hardware of the host operating system.

Multiple virtual networks can be associated with a single physical network adapter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following devices facilitates communication between different virtual machines by checking data packets before moving them to a destination?

Virtual firewall
Hypervisor
Virtual switch
Virtual router

A

Virtual switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a virtual LAN that runs on top of a physical LAN called?

VMM
VAN
VFA
VLAN

A

VAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following virtual devices provides packet filtering and monitoring?

VLAN
VMM
vSwitch
VFA

A

VFA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following is an example of protocol-based network virtualization?

VLAN
vSwitch
VFA
VMM

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following is used as a secure tunnel to connect two networks?

VLAN
VAN
VPN
VFA

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following is an advantage of software-defined networking (SDN)?

More granular control
Is currently a new technology
Lack of vendor support
Standards are still being developed

A

More granular control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following BEST describes the Application SDN layer?

Is software that is able to inventory hardware components in the network.

Communicates with the Control layer through the southbound interface.

Receives its requests and then provides configuration and instructions.

Communicates with the Control layer through the northbound interface.

A

Communicates with the Control layer through the northbound interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which SDN layer would a load balancer that stops and starts VMs as resource use increases reside on?

Session
Application
Physical
Control

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Software defined networking (SDN) uses a controller to manage devices. The controller is able to inventory hardware components on the network, gather network statistics, make routing decisions based on gathered data, and facilitate communication between devices from different vendors. It can also be used to make widespread configuration changes on just one device.

Which of the following best describes an SDN controller?

The SDN controller is a networking protocol.
The SDN controller is hardware.
The SDN controller is a virtual networking device.
The SDN controller is software.

A

The SDN controller is software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

This layer receives its requests from the Application layer.

Application
Control
Physical

A

Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

This layer is also known as the Infrastructure layer.

Application
Control
Physical

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

This layer communicates with the Control layer through what is called the northbound interface.

Application
Control
Physical

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

This layer provides the Physical layer with configuration and instructions.

Application
Control
Physical

A

Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

On this layer, individual networking devices use southbound APIs to communicate with the control plane.

Application
Control
Physical

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which of the following does the Application layer use to communicate with the Control layer?

Controllers
Northbound APIs
Southbound APIs
These layers do not communicate

A

Northbound APIs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which of the following BEST describes the Physical SDN layer?

Receives its requests from the Application layer.
Also known as the Infrastructure layer.
Sometimes called northbound APIs.
Gives new life to old networking hardware.

A

Also known as the Infrastructure layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Network engineers have the option of using software to configure and control the network rather than relying on individual static configuration files that are located on each network device.

Which of the following is a relatively new technology that allows network and security professionals to use software to manage, control, and make changes to a network?

Load balancing software
Control layer networking
Software-defined networking (SDN)
Infrastructure software networking

A

Software-defined networking (SDN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which APIs do individual networking devices use to communicate with the control plane from the Physical layer?

None
Northbound
Northbound and Southbound
Southbound

A

Southbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which of the following is a disadvantage of software defined networking (SDN)?

SDN facilitates communication between hardware from different vendors.
SDN gathers network information and statistics.
SDN standards are still being developed.
SDN creates centralized management.

A

SDN standards are still being developed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Provides cloud services to just about anyone.

A

Public Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Provides cloud services to a single organization

A

Private Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Allows cloud services to be shared by several organizations.

A

Community Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Integrates one cloud service with other cloud services.

A

Hybrid Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A group of small local businesses have joined together to share access to a cloud-based payment system.

Which type of cloud is MOST likely being implemented?

Hybrid
Private
Community
Public

A

Community

40
Q

Which of the following BEST describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers infrastructure to the client, such as processing, storage, networks, and virtualized environments.

PaaS stores and provides data from a centralized location without the need for local collection and storage.

PaaS delivers everything a developer needs to build an application on the cloud infrastructure.

PaaS delivers software applications to the client either over the internet or on a local area network (LAN).

A

PaaS delivers everything a developer needs to build an application on the cloud infrastructure.

41
Q

Which of the following cloud computing solutions delivers software applications to a client either over the internet or on a local area network?

IaaS
DaaS
PaaS
SaaS

A

SaaS

42
Q

You are the security administrator for your organization. You have implemented a cloud service to provide features such as authentication, anti-malware, intrusion detection, and penetration testing.

Which cloud service have you most likely implemented?

SECaaS
SaaS
PaaS
IaaS

A

SECaaS

43
Q

The IT manager has tasked you with installing new physical machines. These computer systems are barebone systems that simply establish a remote connection to the data center to run the user’s virtualized desktop.

Which type of deployment model is being used?

Thin client
Thick client
IaaS
PaaS

A

Thin client

44
Q

Which of the following are true concerning virtual desktop infrastructure (VDI)? (Select two.)

Roaming profiles must be configured to allow mobile users to keep their same desktop environment across systems.

In the event of a widespread malware infection, the administrator can reimage user desktops by pushing an image out to each user desktop system over the network.

In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers.

User desktop environments are centrally hosted on servers instead of on individual desktop systems.

User desktop environments are provided by individual desktop systems instead of by remote servers.

A

In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers.

User desktop environments are centrally hosted on servers instead of on individual desktop systems.

45
Q

Google Cloud, Amazon Web Services (AWS), and Microsoft Azure are some of the most widely used cloud storage solutions for enterprises. Which of the following factors prompt companies to take advantage of cloud storage? (Select two.)

Growing demand for storage

Need to bring costs down

Need for Software as a Service (SaaS) for managing enterprise applications

Need for a storage provider to manage access control

Need for Platform as a Service (PaaS) for developing applications

A

Growing demand for storage

Need to bring costs down

46
Q

Which of the following cloud storage access services acts as a gatekeeper, extending an organization’s security policies into the cloud storage infrastructure?

A co-located cloud computer service
A cloud-access security broker
A web service application programming interface
A cloud storage gateway

A

A cloud-access security broker

47
Q

Cloud storage is a virtual service, so the infrastructure is the responsibility of the storage provider. Access control should be set as a local file system would be, with no need for the provider to have access to the stored data.

You are implementing the following measures to secure your cloud storage:

Verify that security controls are the same as in a physical data center.

Use data classification policies.

Assign information into categories that determine storage, handling, and access requirements.

Assign information classification based on information sensitivity and criticality.

Which of the following is another security measure you can implement?

Configure redundancy and distribution of data.

Dispose of data when it is no longer needed by using specialized tools.

Configure distributed resources to act as one in a federated architecture.

Create versioned copies of your cloud data.

A

Dispose of data when it is no longer needed by using specialized tools.

48
Q

Which of the following tools allows the user to set security rules for an instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization?

Integration
Replication
Instance awareness
Encryption

A

Instance awareness

49
Q

What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called?

High availability
Encryption
Instance awareness
Integration

A

Integration

50
Q

Which of the following methods can cloud providers implement to provide high availability?

Integration
Replication
Encryption
Instance awareness

A

Replication

51
Q

Which formula is used to determine a cloud provider’s availability percentage?

Uptime/uptime + downtime

Uptime/downtime x uptime

Downtime/uptime + downtime

Downtime/downtime x uptime

A

Uptime/uptime + downtime

52
Q

Which type of firewall operates at Layer 7 of the OSI model?

Application layer
Circuit-level gateway
Packet-filtering
Stateful

A

Application layer

53
Q

Which of the following can provide the most specific protection and monitoring capabilities?

Cloud native controls
Cloud-based firewall
Secure web gateway
Cloud-access security broker

A

Cloud-access security broker

54
Q

What is the on-premises, cloud-based software tool that sits between an organization and a cloud service provider called?

Cloud native controls
Cloud-access security broker
Secure web gateway
Cloud-based firewall

A

Cloud-access security broker

55
Q

Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?

Virtual area network
Cloud native controls
Cloud-access security broker
Cloud-based firewall

A

Cloud-based firewall

56
Q

Which of the following is a network security service that filters malware from user-side internet connections using different techniques?

Cloud-access security broker
Cloud-based firewall
Secure web gateway
Virtual area network

A

Secure web gateway

57
Q

Which type of firewall protects against packets coming from certain IP addresses?

Packet-filtering
Stateful
Application layer
Circuit-level

A

Packet-filtering

58
Q

Your organization recently purchased 18 iPad tablets for use by the organization’s management team. These devices have iOS pre-installed on them.

To increase the security of these devices, you want to apply a default set of security-related configuration settings.

What is the BEST approach to take to accomplish this? (Select two. Each option is part of a complete solution.)

Configure and apply security policy settings in a mobile device management (MDM) system.

Join the tablets to a Windows domain.

Configure and distribute security settings in a configuration profile.

Require users to install the configuration profile.

Enroll the devices in a mobile device management (MDM) system.

Configure security settings in a Group Policy Object.

A

Configure and apply security policy settings in a mobile device management (MDM) system.

Enroll the devices in a mobile device management (MDM) system.

59
Q

Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization.

For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president’s home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network.

You’ve reviewed the vice president’s social media pages. You found pictures of her home posted, but you didn’t notice anything in the photos that would give away her home address. She assured you that her smartphone was never misplaced prior to the attack.

Which security weakness is the MOST likely cause of the security breach?

Sideloaded apps were installed on her smartphone.

Weak passwords were used on her smartphone.

Geotagging was enabled on her smartphone.

A Christmas tree attack was executed on her smartphone.

A

Geotagging was enabled on her smartphone.

60
Q

Which of the following mobile device security considerations disables the ability to use the device after a short period of inactivity?

Remote wipe
GPS
Screen lock
TPM

A

Screen lock

61
Q

Your organization recently purchased 20 Android tablets for use by the organization’s management team.

To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you implement?

App blacklisting

Application Control

App whitelisting

Credential Manager

A

App whitelisting

62
Q

A smartphone was lost at the airport. There is no way to recover the device. Which of the following ensures data confidentiality on the device?

Remote wipe
TPM
GPS
Screen lock

A

Remote wipe

63
Q

Which of the following is the recommend Intune configuration?

Intune Standalone
Account portal
Hybrid MDM
Company portal

A

Intune Standalone

64
Q

Which of the following is a solution that pushes security policies directly to mobile devices over a network connection?

Credential Manager
Group Policy
Application Control
Mobile device management (MDM)

A

Mobile device management (MDM)

65
Q

The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies.

Where would you go to set up the Intune policies?

In the Company portal, select Management > Policy > Add Policy.

In the Admin portal, select Management > Policy > Add Policy.

In the Admin portal, select Policy > Add Policy.

In the Company portal, select Policy > Add Policy.

A

In the Admin portal, select Policy > Add Policy.

66
Q

Which of the following Intune portals is used by end users to manage their own account and enroll devices?

Account portal
Add Intune Users
Admin portal
Company portal

A

Company portal

67
Q

Your organization recently purchased 20 Android tablets for use by the organization’s management team.

You are using a Windows domain. Which of the following should you use to push security settings to the devices?

Intune
Application Control
Credential Manager
Group Policy

A

Intune

68
Q

Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices?

EMM
MAM
UEM
MDM

A

EMM

69
Q

Mobile application management (MAM) provides the ability to do which of the following?

Manage mobile devices.
Comply with security policies.
Remotely install and uninstall apps.
Control data access.

A

Remotely install and uninstall apps.

70
Q

What is the minimum number of users needed in a Windows Enterprise agreement for Intune to be included?

1,000
500
100
No minimum

A

500

71
Q

Mobile device management (MDM) provides the ability to do which of the following?

Remotely install apps.
Control data access.
Update apps as needed.
Track the device.

A

Track the device.

72
Q

Which of the following mobile device management (MDM) solutions allows an organization to manage all devices, including printers, workstations, and even IoT devices?

UEM
MAM
MDM
EMM

A

UEM

73
Q

Which of the following is the first phase of the Microsoft Intune application life cycle?

Protect
Deploy
Add
Configure

A

Add

74
Q

Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that they have rights to access?

BYOD
Self-service portal
App catalog
Remote management

A

App catalog

75
Q

In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal?

Add
Deploy
Configure
Protect

A

Deploy

76
Q

Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed out to users within 24 hours?

BYOD
Self-service portal
Remote management
App catalog

A

Remote management

77
Q

Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself?

App catalog
BYOD
Self-service portal
Remote management

A

Remote management

78
Q

Which of the following is a policy that defines appropriate and inappropriate usage of company resources, assets, and communications?

Acceptable use policy (AUP)
Disaster recovery plan (DRP)
Business impact analysis (BIA)
Business continuity plan (BCP)

A

Acceptable use policy (AUP)

79
Q

Which of the following defines an acceptable use agreement?

An agreement that prohibits an employee from working for a competing organization for a specified period of time after he or she leaves the organization.

An agreement that identifies employees’ rights to use company property, such as internet access and computer equipment, for personal use.

A legal contract between the organization and the employee that specifies that the employee is not to disclose the organization’s confidential information.

An agreement that outlines the organization’s monitoring activities.

A

An agreement that identifies employees’ rights to use company property, such as internet access and computer equipment, for personal use.

80
Q

Your organization allows employees to bring their own devices into work, but management is concerned that a malicious internal user could use a mobile device to conduct an insider attack.

Which of the following should be implemented to help mitigate this threat?

Implement a Network Access Control (NAC) solution.

Implement an AUP that specifies where and when mobile devices can be possessed within the organization.

Implement a guest wireless network that is isolated from your organization’s production network.

Implement an AUP that specifies which apps are allowed for use with organizational data.

A

Implement an AUP that specifies where and when mobile devices can be possessed within the organization.

81
Q

Which of the following could be an example of a malicious insider attack?

A user’s device has become infected with malware.

A user has lost a company-owned device.

A user has not implemented appropriate security settings.

A user uses the built-in microphone to record conversations.

A

A user uses the built-in microphone to record conversations.

82
Q

Which device deployment model gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data?

BYOD
VDI
CYOD
COPE

A

COPE

83
Q

Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands.

The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen.

Which of the following should you implement?

A mobile device management (MDM) infrastructure

A Network Access Control (NAC) solution

A guest wireless network that is isolated from your organization’s production network

An Acceptable Use Policy (AUP)

A

A mobile device management (MDM) infrastructure

84
Q

If a user’s BYOD device (such as a tablet or phone) is infected with malware, that malware can be spread if that user connects to your organization’s network. One way to prevent this event is to use a Network Access Control (NAC) system.

How does an NAC protect your network from being infected by a BYOD device?

The NAC notifies users that personally owned devices are subject to random searches if brought on site.

The NAC remediates devices before allowing them to connect to your network.

The NAC specifies which apps can be used while the BYOD device is connected to the organization’s network.

The NAC forces BYOD devices to connect to a guest network that is isolated from your production network.

A

The NAC remediates devices before allowing them to connect to your network.

85
Q

The IT manager has tasked you with implementing a solution that ensures that mobile devices are up to date, have anti-malware installed, and have the latest definition updates before being allowed to connect to the network.

Which of the following should you implement?

VDI
MDM
NAC
BYOD

A

NAC

86
Q

Which of the following BEST describes a virtual desktop infrastructure (VDI)?

Gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data.

Defines which kinds of data are allowed or which kinds of data are prohibited on personally owned devices brought into the workplace.

Provides enhanced security and better data protection because most of the data processing is provided by servers in the data center rather than on the local device.

Specifies where and when mobile devices can be possessed within the organization. For example, the possession of mobile devices may be prohibited in high-security areas.

A

Provides enhanced security and better data protection because most of the data processing is provided by servers in the data center rather than on the local device.

87
Q

Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on their personal tablets.

The chief information officer worries that one of these users might also use their tablet to steal sensitive information from the organization’s network. Your job is to implement a solution that prevents insiders from accessing sensitive information stored on the organization’s network from their personal devices while still giving them access to the internet.

Which of the following should you implement?

A Network Access Control (NAC) solution

A mobile device management (MDM) infrastructure

A guest wireless network that is isolated from your organization’s production network

An Acceptable Use Policy (AUP)

A

A guest wireless network that is isolated from your organization’s production network

88
Q

Which of the following is an open-source hardware and software company that designs and manufactures single-board microcontrollers as well as kits to build digital devices?

Amazon
Microsoft
Arduino
Raspberry Pi

A

Arduino

89
Q

You manage information systems for a large co-location data center.

Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Verify that your network’s existing security infrastructure is working properly.

Install the latest firmware updates from the device manufacturer.

Rely on the device manufacturer to maintain device security with automated firmware updates.

Install anti-malware software on each device.

Enroll each device in a mobile device management (MDM) system.

A

Install the latest firmware updates from the device manufacturer.

Verify that your network’s existing security infrastructure is working properly.

90
Q

ou manage the information systems for a large manufacturing firm.

Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Install the latest firmware updates from the device manufacturer.

Install a network monitoring agent on each device.

Install anti-malware software on each device.

Enroll each device in a mobile device management system.

Verify that your network’s existing security infrastructure is working properly.

A

Install the latest firmware updates from the device manufacturer.

Verify that your network’s existing security infrastructure is working properly.

91
Q

Which of the following serves real-time applications without buffer delays?

SCADA
RTOS
FPGA
SoC

A

RTOS

92
Q

Which of the following devices are special computer systems that gather, analyze, and manage automated factory equipment?

MFD
UAV
SoC
SCADA

A

SCADA

93
Q

You notice that a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections.

Which of the following labels applies to this growing ecosystem of smart devices?

Internet of Things (IoT)
Dynamic environment
The smartnet
Internet of smart devices

A

Internet of Things (IoT)

94
Q

Which Amazon device can be used to control smart devices (such as lights) throughout a home using voice commands?

Cortana
Siri
Home
Echo

A

Echo

95
Q

Which of the following do Raspberry Pi systems make use of?

SoC
FPGA
RTOS
SCADA

A

SoC

96
Q

Which of the following lets you make phone calls over a packet-switched network?

RTOS
VoIP
SCADA
FPGA

A

VoIP

97
Q

Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.)

It is difficult to update the virus definitions used to protect these devices.

Devices are typically more difficult to monitor than traditional network devices.

These devices are typically installed in the DMZ that resides outside of an organization’s perimeter firewall.

Devices tend to employ much weaker security than traditional network devices.

Smart device vendors tend to proactively protect their products against security threats.

A

Devices tend to employ much weaker security than traditional network devices.

Devices are typically more difficult to monitor than traditional network devices.

Advanced Information Security (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions