Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cloud+ > Cloud+7 > Flashcards

Cloud+7 Flashcards

1
Q 
1.Milo has set up smart cards for users in the company’s main office. He wants to tie them into the authentication systems so that users can log into their workstations with them as well as access certain resources. Which of the following does he need to assign to each user in order to make this integration work?
	a.	Policy
	b.	Digital certificate
	c.	Role
	d.	Group
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
2.Sharon is having trouble logging into the new cloud-based web application that her small company uses. It asks whether she wants to use a local account or an OpenID account. Which of the following is used by OpenID in order to implement authentication?
	a.	QR
	b.	OAuth
	c.	2FA
	d.	PIN
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
3.Fred is trying to access the company’s cloud-based CRM system while traveling abroad in Europe. He receives a message that access to this application is not allowed from the country he is currently in and lists the IP address detected by his connection. Which of the following factors of authentication is the CRM system using?
	a.	Something you know
	b.	Something you do
	c.	Somewhere you are
	d.	Something you have
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
4.Noah has gone to work for the government and sees that some systems use a method of labeling data as classified, secret, and top secret rather than creating groups of users and applying permissions for those groups. Which of the following describes these systems of labeling data?
	a.	DAC
	b.	RBAC
	c.	MAC
	d.	TAC
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
5.Lincoln is assigning permissions to users and groups for a new application that he is deploying. As he’s doing this, which of the following principles should he make sure he follows?
	a.	Minimal overhead
	b.	Least privilege
	c.	Minimum access
	d.	Least permissions
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
6.Rose is implementing digital certificates for all of the users in her organization. Which of the following certificate types should she use?
	a.	SSL
	b.	TLS
	c.	PKI
	d.	CA
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
7.Fictional Corp is trying out a new experimental technology that analyzes how users type as part of a multifactor authentication implementation. Which of the following categories of authentication factors would this fall into?
	a.	Something you know
	b.	Something you are
	c.	Something you do
	d.	Something you have
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
8.Mark manages a custom application that resides on a cloud service provider that relies on users to authenticate by means of entering a username and password. Which of the following factors of authentication does this application use?
	a.	Something you have
	b.	Something you are
	c.	Something you know
	d.	Something you do
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
9.Allen is visiting one of his client’s data centers and, after signing in, is escorted through the premises the entire time. He notices that, in order to gain access to the data center, the employee had to swipe a proximity badge, key in a 6 digit code, and place his finger on a scanner. Which of the following describes the type of security that he just witnessed?
	a.	MFA
	b.	SFA
	c.	MTD
	d.	SLA
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
10.Fictional Corp has assigned each user within their Active Directory implementation a username. This username is a form of:
	a.	accounting
	b.	authentication
	c.	authorization
	d.	identity
A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
11.Fictional Corp has a variety of applications deployed across multiple cloud service providers. Claude has been tasked with making sure that users aren’t required to have separate accounts for each application. Which of the following should he look at using to meet that goal?
	a.	DRP
	b.	SSO
	c.	DNS
	d.	DHCP
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
12.Sean has implemented an automatic account locking policy that will lock a user account after 5 invalid attempts. Which of the following types of attacks will this help thwart?
	a.	Smurf attack
	b.	Brute force
	c.	Trickle down
	d.	Passwrong
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
13.Darius manages a directory of users for one of the domains within his organization. Which of the following describes the protocol in use for querying the directory?
	a.	DNS
	b.	QWERTY
	c.	LDAP
	d.	SDP
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
14.Judy’s company is implementing a new authentication technology that requires assigning certificates to users and issuing smart cards. Which of the following does she need to install and configure to manage the certificates?
	a.	RA
	b.	CRT
	c.	CA
	d.	CRL
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

15.Martin is running an analysis on the logs from one of the web servers that resides on the company’s private cloud. He finds that some users are accessing a site they shouldn’t be able to, as the firewall should have rules to prevent them from accessing the server. Which of the following might be how they were able to access the site?
a. The firewall wasn’t working.
b. The users found a way to bypass the firewall.
c. The rules on the firewall were listed in an incorrect order.
d. The firewall hadn’t been patched since the latest update was released.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
16.Sarah has deployed a private cloud infrastructure that requires users to insert a smart card into their computer or into a card reader in order to authenticate them to use the applications. The smart card is associated with a certificate for each user, which is verified against a certificate authority. Which of the following has she deployed?
	a.	PCI DSS
	b.	PII
	c.	PKI
	d.	PSK
17
Q 
17.Piper is auditing the accounts on the cloud platform her company uses. She sees a master user that retains complete access and action permissions no matter what permissions are also given to the other users. Which of the following is the username for that account?
	a.	Top
	b.	Master
	c.	Root
	d.	Owner
18
Q

18.Owen has been tasked with having multifactor authentication installed for entrances into the company’s data center. Which of the following would meet that requirement?
a. Smart card and key fob
b. Retinal scan and handprint geometry scanner
c. Proximity badge reader and fingerprint scanner
d. Facial recognition and handprint geometry scanner

19
Q 
19.Owen has just installed Linux as a virtual machine on the company’s cloud service provider. He has configured the server to define a set of users to determine who has access to individual files and folders. Which of the following terms can describe the set of users?
	a.	ACL
	b.	XML
	c.	AAA
	d.	API
20
Q 
20.Cherise has been tasked with increasing the security for the company’s data center. Currently there is a proximity badge reader on the door. She is considering adding an iris camera to the door. Once it is in place, which of the following factors will be used for authentication into the data center? (Choose all that apply.)
	a.	Something that you do
	b.	Something that you know
	c.	Something that you are
	d.	Something that you have
21
Q 
21.Otis wants to give a mobile app short-term access to a resource without having to store long-term user credentials (such as access keys) in the app. Which of the following describes the method he can use to do that?
	a.	Permissions
	b.	Groups
	c.	Policies
	d.	Roles
22
Q

22.Caroline is trying to access one of her company’s custom cloud-based web applications. She sees a bright red screen advising that there is a security problem with the site and that she should not trust the contents of it. Which of the following most likely occurred that an administrator should probably check first?
a. The site’s digital certificate has expired.
b. The site has been hacked.
c. The certificate authority has revoked the certificate due to suspected fraud.
d. A disgruntled employee has taken the site down.

23
Q 
23.Andrew manages a variety of applications spread out between multiple cloud providers. Users can sign into any of the cloud applications with the same username and password. Which of the following has been implemented?
	a.	ITIL
	b.	OSPF
	c.	PKI
	d.	Federation
24
Q

24.Sebastian is trying to access a resource that has been labeled as top secret, but he only has secret clearance. Which of the following access control methods does his organization use?
a. Role-based access control
b. Mandatory access control
c. Discretionary access control
d. Classification-based access control

25
``` 25. Kevin is implementing SSO functionality for his organization. Which of the following authentication standards could he use to implement it?   a.  SAML   b.  SIEM   c.  SHA   d.  PSK ```
A
26
``` 26. Cody suspects that his company has been the subject of an attack after reports from multiple users that they are missing files. He examines the logs and sees where it appears that the user logged in successfully for each of the users in question and that the strong encryption protocol was enforced and used each time. Which of the following may have occurred?   a.  Packet sniffing   b.  Dictionary attack   c.  Brute force   d.  Social engineering ```
D
27
``` 27. Fictional Corp uses a cloud service provider that provides a framework of techniques and tools for managing the identities of people and applications that allow for access to cloud resources. Which of the following describe this framework?   a.  MAC   b.  IAM   c.  DRM   d.  IRM ```
B
28
``` 28. Steven has been tasked with planning the move from an infrastructure where administrators and users add permissions to resources individually to one where users are assigned to groups based upon the department they work in and what they do in the department and then assigning the groups to the resources. Which of the following has he been tasked with planning?   a.  DAC   b.  RBAC   c.  MAC   d.  JAC ```
B
29
``` 29. Alex is the network administrator for a Windows Server network. Which of the following is most likely in use to manage the users and other resources on that network?   a.  ADP   b.  API   c.  ARP   d.  AD ```
D
30
``` 30. Stan is walking past a row of cubicles when he notices someone’s password written down on a sticky note that is attached to a monitor. The password is passwordpassword3. Besides the obvious problem of being the word password repeated followed by a single number, which of the following policies isn’t in place that should be?   a.  Expiration   b.  Length   c.  Re-use   d.  Complexity ```
D
31
31. Emily is analyzing the logs for one of the servers in her organization. She sees three failed attempts to log in with an incorrect password. She then sees continued attempts to log in with a different error message. Which of the following could be the reason the error message changed?   a.  The server was compromised after the third failed password attempt.   b.  The server’s time was changed so the authentication attempts failed because of a different reason.   c.  The account is now locked after 3 failed attempts, so the error message has most likely changed from a failed password to one reflecting a locked account.   d.  The server configuration has changed.
C
32
``` 32. Blake has been examining the logs on one of the servers that he is responsible for that is hosted on a cloud service provider. He finds an instance where one of the employees has managed to give himself unauthorized administrative access on the server. Which of the following has occurred?   a.  Internal role change   b.  Federation   c.  Privilege escalation   d.  SSO ```
C
33
``` 33. Nedra is assigning permissions to groups of users on the network for a new cloud-based application that she has just installed. Which of the following do her actions specifically enable?   a.  Identification   b.  Federation   c.  Authorization   d.  Authentication ```
C
34
``` 34. Tia has run a report on one of the Linux servers she manages and sees that one of the users has not changed their password in over two years. Which of the following parameters should she configure on the server?   a.  Complexity   b.  Length   c.  Expiration   d.  History ```
C
35
35. Bianca manages the e-mail server for Fictional Corp. All of the employees’ e-mails are encrypted using the user’s keys. One of the user’s certificates expires, so a new certificate is installed. However, now they can no longer access their archived e-mails. Which of the following does Bianca need to do to give this user access to their archived e-mails?   a.  Uninstall the new certificate and reinstall the old one.   b.  Delete the archived e-mails.   c.  Transfer the old certificate keys to the new certificate.   d.  Import the keys for the old certificate so the e-mails can be decrypted and then re-encrypt them using the new certificate.
D
36
``` 36. James works for a company where administrators and users add individual granular permissions to various resources. Which of the following describes the access control methods used by this company?   a.  DAC   b.  RBAC   c.  MAC   d.  GAC ```
A
37
``` 37. Kira needs to implement multifactor authentication for one of the new cloud applications. She needs to include something that you have and something that you know. Which of the following would meet those requirements? (Choose two.)    a.  Fingerprint scanner   b.  Smart card reader   c.  Password   d.  Facial recognition ```
B,C

Cloud+ (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions