CND 100-200 Flashcards
Fargo, head of network defense at Globadyne Tech, has discovered an undesirable process in several Linux systems, which causes machines to hang every 1 hour. Fargo would like to eliminate it; what command should he execute?
A. # update-rc.d -f [service name] remove
B. # service [service name] stop
C. # ps ax | grep [Target Process]
D. # kill -9 [PID]
D
Which of the following refers to the data that is stored or processed by RAM, CPUs, or databases?
A. Data in Backup
B. Data at Rest
C. Data in Transit
D. Data is Use
B
Which of the following data security technology can ensure information protection by obscuring specific areas of information?
A. Data retention
B. Data encryption
C. Data hashing
D. Data masking
D
Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden’s organization.
A. Hybrid virtualization
B. Hardware-assisted virtualization
C. Full virtualization
D. Para virtualization
B
Albert works as a Windows system administrator at an MNC. He uses PowerShell logging to identify any suspicious scripting activity across the network. He wants to record pipeline execution details as PowerShell executes, including variable initialization and command invocations. Which PowerShell logging component records pipeline execution details as PowerShell executes?
A. Module logging
B. Script block logging
C. Event logging
D. Transcript logging
A
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so?
A. Get-WindowsOptionalFeatures -Online -FeatureNames SMB1Protocol
B. Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
C. Get-WindowsOptionalFeature -Online -FeatureNames SMB1Protocol
D. Get-WindowsOptionalFeatures -Online -FeatureName SMB1Protocol
B
How can one identify the baseline for normal traffic?
A. When the SYN flag appears at the beginning and the FIN flag appears at the end of the connection
B. When the RST flag appears at the beginning and the ACK flag appears at the end of the connection
C. When the ACK flag appears at the beginning and the RST flag appears at the end of the connection
D. When the FIN flag appears at the beginning and the SYN flag appears at the end of the connection
A
How is an “attack” represented?
A. Motive (goal) + method
B. Motive (goal) + method + vulnerability
C. Asset + Threat + Vulnerability
D. Asset + Threat
A
Kelly is taking backups of the organization’s data. Currently, she is taking backups of only those files that are created or modified after the last backup. What type of backup is Kelly using?
A. Full backup
B. Incremental backup
C. Normal backup
D. Differential backup
B
dentify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.
A. Fabric virtualization
B. Storage device virtualization
C. Server virtualization
D. File system virtualization
B
Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?
A. Behavior-based IDS
B. Anomaly-based IDS
C. Signature-based IDS
D. Stateful protocol analysis
C
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for disabling a service?
A. $ sudo system-ctl disable [service]
B. $ sudo systemctl disable [service]
C. $ sudo system.ctl disable [service]
D. $ sudo system ctl disable [service]
B
Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?
A. Integrity
B. Non-repudiation
C. Confidentiality
D. Authentication
B
Which of the following refers to a potential occurrence of an undesired event that can eventually damage and interrupt the operational and functional activities of an organization?
A. Attack
B. Risk
C. Threat
D. Vulnerability
C
Damian is the chief security officer of Enigma Electronics. To block intruders and prevent any environmental accidents, he needs to set a two-factor authenticated keypad lock at the entrance, rig a fire suppression system, and link any video cameras at various corridors to view the feeds in the surveillance room. What layer of network defense-in-depth strategy is he trying to follow?
A. Physical
B. Perimeter
C. Policies and procedures
D. Host
A
Which of the following statement holds true in terms of containers?
A. Container requires more memory space
B. Each container runs in its own OS
C. Container is fully isolated; hence, more secure
D. Process-level isolation happens; a container in hence less secure
C
Byron, a new network administrator at FBI, would like to ensure that Windows PCs there are up-to-date and have less internal security flaws. What can he do?
A. Centrally assign Windows PC group policies
B. Dedicate a partition on HDD and format the disk using NTFS
C. Download and install latest patches and enable Windows Automatic Updates
D. Install antivirus software and turn off unnecessary services
D
hich subdirectory in /var/log directory stores information related to Apache web server?
A. /var/log/maillog/
B. /var/log/httpd/
C. /var/log/apachelog/
D. /var/log/lighttpd/
B
Which of the following entities is responsible for cloud security?
A. Cloud consumer
B. Cloud provider
C. Both cloud consumer and provider
D. Cloud broker
C
The _________ mechanism works on the basis of a client-server model.
A. Push-based
B. Host-based
C. Pull-based
D. Network-based
C
Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?
A. Response
B. Recovery
C. Resumption
D. Restoration
B
Peter works as a network administrator at an IT company. He wants to avoid exploitation of the cloud, particularly Azure services. Which of the following is a group of PowerShell scripts designed to help the network administrator understand how attacks happen and help them protect the cloud?
A. POSH-Sysmon
B. MicroBurst
C. SecurityPolicyDsc
D. Sysmon
B
Syslog and SNMP are the two main _______ protocols through which log records are transferred.
A. Pull-based
B. Push-based
C. Host-based
D. Network-based
B
Which of the following is NOT an AWS Shared Responsibility Model devised by AWS?
A. Shared Responsibility Model for Container Services
B. Shared Responsibility Model for Infrastructure Services
C. Shared Responsibility Model for Abstract Services
D. Shared Responsibility Model for Storage Services
D
Docker provides Platform-as-a-Service (PaaS) through ________ and delivers containerized software packages.
A. Server-level virtualization
B. Network-level virtualization
C. OS-level virtualization
D. Storage-level virtualization
C
Mark is monitoring the network traffic on his organization’s network. He wants to detect TCP and UDP ping sweeps on his network. Which type of filter will be used to detect this?
A. tcp.dstport==7 and udp.srcport==7
B. tcp.srcport==7 and udp.dstport==7
C. tcp.dstport==7 and udp.dstport==7
D. tcp.srcport==7 and udp.srcport==7
C
John has implemented _________ in the network to restrict the number of public IP addresses in his organization and to enhance the firewall filtering technique.
A. VPN
B. Proxies
C. DMZ
D. NAT
D
Which of the following creates passwords for individual administrator accounts and stores them in Windows AD?
A. LSASS
B. SRM
C. SAM
D. LAPS
D