CompTIA Security+ Certification SYO-701 Exam Questions 2 Flashcards

1
Q

A recent security audit found that your VPN allows split tunneling. The auditors preferred to require full tunneling on the VPN. What security risk are the auditors attempting to mitigate?

The user’s corporate Active Directory (AD) credentials can leak out of the split tunnel and be exposed to the Internet.

Attacks that come from the public network could be routed through the endpoint and potentially bypass network perimeter controls of the organization.

The VPN will bypass all network intrusion detection and prevention technologies as the host is on a trusted network segment.

Split-tunnel VPNs can avoid external email filtering by sending emails through directly to the main corporate email server.

A

** “Attacks that come from the public network…” is correct.**

A split-tunnel VPN can potentially allow an attack from the untrusted Internet to attack the endpoint and then potentially allow that compromise into the organization from an unexpected network location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

After recent phishing attacks through email, you decide to implement a solution internally where employees can be assured of the authenticity of messages from other employees. Which email feature should you implement?

Encryption

URL scanning

Digital signatures

Spam filtering

A

** “Digital signatures” is correct. **

Digital signatures are created with the sender’s private key. Recipients verify the signature validity with the sender’s related public key. Digital signatures assure the recipient that the message has not been tampered with and comes from who it says it came from.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which term is defined as a weakness that can be exploited by a threat?

Vulnerability

Threat

Internal

Impact

A

** “Vulnerability” is correct.**

Vulnerability is a weakness that can be exploited by a threat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following are two characteristics of strong passwords? (Select two choices)

Encryption strength

Password length

Authentication methods

Use of additional character space

A

** “Password length” ** and ** “Use of additional character space” ** are correct.

The password length and the use of additional character space are two important characteristics of password strength and complexity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is the name given to the process of assigning permissions or authorities to objects?

Quality assurance

Integrity measurement

Staging

Provisioning

A

** “Provisioning” is correct. **

This is a description of the provisioning process. Users can be provisioned into groups, and computer processes or threads can be provisioned to higher levels of authority when executing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the name of an enclosure of conductive material that is grounded with no significant gap in the enclosure material, the purpose of which is to help shield EMI, especially in high radio frequency environments?

Faraday cage

Demilitarized zone enclosure

Vault

Air gap box

A

** “Faraday cage” is correct. **

This is a description of a Faraday cage. It can encompass an entire room or be the size of a specific item, such as a smaller cage that encases just a single smartphone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which phase of the incident response process involves restoring normal business operations?

Containment

Recovery

Eradication

Identification

A

** “Recovery” is correct. **

Recovery is the process of returning assets to their business function and restoring normal operations.

“Identification” is incorrect. Identification is when the team recognizes the incident and notifies the incident response team.

“Containment” is incorrect. Containment involves the actions taken to constrain the incident.

“Eradication” is incorrect. Eradication involves removing the problem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the name given to parts of an organization that perform their own IT functions?

Clandestine IT

Mirror IT

Secondary IT

Shadow IT

A

** “Shadow IT” is correct. **

Shadow IT is the name given to the parts of an organization that perform their IT functions. These groups rise out of a desire to “get things done” when central IT does not respond in what the unit considers to be a reasonable timeframe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You have fallen victim to a social media phishing scam. After receiving an email notification of a video of you from the past, you clicked the link, which played a generic stock video, and you realized it was a scam. What is the first thing you should do?

Run a full malware scan on your device.

Delete the email message.

Notify your company’s IT security officer.

Disconnect your device from the network.

A

** “Disconnect your device from the network” is correct. **

Clicking malicious links and executing programs or media files can infect a device. While many actions should take place to contain the potential malware, the easiest and first thing that should be done is to disconnect the device from all networks. All users should receive security awareness training that emphasizes this type of immediate response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

All of the following are characteristics of the RADIUS authentication protocol, except:

RADIUS encrypts user passwords during the authentication process.

RADIUS uses UDP port 1812.

RADIUS accepts earlier forms of authentication protocols, such as PAP.

RADIUS uses TCP port 1812.

A

** “RADIUS uses TCP port 1812” is correct. **

RADIUS does not use TCP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following details the specific access levels that individuals or entities may have when interacting with objects?

Access control list

Metadata table

Rule-based access control

Access approval list

A

** “Access control list” is correct. **

An access control list (ACL) is a physical or logical list that details specific access levels individuals or entities may have when interacting with objects. An ACL is also used on network devices to determine how traffic from various users can enter and exit a network device and access internal hosts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following terms indicates the amount of time it takes for a hardware component to recover from failure?

Mean time to failure

Mean time to replace

Mean time to recovery (MTTR)

Mean time between failures (MTBF)

A

** “Mean time to recovery” is correct. **

Mean time to recovery (MTTR) is the amount of time it takes for a hardware component to recover from failure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

All of the following are supporting elements of authorization, except:

Credential validation

Principle of least privilege

Separation of duties

Rights, permissions, and privileges

A

** “Credential validation” is correct. **

Validating credentials is an important aspect of authentication, not authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following types of attacks can be prevented by using TLS 1.3?

Pass the hash

Driver manipulation

SSL stripping

DLL injection

A

** “SSL stripping” is correct. **

Secure Sockets Layer (SSL) stripping is an on-path (man-in-the-middle) attack against all SSL and early versions of TLS connections (TLS 1.0 and 1.1). The attack works by intercepting the initial connection request for HTTPS, redirecting it to an HTTP site, and meditating in the middle. TLS 1.3 has specific protections built into it to defeat SSL stripping and other man-in-the-middle attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the initialization vector (IV) used for in a wireless communications protocol?

To ensure no other radios are operating on the same spectrum

As the starting port number for a network connection

To communicate the exact key length of the protocol

As the randomization element at the beginning of a

A

** “As the randomization element at the beginning of a connection” is correct. **

The initialization vector (IV) is used in wireless systems as the randomization element at the beginning of a connection. A good IV will help prevent attackers from decrypting the wireless traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The process of verifying an identity previously established in a computer system is known as which of the following?

Auditability

Authorization

Accountability

Authentication

A

** “Authentication” is correct. **

This is a description of authentication. This is frequently confused with authorization, which describes what a user can do on the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following is not a recognized attack vector?

Firewalls

Email

Supply chain

Direct access

A

** “Firewalls” is correct. **

Firewalls are defensive systems meant to protect an organization and are not an attack vector (or method)

“Direct access” is incorrect. Direct access refers to direct access to a target system. It is one of the most effective attack vectors, as there’s usually no barrier between the attacker and the targeted system.

“Email” is incorrect. Email is an attack vector often used in social engineering attacks such as phishing.

“Supply chain” is incorrect. A supply chain is an attack vector where the attacker attempts to compromise a component used in the system before the final product is assembled (for example, infecting hard drives before they are placed into servers by the manufacturer).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Your company hosts public web servers that allow connections directly to TCP port 80 over HTTP and are configured with public IPv4 addresses. You need to enable connections to company HTTP servers using HTTPS while hiding the true identities of the servers. Which security solutions should you implement? (Select two choices)

PKI certificate

Reverse proxy server

Source network address translation

VPN

A

** “PKI certificate”** and ** “Reverse proxy server”** are correct. Transport layer security (TLS) uses a public key infrastructure (PKI) certificate to secure network communications, such as an HTTPS web server over TCP port 443 by default.

Reverse proxy servers accept client requests for network services and route those to backend servers hidden behind the proxy; the true identities of backend servers are never

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following statements about open permissions are true? (Select two choices)

The risk associated with open permissions is context-dependent.

A file with open permissions might be accessible to anyone, including guest accounts.

Only files can have open permissions.

Files with open permissions are always of little value.

A

** “A file with open permissions might be accessible to anyone, including guest accounts”** and ** “The risk associated with open permissions is context dependent” ** are correct. A file with open permissions is equivalent to a file with no access control protections, meaning it may be accessible by anyone with access to the system, including unauthorized, anonymous, and guest accounts. The risk associated with open permissions is context-dependent depend on the file or directory with the open permissions. A directory of memes with open permissions is low risk. A file containing accounts and passwords with open permissions is high risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Custom-built software running on an internal Windows server communicates over TCP port 4489.
You need to configure a firewall solution to allow traffic destined for port 4489 from the IP address range assigned to the sales team subnet.
Which type of firewall should you configure while minimizing administrative effort and cost?

SD-WAN

Layer 4 firewall

Content-filtering firewall

VPN

A

** “Layer 4 firewall” is correct.**

Layer 4 of the OSI model (the transport layer) applies to transport protocols such as TCP and UDP as well as port numbers used by network services. A layer 4 firewall implies the ability to also read packet headers at lower levels of the OSl model, including layer 3 (the network layer), which applies to IP addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Senarios 1

IT Admin: That last attack did some real damage! We need to add systems that identify malicious activity on our network immediately.

A

**
Security Control Remediation Needed:
Technical

Functional Type Remediation Needed:
Detective

Control Remediation Needed:
Set up Firewall
**

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Senario2

CEO: Our employees are visiting bad, unsecure websites way too often, but have we even stated that they shouldn’t be doing this yet?

A

**
Security Control Remediation Needed:
Operational

Functional Type Remediation Needed:
Directive

Control Remediation Needed:
Update Policy
**

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Senario3

CIO: It appears that anyone could possibly walk into the server room. We need to evaluate and ensure only authorized people can enter.

A

**
Security Control Remediation Needed:
Physical

Functional Type Remediation Needed:
Preventive

Control Remediation Needed:
Install Keycard
**

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A large multimedia company is experiencing a distributed denial of service (DDoS) attack that has led the company’s platform to become unresponsive.
Customers are submitting tickets complaining that they can no longer access the platform and cannot complete their work. What BEST describes what the company is going through?

A. Service disruption
B. Data exfiltration
C. Disinformation
D. Insider threat

A

** Correct Answer: A. Service disruption **

Service disruption prevents an organization from working as it usually does. This disruption could involve an attack on its website, such as a denial of service attack or using malware to block access to servers and employee workstations.

Data exfiltration refers to the attack where an actor transfers a copy of some valuable information from a computer or network without authorization.

Disinformation refers to falsifying a trusted resource, such as changing a website’s content, manipulating search engines to inject fake sites, or using bots to post false information on social media sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A large multimedia company is in the process of creating a new marketing campaign for a soon-to-be-released movie. However, before releasing the campaign, the company noticed an increase in fake accounts mimicking it online with a similar-looking campaign. What could the company do to mitigate this issue?

A. Check for typosquatting

B. Check for brand impersonation

C. Check for coercion

D. Check for consensus technique

A

** Correct Answer: B. Check for brand impersonation **

Brand impersonation occurs when the threat actor commits resources to accurately duplicating a company’s logos and formatting to make a phishing message or pharming website visually compelling.

Typosquatting means that the threat actor registers a domain name very similar to a real one, hoping that users will not notice the difference and assume they are browsing a trusted site.

Coercion or the use of urgency refers to the intimidation of the target with a bogus appeal to authority or penalty, such as getting fired or not acting quickly enough to prevent some dire outcome.

26
Q

A security engineer discovered that an active employee copied sensitive information from the company’s shared drive and sold it online. What kind of actor describes this employee?

A. Insider threat

B. Nation-state

C. Hacktivist

D. Advanced persistent threat

A

** Correct Answer: D. Advanced Persistent Threat **

Cybercrime is the overarching term for the organized criminal activity occurring online.

An insider threat is someone within the company who intentionally or unintentionally increases risk or takes company data outside the organization’s security controls.

Hacktivists might attempt to use data exfiltrationito obtain and release confidential information to the public domain, perform service disruption attacks, or deface websites to spread disinformation.

Service disruption prevents an organization from working as it usually does. This disruption could involve an attack on its website or using malware to block access to servers and employee workstations.

27
Q

An accountant received a phone call from an individual requesting information for an ongoing project. The call came from an unrecognized number, but the individual seemed believable and persuasive. Before giving the information over, what should the accountant protect against?

A. Social engineering

B. Coercion

C. Typosquatting

D. Brand impersonation

A

** Correct Answer: A. Social Engineering **

Social engineering refers to eliciting information from users or getting them to perform some action for the threat actor.

28
Q

The governmental organization in charge of managing the personnel records of the country’s military service members reported that another country had accessed its database. Who BEST describes the adversary that breached the personnel records database?

A. Insider threat

B. Hacktivist

C. Nation-state

D. Advanced persistent threat

A

** Correct Answer: C. Nation State **

Nation-state actors are the root cause of many attacks, particularly on energy, health, and electoral systems. The goals of state actors are primarily disinformation and espionage for strategic advantage.

An insider threat is someone within the company who intentionally or unintentionally increases risk or takes company data outside the organization’s
security controls.

29
Q

A managed service provider (MSP) company decided to delay the implementation of new antivirus software for its clients after discovering that the vendor could not patch its software automatically. Why might a company NOT want software that is unable to update automatically?

A. It can save the company money.

B. It may not fix newly found vulnerabilities on time.

C. It will require less effort not to purchase software.

D. It will require less effort to update software.

A

** Correct Answer: B **

The ability to automatically update is crucial in the cybersecurity landscape, where new threats emerge rapidly. Antivirus software that cannot update automatically may fail to address these new threats quickly, leaving clients’ systems exposed to emerging security risks.

While not purchasing software does save money, it is not necessarily the main concern for a third-party managed service provider. Instead, a managed service provider would focus on ensuring security while minimizing effort.

Less effort will occur when a company does not purchase the software. However, automation is the better solution to decrease efforts for a managed service provider.

More effort will occur, as the managed service provider will now need to find another comparable solution that fits its needs of automatic updating. However, this is not the ideal solution.

30
Q

An employee reported seeing an individual outside the office drop a few thumb drives. The employee grabbed those devices and brought them to the information technology (IT) department. After conducting forensics on the devices using air-gapped machines, the IT team determined that the individual was trying to trick employees into plugging the devices into their computers to steal information. What was the malicious actor attempting on an unsuspecting employee?

A. The actor used an email lure.

B. The actor tried to improve the company’s security posture.

C. The actor used a physical lure.

D. The actor was not being malicious.

A

** Correct Answer: C. The actor used a physical lure **

A physical lure can occur when an attacker leaves something, such as a removal flash drive, in an area in which a targeted person would use the device in the environment.

31
Q

Your office does not deal in classified or even sensitive data. You are concerned, however, with the loss of equipment, as you have had a few external drives and tablets stolen in the last 12 months. Which of the following would be most appropriate for your environment, considering that you want a low-cost solution?

Vault

Safe

Faraday cage

Locking/secure cabinet

A

** “Locking/secure cabinet” is correct. **

Sometimes, a safe is overkill, providing a higher level of security than is needed. A simpler solution is secure cabinets and enclosures.

32
Q

In which phase of the incident response process is the incident response team first notified?

Containment

Identification

Preparation

Prevention

A

** “Identification” is correct. **

Identification is when the team recognizes the incident and notifies the incident response team.

33
Q

What process is used to review and validate continuity of operations planning?

After-action reports

Failover

Exercises/tabletop

Alternate processing sites

A

** “Exercises/tabletop” is correct. **

Once a continuity of operations plan (COOP) is in place, a tabletop exercise should be performed to ensure all elements are covered.

34
Q

Which of the following policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?

Password history

Minimum password age

Maximum password age

Password complexity

A

** “Minimum password age” is correct. **

The minimum password age setting is used to force users to use a password for a minimum amount of time before they are allowed to change it. This prevents them from rapidly cycling through the password history to reuse an older password.

35
Q

Your organization utilizes two different people to perform tasks that are necessary for entry into your building. Person 1 checks IDs, enters data in a log and can issue a visitor badge.
Person 2 controls the door access, so a failure by either person does not expose your organization.
Which of the following is this an example of?

Required badging

Access control vestibule

Guards

Two-person integrity/control

A

** “Two-person integrity/control” is correct. **

Having two people required to perform a task provides a means of checks and balances.

36
Q

Which tool would you use to identify TCP connections?

cipher

Python

netstat

ping

A

** “netstat” is correct. netstat is used to display TCP network connections. **

“Python” is incorrect. Python is a programming language.

“ping” is incorrect. ping is used to test the reachability of a host.

“cipher” is incorrect. cipher is used to wipe free space.

37
Q

If your organization is highly sensitive to sharing resources, you might consider using which of the following cloud models?

Hybrid

Public

Private

Community

A

** “Private” is correct. **

Private clouds are essentially reserved resources used only for your organization; thus no sharing will occur.

38
Q

What type of attack places a layer of code between a driver and the operating system?

Replay attack

Pass the hash

Refactoring

Shimming

A

** “Shimming” is correct. Shimming is a process of putting a layer of code between the driver and the OS. **

39
Q

Which phase of the incident response process involves assigning actions to correct weaknesses and ways to improve?

Recovery

Eradication

Prevention

Lessons Learned

A

** “Lessons Learned” is correct. **

During the Lessons Learned phase, actions to correct weaknesses are assigned, and ways to improve are suggested.

40
Q

In discussions of threat hunting, what does the acronym IOA mean?

Indicators of attack

Indicators of access

Indicators of availability

Indicators of artifacts

A

** “Indicators of attack” is correct. **

In threat hunting, IOA is an acronym for indicators of attack, which is a series of actions an attacker must accomplish to perform an attack (such as creating an account, connecting to a command server, and exfiltrating data).

In cybersecurity, an Indicator of Attack (IOA) is a sign that a cyberattack is in progress or about to happen. IOAs are proactive and can help detect and stop attacks early.

41
Q

Which of the following is not an element of mobile device management?

Geolocation

Application management

Remote wipe

SATCOM

A

** “SATCOM” is correct. **

Managing satellite communications is not an element of mobile device management.

42
Q

Which of the following is information that can lead to specifically identifying a person?

PCI

NPP

PII

PED

A

** “PIl” is correct. **

Personally identifiable information (PIl) is information that can lead to specifically identifying a person.

43
Q

You are compiling a list of cybersecurity incidents that occurred in the organization over the last year. The list will be published on an internal company website as a company newsletter for all employees to read. Under which category should you provide details related to phishing scam incidents?

Ransomware

Injection attacks

Buffer overflows

Social engineering

A

** “Social engineering” is correct. **

Phishing campaigns are a form of social engineering, which uses deceptive techniques to trick victims into divulging sensitive information or clicking links or file attachments that infect devices.

44
Q

Which tool would you use to list a file’s contents to a pipe?

rmdir

grep

mv

cat

A

** “cat” is correct. cat lists files to a pipe or output. **

“mv” is incorrect. mv transfers a file from one folder to another.

“rmdir” is incorrect. mdir removes directories.

“grep” is incorrect. grep is used for searching plaintext files.

45
Q

Which of the following mitigation techniques are the most effective in preventing and minimizing the impact of ransomware data encryption incidents? (Select two choices)

Identify network hosts that are not compliant with security baselines.

Store frequent backups offline.

Do a periodic review of layer 4 network perimeter firewall rules.

Do periodic updates of user training and awareness materials.

A

** “Store frequent backups offline” and “Do periodic updates of user training and awareness materials”** are correct.

Storing frequent backups offline means reimaging devices and restoring data from recent backups to get systems up, and running with current data as quickly as possible.

Storing backups offline also prevents ransomware from encrypting backed-up data. User awareness of scams and how malware can result in data loss can prevent ransomware attacks from occurring.

46
Q

If you condensed the penetration process down into four phases, what might those phases be?

Planning, Discovery, Attack, Reporting

Planning, Discovery, Reporting, Briefing

Discovery, Attack, Reporting, Briefing

Planning, Discovery, Attack, Monitoring

A

** “Planning, Discovery, Attack, Reporting” is correct. **

If you condensed the penetration testing process down into four phases, they would be Planning, Discovery, Attack, and Reporting.

47
Q

The technique of creating a mirror version of a database on which data modification techniques such as character shuffling, encryption, and word or character substitution are applied to change the data is known as which of the following?

Data masking

Encryption

Tokenization

Honeypot

A

** “Data masking” is correct. **

Data masking is used to make reverse engineering and detection impossible.

“Encryption” is incorrect. Encryption is the use of sophisticated mathematical techniques to prevent unauthorized reading of data by obscuring it. An encrypted piece of data will generally look like a bunch or random characters.

“Tokenization” is incorrect. Tokenization is the use of a random value to take the place of a data element that has traceable meaning.

“Honeypot” is incorrect. While data masking may be used in creating fake data for a honeypot, the two are not the same.

48
Q

Which of the following are true statements about the dark web and deep web? (Select all that apply)

The dark web uses obfuscation methods to restrict access.

The deep web requires special software, such as Tor, to restrict access.

The deep web is not indexed by search engines and is usually restricted using logins.

The dark web is only used in legal activities to avoid government surveillance.

A

** “The dark web uses obfuscation methods to restrict access” and “The deep web is not indexed by search engines and is usually restricted using logins” are correct. **
The dark web uses obfuscation methods to restrict access. Dark web sites require Tor (free, open source software that enables anonymous communication). Because the dark web exists only in the realm of onion routing, dark web sites end with the extension onion, as opposed to .com, net, and so on. Deep web sites are not indexed by traditional search engines and require additional measures to access, such as a login.

49
Q

Which of the following statements about highly structured threats is not true?

Some countries have regulations to prevent government workers from attacking companies for reasons of economic warfare.

They only target intelligence information and military data.

They usually have significant financial backing.

They are sometimes supported by nation-states and target other countries.

A

** “They only target intelligence information and military data” is correct. **

Highly structured threats may target companies, conduct corporate espionage, and steal intellectual property. They are not solely focused on government and military targets.

50
Q

Which of the following scenarios define a fail-close situation? (Select two choices)

Electric hospital doors are not left open during a power outage in case of fire.

Firewall rules block disallowed traffic to an internal network.

Firewall logs reaching maximum configured capacity prevent firewall functionality.

Failed user authentication to a server prevents user resource access.

A

** “Firewall logs reaching maximum configured capacity prevent firewall functionality” and “Electric hospital doors are not left open during a power outage in case of fire” are correct. **

Fail-close applies when the normal functionality of a service or device is impaired and the service or device is closed automatically, such as a firewall blocking all traffic when logs are full, or when doors automatically close when power is out.

51
Q

What is the purpose of DLP?

It serves to prevent sensitive data from leaving the network without notice.

It helps in the restoration of data lost as a result of a disaster.

It describes a protocol designed to facilitate the transmission of datagrams.

It is a process used in the design of networks that helps describe linkages between components.

A

** “It serves to prevent sensitive data from leaving the network without notice” is correct. **

Data loss prevention (DLP) solutions are designed to protect data in transit/motion, at rest, or in processing from unauthorized use or exfiltration.

52
Q

Which approach to site resiliency consists of partially configured systems, usually having the peripherals and software but perhaps not the more expensive main processing computer?

Hot site

Offsite

Warm site

Cold site

A

** “Warm site” is correct. **

The goal of the “warm site” approach is to have the organization operational within a few days.

53
Q

Which of the following roles is responsible for the day-to-day caretaking of data?

Data custodian/steward

Data privacy officer

Data owner

СМО

A

** “Data custodian/steward” is correct. **

The data custodian/steward is responsible for the day-to-day caretaking of data.