Domain 2 Flashcards
A systems administrator is developing the organization’s standard naming conventions. When considering naming user accounts, why is it important for the administrator to avoid using nicknames or common words?
Nicknames and common words anonymize users
Nicknames and common words anonymize users and should not be used in standard naming conventions. Usernames should identify a person by some combination of first and last name and/or initials.
The primary reason nicknames are not allowed is because they do not properly identify the user and make the user’s actions more anonymous and less auditable.
A company would like to implement a cloud model that provides a preconfigured service, availability, and on-demand computing. The company plans to maintain security and configuration of the system. Which is the most appropriate solution for the company?
PaaS
Platform as a Service (PaaS) provides preconfigured environments for developing and managing environments. The service provides on-demand computing.
A large firm requires additional cloud services during busy sales periods. These services include servers, storage, and databases to build a platform upon. Which service type is the most appropriate solution for the company?
PaaS
Platform as a Service (PaaS) provides preconfigured environments for developing and managing environments. The service provides on-demand computing.
A capability delivery team (CDT) reduces software development risk and cost while increasing the speed of delivery to the customer with updated software. What is the CDT providing the customer?
Continuous deployment
Continuous deployment is the process of delivery of software to a production environment using automation, which reduces the software development lifecycle.
Wrong:
Continuous delivery is an agile software engineering approach that allows for the building, testing, and releasing of software with greater speed and frequency. This provides the customer a continuous product.
Continuous integration is the process of merging code changes into a central repository where the software is then built and tested on a continuous basis in development.
An application requires additional RAM to be added at the end of the month due to increased user load for inventory processing. As demand decreases, the application removes the storage resources to revert back to its original operating size. Which cloud characteristic is this?
Scalability
A system administrator identified an issue in the cloud infrastructure where storage continues to fill, and system latency occurs. Which is the best solution to stop the drive space from reaching capacity and causing failure?
Automated scripting
The use of automated scripting can help keep systems in a secure state. An automated script can continuously check configurations of a system and react accordingly to keep systems secure and available.
What development practice requires developers to incorporate code into a collective repository, where they compile and test the code every time they check code into the environment?
Continuous Integration
Continuous integration allows for the merging of code changes into a central repository. The code is built and tested each time it is checked into the environment, providing a more efficient method to code production.
A development team considers software quality and cybersecurity analysis both early and throughout the software lifecycle. It enables building, testing, and releasing of software faster and more frequently. Which of the following objectives does this most likely provide the customer?
Continuous Delivery
Continuous delivery is an agile software engineering approach that allows for the building, testing, and releasing of software with greater speed and frequency, providing the customer a continuous product.
Which input validation method in a client-server architecture can improve application performance by catching deformed input on the front-end and is not used as the only form of security?
Client side
Client side input validation verifies data is valid upon entry to the system. Proper input validation uses a set of rules to validate entries in fields for proper use. In the event an entry is invalid, the application will reject the entry.
When considering installing a biometric recognition system in a company facility, which of the following considerations is least relevant to managing traffic control?
False negative rate or false rejection rate (FRR)
False rejection rate is the least relevant figure because it only causes inconvenience to users, who should have access and are rejected in error.
Analyze and apply the strengths and weaknesses of location-based authentication to conclude which is the most ideal deployment for employee remote access anywhere in a country.
Activating location-based technology to operate a Virtual Private Network (VPN) gateway to restrict access to users from foreign countries
Using location-based technology as an access control feature, like a VPN gateway, is an ideal implementation. Location-based technologies should not be used for primary authentication but can be used for continuous authentication measures and as access control features.
