Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

BYU-i CIT270 2021 > Module 10 > Flashcards

Module 10 Flashcards

1
Q

Which of the following virtualizes parts of a physical network?

  • SDN
  • SDV
  • SDX
  • SDA
A

SDN
A software-defined network (SDN) virtualizes parts of the physical network so that it can be more quickly and easily reconfigured. This is accomplished by separating the control plane from the data plane.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra’s need?

  • Public cloud
  • Group cloud
  • Community cloud
  • Hybrid cloud
A

Community cloud

A community cloud is a cloud that is open only to specific organizations that have common concerns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which type of hypervisor runs directly on the computer’s hardware?

  • Type IV
  • Type II
  • Type III
  • Type I
A

Type I
Type I hypervisors run directly on the computer’s hardware instead of the underlying operating system. Type I hypervisors are sometimes called “native” or “bare metal” hypervisors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Oliwia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose?

  • IaaS
  • PaaS
  • XaaS
  • SaaS
A

Platform as a Service (PaaS) provides a software platform on which the enterprise or users can build their own applications and then host them on the PaaS provider’s infrastructure. The software platform can be used as a development framework to build and debug the app and then deploy it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does the term “serverless” mean in cloud computing?

  • Server resources of the cloud are inconspicuous to the end user.
  • The cloud network configuration does not require any servers.
  • All appliances are virtual and do not interact with physical servers.
  • Servers are run as VMs.
A

-Server resources of the cloud are inconspicuous to the end user.
Serverless infrastructure is one in which the capacity planning, installation, setup, and management are all invisible to the user because they are handled by the cloud provider. Because the server resources of the cloud are inconspicuous to the end user, this type of infrastructure is called “serverless.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply?

  • Containers use hardware hypervisors for virtualization
  • Containers use dedicated physical storage for virtualization
  • Containers use Type I hypervisors for virtualization
  • Containers use OS components for virtualization
A

-Containers use OS components for virtualization “Containers use OS components like binaries and libraries for virtualization.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?

  • Enable “roll back” on the previous configuration before testing the new configuration
  • Take a snapshot of the virtual machine before testing the configuration
  • Use sandboxing in the virtual machine before testing the configuration
  • Take a screenshot of the virtual machine before testing the configuration
A

-Take a snapshot of the virtual machine before testing the configuration
Taking a snapshot of the virtual machine (VM) before testing the configuration will allow it to be rolled back to the snapshot if the configuration is not working.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply?

  • X.500 prevents unwanted mails from being delivered.
  • LDAP prevents unwanted mails from being delivered.
  • Mail gateways prevent unwanted mails from being delivered.
  • SMTP relays prevent unwanted mails from being delivered.
A

Mail gateways monitor emails for unwanted content and prevent these messages from being delivered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following protocol can be used for secure routing and switching?

  • IPsec
  • HTTPS
  • HTTP
  • DNSSEC
A

Internet protocol security (IPSec) is a secure network protocol that authenticates and encrypts the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a Type I hypervisor?

  • A hypervisor that runs on security devices
  • A hypervisor that uses binary files for virtualization
  • A hypervisor that runs on host operating system
  • A hypervisor that runs directly on computer hardware
A

A Type I hypervisor runs directly on computer hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Marnus is working as a cloud administrator, and he has been asked to perform segmentation on specific cloud networks. Which of the following should be done by Marnus?

-Use automated inspection and integration services for authentication, authorization, encryption,
availability, and policy compliance.
-Create network rules for the services permitted between accessible zones to make sure endpoints belonging to other approved zones can reach them.
-Create a virtual network that connects services and resources such as virtual machines and database applications.
-Remove individual accounts on file servers, machines, or authentication servers to restrict access and free up disc space, ports, and certificates.

A

-Create network rules for the services permitted between accessible zones to make sure endpoints belonging to other approved zones can reach them.
Segmentation sets rules for accessing different services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You decided to test a potential malware application by sandboxing. However, you want to ensure that if the application is infected, it will not affect the host operating system. What should you do to ensure that the host OS is protected?

  • Implement virtual machine escape protection
  • Deactivate the host OS while the guest OS is running
  • Implement a secure network gateway
  • Assign different virtual networks for the guest OS and host OS
A

-Implement virtual machine escape protection
On implementing virtual machine escape protection, the virtual machine (VM) cannot directly interact with the host operating system and potentially infect it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?

  • Use private subnets for backend servers
  • Implement audit logging on backend servers
  • Deploy the backend servers on premises
  • Deploy backend servers in different availability zones
A

-Use private subnets for backend servers

Backend servers can be configured with a private subnet to restrict public access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following protocols can be used for secure video and voice calling?

  • SRTP
  • S/MIME
  • VPN
  • SNMP
A

The secure real-time transfer protocol (SRTP) provides encryption, authentication, and integrity for voice and video technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Pat is asked to automate critical security functions like responding to detected threat patterns in an enterprise network. Which of the following should be done by Pat?

  • Implement subnetting
  • Use virtual desktop infrastructure
  • Use a software-device network
  • Use software-device visibility
A

“Software-device visibility” is a framework used for automating critical security functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following provides the highest level of security?

  • SFTP
  • FTP
  • FTPS
  • XFTP
A

Secure FTP (SFTP) uses only a single TCP port instead of two ports like FTPS and encrypts and compresses all data and commands.

17
Q

Which of the following is true about secrets management?

  • It can only be used on-prem for security but has a connection to the cloud.
  • It provides a central repository.
  • It cannot be audited for security purposes.
  • It requires AES-512.
A

A secrets manager provides a “central repository” and single source to manage, access, and audit secrets across a cloud infrastructure.

18
Q

Which of the following is NOT a feature of a next-generation SWG?

  • Send alerts to virtual firewalls
  • Analyze traffic encrypted by SSL
  • Can be placed on endpoints, at the edge, or in the cloud
  • DLP
A

Correct. Alerts are not sent to virtual firewalls; in reality, they could be sent from a virtual firewall to the SWG.

19
Q

Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings?

  • Resiliency
  • Scalability
  • Pay-per-use
  • Reduction in broadband costs
A

Correct. Cloud computing does not reduce broadband costs and may increase them.

20
Q

Your enterprise recently decided to hire new employees as work-from-home interns. For the new employees to work from home, you need to create a network that will allow them to securely access enterprise data from remote locations.

Which of the following protocols should you use?

  • VPN
  • SNMP
  • S/MIME
  • FTPS
A

Correct. Creating a virtual private network using VPN protocol allows remote access with encryption and authentication.

21
Q

In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?

  • If the virtual machine’s load increases, the virtual machines can balance the load by denying further access.
  • If the load on a virtual machine increases, the RAM or disk space of the VM can be extended until the load is balanced.
  • If the load on a virtual machine increases, the virtual machine can balance the load by rejecting low-priority requests.
  • If the virtual machine’s load increases, the virtual machine can be migrated to another physical machine with more capabilities.
A

Correct. A virtual machine can be easily migrated to another physical device with more capabilities when the load increases.

22
Q

You are asked to transfer a few confidential enterprise files using the file transfer protocol (FTP). For ensuring utmost security, which variant of FTP should you choose?

  • SFTP
  • FTPS
  • TFTP
  • FTP
A

Correct. The SSH file transfer protocol (SFTP) encrypts and compresses all data and commands to provide utmost security.

23
Q

Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?

  • FTP
  • FTPS
  • TFTP
  • SFTP
A

Correct. The file transfer protocol secure (FTPS) will sometimes not encrypt the data port, which makes it less secure than the SSH file transfer protocol (SFTP).

24
Q

Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike?

  • Take snapshots to save the virtual machine state
  • Use containers to save the virtual machine state
  • Apply sandboxing to save the virtual machine state
  • Use LDAP to save the virtual machine state
A

Correct. Saved snapshots allow a virtual machine to roll back to the state when the snapshot was taken.

25
``` __________ allows the cloud infrastructure to remain flexible and scalable without sacrificing security. A. Cloud security audits B. Secrets management C. Regions and zones D. Infrastructure security ```
B. Enables strong security and improved management of a microservices-based architecture, allowing the entire cloud infrastructure to remain flexible and scalable without sacrificing security
26
``` What virtualization technology separates the control plane from the data plane on networking devices such as switches and routers? A. SDV B. Hypervisor C. Containers D. SDN ```
D. A software-defined network (SDN) virtualizes parts of the physical network by separating the control plane from the data plane.
27
``` What type of cloud would only be accessible to individuals in a defined role in a specific department? A. Public cloud B. Group cloud C. Hybrid cloud D. Community cloud ```
D. A community cloud is a cloud that is open only to specific organizations that have common concerns.
28
Which of the following is NOT correct about containers? A. Containers start more quickly. B. Containers reduce the necessary hard drive storage space to function. C. Containers require a full OS whenever APIs cannot be used. D. Containers include components like binary files and libraries.
C. Containers do not require a full OS.
29
``` Which of the following characteristics does NOT apply to cloud computing? A. Metered services B. Immediate elasticity C. Universal client support D. Invisible resource pooling ```
D. Invisible resource pooling enables the physical and virtual computing resources to be pooled together to serve multiple, simultaneous consumers that are dynamically assigned or reassigned based on the consumers’ needs; the customer has little or no control or knowledge of the physical location of the resources.
30
7. What technology allows full control over cloud resources to include routing and security? A. Thin virtual visibility appliance (TVVA) B. SWG C. CASB D. Transit gateway
D. A transit gateway is an Amazon Web Services (AWS) technology that allows organizations to connect all existing virtual private clouds (VPC), physical data centers, remote offices, and remote gateways into a single managed source. The transit gateway gives full control over all the resources—including network routing and security, VPCs, shared services, and other resources that may even span multiple AWS accounts.
31
``` The cloud model with the highest level of IT responsibility is ______________? A. IaaS B. SaaS C. PaaS D. Hybrid cloud ```
A. IaaS requires IT to configure, build, and manage the infrastructure.
32
True or False? High availability across zones does requires that specific security appliances be located on-prem to qualify as a Zone. A. True B. False
B. False
33
You are asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should you do before testing the new configuration so it can be rolled back to the previous state if needed? A. Use sandboxing in the virtual machine before testing the configuration B. Take a snapshot of the virtual machine before testing the configuration C. Enable "roll back" on the previous configuration before testing the new configuration D. Take a screenshot of the virtual machine before testing the configuration
B. Taking a snapshot of the virtual machine (VM) before testing the configuration will allow it to be rolled back to the snapshot if the configuration is not working.
34
The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposal (RFPs) from different third parties. What are these third-party organizations called?
– MSSPs
35
Alicja is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project?
- Fog
36
Which of the following tools can be used to secure multiple VMs?
- Firewall virtual appliance
37
Which of the following tools can be used for virtual machine sprawl avoidance?
- Virtual machine manager

BYU-i CIT270 2021 (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions