Module 14: Cybersecurity Resilience Q

Question 1

In an interview, you are asked to explain the major objective of having resilience in an organization. How should you respond?

Answer 1

The major objective of resilience in an organization is to provide uninterrupted services

The major objective of resilience is to provide uninterrupted services to end users, even at a time of disaster

Question 2

Which of the following documents provide alternative modes of operation for interrupted business activities?

Answer 2

Business continuity plan

A business continuity plan (BCP) is a strategic document that provides alternative modes of operation for business activities that, if interrupted, could result in a significant loss to the enterprise

Question 3

Which of the following is NOT a part of business continuity planning?

Answer 3

Contingency actions

Contingency actions are tactical solutions that address a core business resource or process. They are not a part of a business continuity plan (BCP)

Question 4

Dave is preparing a COOP for his company. In it, he included how and where employees and resources will be relocated in case of a natural disaster, how data will be recovered in case a terrorist attack shuts down public networks, and how the company’s critical services and processes will be affected by an IT system failure. Did Dave compile the COOP correctly?

Answer 4

No. Dave’s COOP plan should not include how critical services and processes will be affected by an IT system failure

Dave’s COOP plan should not include how the company’s critical services and processes will be affected by an IT system failure. This information should be included in a BIA

Question 5

You work at the headquarters of an enterprise known for unethical practices. The company has many remote sites, but most functions are performed at one location. Your enterprise recently hired a third-party vendor known for high-accuracy business impact analyses. The BIA performed by the vendor has since proved wrong, as an incident impacted the business significantly more than forecast. You are assigned to conduct a study on the BIA’s misconception and submit a report.

What should you investigate as the possible reason for the BIA’s inaccuracy?

Answer 5

The vendor overlooked the organization’s remote sites

As the remote sites also contribute to the organization’s functionalities, the vendor likely overlooked them, analyzing only the main site’s functions. This likely led to the inaccurate analysis

Question 6

After a disaster disrupted your organization’s functioning, you were assigned to determine the sequence for reinstating systems. Which of the following documents should you refer to when deciding the restoration order?

Answer 6

Data recovery plan

A data recovery plan (DRP) details the process for restoring IT resources following an event that causes a significant service disruption

Question 7

You are a security admin for an enterprise, and you were asked to ensure high availability of data using redundancy. Which of the following action should you perform?

Answer 7

Store the same data in different devices across different locations

Storing the same data on different devices across different locations provides high availability of data through redundancy

Question 8

One of the important systems in your organization was accidentally exposed to malware. Which of the following features should you use to manage the risk of malware?

Answer 8

Revert to a known state

The revert to known state feature can manage the risk of malware by reverting the system to a previously known state

Question 9

What do servers connected in a cluster use to communicate with each other?

Answer 9

Private cluster connection

Servers in a cluster communicate through a private cluster connection to ensure a smooth user experience

Question 10

You are asked to construct a server cluster to provide resilience to the webserver hosted by your enterprise. Which of the following clustering systems should you implement to ensure the standby server only works when the other server fails?

Answer 10

Asymmetric

In asymmetric clustering systems, the standby server only works when the other server fails

Question 11

Which of the following best describes a Fake RAID?

Answer 11

Software RAID assisted by BIOS

A Fake RAID is BIOS-assisted software RAID. It is usually proprietary and nonstandard

Question 12

Which of the following RAID configurations have no fault tolerance?

Answer 12

RAID level 0

RAID level 0 does not have fault tolerance capacity. If one disk fails, the whole data are lost

Question 13

You are working as a cybersecurity expert in an enterprise. While examining the newly established enterprise network, you found that when a request to write data to the drive is made, the controller sends that request to each drive. When a read action is required, the data is read twice, once from each drive. Which type of RAID is used in the newly established network?

Answer 13

RAID level 1

RAID level 1 uses disk mirroring, which stores the same data on different drives, for fault tolerance

Question 14

Which of the following allows high-speed storage and transmission of large volumes of data?

Answer 14

SAN

The storage area network (SAN) is a dedicated network storage facility that provides data storage access over a high-speed network

Question 15

You are assigned to install multiple physical paths between devices and the SAN so that an interruption in one path will not affect communication. Which of the following techniques should you implement to manage the risk of interruption?

Answer 15

Multipath

Multipath is a technique for creating more than one physical path between devices and a SAN. If one path is interrupted, multipath will simply redirect the broken connection to another path

Question 16

What is the power supply device that can ensure a correct and constant power level is delivered to a server?

Answer 16

Online UPS

The online UPS can provide an uninterruptable power supply and clean electrical power before it reaches the server. This ensures that a correct and constant level of power is delivered to the server

Question 17

While preparing a continuity plan, you were asked to choose a technique by which the backup data stored on the cloud can be accessed from any location. Which of the following techniques should you choose?

Answer 17

Restore the data to virtual machines

Restoring the data to virtual machines allows an organization to access resources from anywhere

Question 18

Why is maintaining a hot recovery site is important for e-commerce businesses?

Answer 18

E-commerce businesses cannot risk significant downtime

Hot sites are used to restore a service as soon as possible after a disruption. Maintaining hot sites allows e-commerce businesses to function without any downtime

Question 19

You are a security administrator asked to restrict employees in your organization from accessing their social media accounts at their workplace. Which of the following mobile device location-based policies should you use to accomplish this?

Answer 19

Geofencing

Geofencing uses a device’s GPS to define geographical boundaries where an app can be used

Question 20

“Computer workstations must be locked when the workspace is unoccupied and turned off at the end of the business day.” “Laptops must be either locked with a locking cable or locked in a drawer or filing cabinet.”

Which policy includes these directives?

Answer 20

Clean desk space

A clean desk space policy is designed to ensure that all confidential or sensitive materials, either in paper or electronic form, are removed from a user’s workspace and secured when the items are not in use or employees leave their workspace

Question 21

“Keep passwords secure and do not share accounts. Authorized users are responsible for the security of their passwords and accounts.” “All computers and laptops should be secured with a password-protected screensaver, setting the automatic activation feature set at 10 minutes or less, or logging off when the host is unattended.”

Which policy includes these directives?

Answer 21

Acceptable use policy

An acceptable use policy (AUP) is a policy that defines the actions users may perform while accessing systems and networking equipment

Question 22

You are a security administrator for an enterprise. You were asked to implement a cloud app security function in your enterprise network so that login attempts from identified threat actors can be restricted. Which of the following cloud app security function should you use?

Answer 22

Risky IP address

Risky IP address restricts previously identified threat actors from accessing networks by examining the IP address used to attempt a login and comparing it against a list of IP addresses involved in malicious activities

Question 23

You want to examine every future login attempt made on the enterprise devices. Which of the following windows group policy settings should you enable to make sure every login attempt is logged?

Answer 23

Account audits

Account audits log every login attempt when enabled

Question 24

You have been hired as a security administrator. While analyzing your organization’s personnel policies, you notice the presence of multiple orphaned accounts. How should you handle this situation?

Answer 24

Change the account expiration settings

Account expiration is the process of setting a user’s account to expire. Account expiration can be explicit, in that the account expires on a set date, or it can be based on a specific number of days of inactivity

Question 25

Which of the following is an agreement that ensures an employee does not misuse enterprise data?

Answer 25

Nondisclosure agreement

New hires are often required to sign an employee nondisclosure agreement (NDA) to make it clear that they may not disclose trade secrets and confidential information without permission

Question 26

Which of the following policies restrict employees from being in a position to manipulate security configurations by limiting the time they spend with control of those configurations?

Answer 26

Job rotation

Job rotation limits the amount of time that individuals are in a position to manipulate security configurations

Question 27

Which of the following best describes an acceptable use policy?

Answer 27

A policy that defines the actions users may perform while accessing systems and networking equipment

AUP defines the actions users may perform while accessing systems and networking equipment

Question 28

Which of the following policies propose using non-disclosure agreements (NDA)?

Answer 28

Onboarding and offboarding

Onboarding and offboarding deal with hiring new employees or leaving of former employees. The introduction and loss of employees usually require using nondisclosure agreements

Question 29

Which cloud app security features check the last login’s location and current login attempts to restrict login if found suspicious?

Answer 29

Impossible travel

The impossible travel feature checks the last login location and the current location where login is attempted and locks the account if the distance between locations cannot be covered in the period between attempts

Question 30

Which mobile device location-based policy is used to identify geographical location by analyzing media files?

Answer 30

Geo-tagging

Geo-tagging adds geographical identification data to media, such as digital photos or videos taken on a mobile device, so analyzing the media files can reveal the geographical location where they were taken