Practice Questions 85-96 Flashcards
When you log on to your online bank account, you were are also able to access a partner's credit card site, check-ordering services , and mortgage site without entering your credentials again. Which does this describe? A. SSO B. Same sign-on C. SAML D. Kerberos
Single sign on capabilities because you can log on once and access all the respires without entering your credentials again.
Your network uses an authentication service based on the X.SOO specification. When encrypted, it uses TLS. Which authentication service is your network using? A. SAML B. Diameter C. Kerberos D. LDAP
Lightweight Directory Access Protocol (LDAP) uses X.500- based phrases to identify components and Secure LDAP can be encrypted with Transport Layer Security.
You’re asked to identify who is accessing a spreadsheet containing employee salary data. Detailed logging is configured correctly on this file. However, you are unable to identify a specific person who is accessing the file. Which is the MOST likely reason?
A. shared accounts are not prohibited
B. Guest accounts are disabled
C. Permissions for the file were assigned to a group
D. Account lockout has been enabled
Shared accounts are not prohibited, allowing multiple users to access the same file.
Interns from a local college frequently work at your company. Some interns work with the database developers, some interns work with the web applicator developers and some inters work with both developers . Interns working with the database require different privileges. Which is the simplest method to meet these requirements ?
A. Use generic accounts
B. Create user based privileges
C. Use group based privileges
D. Grant the interns access to the Guest accounts.
Using group based privileges because you cab create a DB_ Group and a Web_Group and assign appropriate privileges to the groups and add intern accounts to the group based not their assignments.
You are configuring a file server used to share files and folders among employees within your organization. However, employees should not be able to access all folders on this server. Which choice is the BEST method to manage security for these folders?
A. Assign permissions to each user needed
B. Wait to users to request permission and then assign the appropriate permissions
C. Delegate authority to assign these permissions
D. Use security groups with appropriate permissions
You can create security groups place users into these groups and grant access to the folders by assigning appropriate permissions to the security groups.
The Retirement Castle uses groups for ease of administration and management. They recently hired Jasper as their accountant. Jasper needs access to all the files and folders used by the Accounting department. Which should the administrator do to give Jasper appropriate access?
A. Create an account for Jasper and add the account to the Accounting group
B. Give Jasper the password for the Guest account
C. Create an account for Jasper and use rule-based for accounting.
D. Create an account for Jasper and add the account to the Administrators group
Create an account for Jasper and add it to the Accounting group because the organization uses group it makes sense that they have an Accounting group.
You need to send several large files containing proprietary data to a business partner. What is the BEST choice for this task? A. FTP B. SNMPv3 C. SFTP D. SRTP
SFTP is the best choice because FTP is the best choice to send large files if they don’t contain sensitive data. The files contain proprietary data so they should be encrypted and SFT{ encrypts the using SSH.
Your organization is planning to establish a secure link between one of your mail servers and a business partner's mail server. The connection will use the Internet. Which protocol is the BEST choice? A. TLS B. SMTP C. HTTP D. SSH
Transport Layer Security (TLS) is a good choice to create a secure connection between two systems over the Internet. SMTP by itself will not create a secure link.
Bart is adding a DMZ into his organization’s network. Which is the BEST description of why he would do so?
A. To increase security for servers accessed from public networks
B To provide a secure physical location for networking equipment
C. To lure attackers to a fake server or foe network
D. To cache data retrieved from a web server
Demilitarized zone (DMZ) us a logical buffer zone for servers accessed by public networks such as the Internet and it provides a layer of security for servers in the DMZ.
Your organization wants to prevent employees from accessing file sharing web sites. Which choice will meet this need? A. Content inspection B. Malware inspection C. URL filter D. Web application firewall
A URL filter blocks access to specific web sites based on the URLs.
Your organization hosts serval web servers in a web farm. they have recently been attacked, resulting in unacceptable downtime. Management wants to implement a solution that will provide protection for the web farm and include load balancing to improve the overall performance of the web farm. Which will BEST meet this need? A. Stateless firewall B. Stateful firewall C. Web application firewall D. Cos-Based firewall
A web application firewall (WAF) is the best choice, because you can it in the DMZ and the web farm servers in the internal network, WAF also provides load balancing.
Management suspects that employees have been sending proprietary data out of the network via email. They want t implement a solution that will detect and block similar incidents in the future. Which is the BEST choice to meet this need? A. Mail gateway B. UTM appliance C. Forward proxy D. Reverse proxy
A mail gateway is placed between an email server and the Internet and mail gateways typically include data loss prevention (DLP) capabilities. They can inspect the contents outgoing traffic looking for key works and block any traffic containing proprietary data.
