Practice Questions Flashcards
You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution?
Use hashes
Encrypt it before sending
Protect it with a digital signature
Use RAID
Encrypt it before sending
Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he created hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use cases is he MOST likely using?
Supporting confidentiality
Supporting integrity
Supporting encryption
Supporting availability
Supporting integrity
Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions?
To support steganography
To support integrity
To support availability
To support obfuscation
To support obfuscation
Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support?
Supporting confidentiality
Supporting availability
Supporting obfuscation
Supporting non-repudiation
Supporting non-repudiation
As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include?
Ensure critical systems provide uninterrupted service.
Protect data-in-transit from unauthorized disclosure.
Ensure systems are not susceptible to unauthorized changes.
Secure data to prevent unauthorized disclosure.
Ensure systems are not susceptible to unauthorized changes.
Your organization wants to reduce the amount of money it is losing
due to thefts. Which of the following is the BEST example of an equipment
theft deterrent?
Snapshots
Cable locks
Strong passwords
Persistent VDI
Cable locks
Your organization is considering virtualization solutions.
Management wants to ensure that any solution provides the best ROI.
Which of the following situations indicates that virtualization would
provide the best ROI?
Most physical servers within the organization are currently
utilized at close to 100 percent.
The organization has many servers that do not require failover
services.
Most desktop PCs require fast processors and a high amount of
memory.
Most physical servers within the organization are currently
underutilized
Most physical servers within the organization are currently
underutilized
You are preparing to deploy a new application on a virtual server. The
virtual server hosts another server application that employees routinely
access. Which of the following is the BEST method to use when
deploying the new application?
Take a snapshot of the VM before deploying the new application.
Take a snapshot of the VM after deploying the new application.
Ensure the server is configured for non-persistence.
Back up the server after installing the new application.
Take a snapshot of the VM before deploying the new application.
Ned is not able to access any network resources from his Linux-based
computer. Which of the following commands would he use to view the
network configuration of his system?
ifconfig
ipconfig
netstat
tracert
ifconfig
Administrators frequently create VMs for testing. They sometimes
leave these running without using them again after they complete their
tests. Which of the following does this describe?
VM escape
VDI snapshot
VM sprawl
Type II hypervisor
VM sprawl
Users within your organization access virtual desktops hosted on
remote servers. This describes which of the following?
VDE
Snapshots for non-persistence
Type I hypervisors
VM sprawl
VDE
Your organization has implemented a VDI for most users. When a
user logs off, the desktop reverts to its original state without saving any
changes made by the user. Which of the following BEST describes this
behavior?
Container virtualization
VM escape
Non-persistence
Elasticity
Non-persistence
Which type of virtualization allows a computer’s operating system
kernel to run multiple isolated instances of a guest virtual machine, with
each guest sharing the kernel?
Container virtualization
Type I hypervisor virtualization
Type II hypervisor virtualization
VDE
Container virtualization
You are considering rebooting a database server and want to identify
if it has any active network connections. Which of the following
commands will list active network connections?
arp
ipconfig
ping
netstat
netstat
You have configured a firewall in your network to block ICMP traffic.
You want to verify that it is blocking this traffic. Which of the following
commands would you use?
arp
ipconfig
netstat
ping
ping
Developers in your organization have created an application
designed for the sales team. Salespeople can log on to the application
using a simple password of 1234. However, this password does not meet
the organization’s password policy. Which of the following is the BEST
response by the security administrator after learning about this?
Nothing. Strong passwords aren’t required in applications.
Modify the security policy to accept this password.
Document this as an exception in the application’s documentation.
Direct the application team manager to ensure the application
adheres to the organization’s password policy.
Direct the application team manager to ensure the application
adheres to the organization’s password policy.
Ned is reviewing password security for employees of The Leftorium.
The password policy has the following settings:
• The password maximum age is 30 days.
• The password minimum length is 14 characters.
• Passwords cannot be reused until five other passwords have been
used.
• Passwords must include at least one of each of the following four
character types: uppercase letters, lowercase letters, numbers, and
special characters.
Ned discovers that despite having this password policy in place, users are
still using the same password that they were using more than a month ago.
Which of the following actions will resolve this issue?
Change the password history to 10.
Require the use of complex passwords.
Change the maximum age setting to 60 days.
Create a rule in the password policy for the password minimum
age to be 7 days.
Your organization is planning to implement remote access
capabilities. Management wants strong authentication and wants to ensure
that passwords expire after a predefined time interval. Which of the
following choices BEST meets this requirement?
HOTP
TOTP
CAC
Kerberos
TOTP