Sec+ Objective 3 Test Questions Flashcards

1
Q

A city is building an ambulance service network for emergency medical dispatching. Which of the following should have the highest priority?

❍ A. Integration costs
❍ B. Patch availability
❍ C. System availability
❍ D. Power usage

A

C. System availability

Requests to emergency services are often critical in nature, and it’s important for a dispatching system to always be available when a call is made. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following considerations are MOST commonly associated with a hybrid cloud model?

❍ A. Microservice outages
❍ B. IoT support
❍ C. Network protection mismatches
❍ D. Containerization backups

A

C. Network protection mismatches

A hybrid cloud includes more than one private or public cloud. This adds additional complexity to the overall infrastructure, and it’s common to inadvertently apply different authentication options and user permissions across multiple cloud providers. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company is installing a new application in a public cloud. Which of the following determines the assignment of data security in this cloud infrastructure?

❍ A. Playbook
❍ B. Audit committee
❍ C. Responsibility matrix
❍ D. Right-to-audit clause

A

C. Responsibility matrix

A cloud responsibility matrix is usually published by the provider to document the responsibilities for all cloud-based services. For example, the customer responsibilities for an IaaS (Infrastructure as a Service) implementation will be different than SaaS (Software as a Service). (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company would like to securely deploy applications without the overhead of installing a virtual machine for each system. Which of the following would be the BEST way to deploy these applications?

❍ A. Containerization
❍ B. IoT
❍ C. Proxy
❍ D. RTOS

A

A. Containerization

Application containerization uses a single virtual machine to use as a foundation for separate application “containers.” These containers are implemented as isolated instances, and an application in one container is not inherently accessible from other containers on the system. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is containerization?

A

Having multiple applications running simultaneously all on one single piece of hardware and one single OS, as opposed to virtualization, where a separate OS is spun up on one VM to run one application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following would be the BEST option for application testing in an environment completely separated from the production network?

❍ A. Virtualization
❍ B. VLANs
❍ C. Cloud computing
❍ D. Air gap

A

D. Air gap

An air gapped network removes all connectivity between components and ensures there would be no possible communication path between the test network and the production network. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A company owns a time clock appliance, but the time clock doesn’t provide any access to the operating system and it doesn’t provide a method to upgrade the firmware. Which of the following describes this appliance?

❍ A. End-of-life
❍ B. ICS
❍ C. SDN
❍ D. Embedded system

A

D. Embedded system

An embedded system often does not provide access to the OS and may not provide a method of upgrading the system firmware. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A technology company is manufacturing a military-grade radar tracking system designed to identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?

❍ A. RTOS
❍ B. IoT
❍ C. ICS
❍ D. SDN

A

A. RTOS

This tracking system requires an RTOS (Real-Time Operating System) to instantly react to input without any significant delays or queuing in the operating system. Operating systems used by the military, automobile manufacturers, and industrial equipment companies often use RTOS to process certain transactions without any significant delays. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is RTOS?

A

Real-Time Operating System. An operating system with a deterministic processing schedule. Can take a single process on it and suddenly grab all of the resources of the system and have that process take priority. Found in cars and military equipment. Extremely sensitive to security issues, but difficult to break in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following BEST describes a responsibility matrix?

❍ A. A visual summary of cloud provider accountability
❍ B. Identification of tasks at each step of a project plan
❍ C. A list of cybersecurity requirements based on the identified risks
❍ D. Ongoing group discussions regarding cybersecurity

A

A. A visual summary of cloud provider accountability

A cloud provider commonly creates a responsibility matrix to document the service coverage between the cloud provider and the customer. For example, a cloud responsibility matrix may show the cloud provider responsible for network controls and the customer responsible for all stored data. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company runs two separate applications in their data center. The security administrator has been tasked with preventing all communication between these applications. Which of the following would be the BEST way to implement this security requirement?

❍ A. Firewall
❍ B. SDN
❍ C. Air gap
❍ D. VLANs

A

C. Air gap

An air gap is a physical separation between networks. Air gapped networks are commonly used to separate networks that must never communicate to each other. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A client using an API to access an application function is an example of what?

A) Hashing
B) Secure enclave
C) Microservices
D) False negative

A

C) Microservices

Microservices: Instead of having one big application running all of the functions of the application simultaneously, you can have different aspects of the application run on and be supplied by different services still accessible from one client through an API gateway. The API gateway is the glue that makes all the services run when they’re needed. Security for each microservice can be provided individually, instead of security for one big application. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An administrator is configuring the security rules in a firewall. Which of the following SDN plane would be most associated with this task?

A) Data
B) Active
C) Control
D) Infrastructure
E) Management

A

E) Management

Management plane: Also called the Application Layer. Where we as Network admins physically configure and manage all of these network devices. (3.1)

SDN: Software Defined Networking. Networking architecture is defined by how the networking devices operate on their planes of operation, and organized accordingly.
The three planes of operation for software defined networking are the data, control, and management planes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the primary characteristic of an on-premises architecture model for hosting servers and data?

A) Reliance on third-party cloud providers
B) Geographic distribution of resources
C) Hosting servers and data within physical facilities
D) Use of serverless computing

A

C) Hosting servers and data within physical facilities

Benefits of On-Premises Security: Everything is local and on you to secure, giving you the freedom and control to protect things exactly how you want it, but it costs more to maintain (being a Tech Director). (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A security technician is responsible for designing the network infrastructure of a critical government agency. They need to ensure that certain sensitive systems are physically isolated from the rest of the network to prevent unauthorized access. Which network design technique should the security technician implement to achieve physical isolation of sensitive systems?

A) Logical segmentation
B) SDN
C) Virtualization
D) Air-gapped

A

D) Air-gapped

Air Gap: Means the devices are physically separate. If an attacker gained access to switch A, they would have no way to access switch B. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Several steps can be taken to harden SCADA and ICS systems. Which of the following is not such a step?

A) As much as possible rely on proprietary protocols to protect the network.
B) Establish clear policies and conduct training around the policies.
C) Test to identify and evaluate possible attack scenarios.
D) Remove or disable unnecessary services.
E) Identify all connections to SCADA networks.

A

A) As much as possible rely on proprietary protocols to protect the network.

SCADA: Supervisory Control and Data Acquisition System. Also known as ICS, Industrial Control Systems. Basically large scale industrial networking. Various building controls talking to one another through the network. Managed usually at one computer. (3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A network administrator would like each user to authenticate with their corporate username and password when connecting to the company’s wireless network. Which of the following should the network administrator configure on the wireless access points?

❍ A. WPA3
❍ B. 802.1X
❍ C. PSK
❍ D. MFA

A

B. 802.1X

802.1X uses a centralized authentication server, and this allows all users to use their corporate credentials during the login process. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following risk management strategies would include the purchase and installation of an NGFW?

❍ A. Transfer
❍ B. Mitigate
❍ C. Accept
❍ D. Avoid

A

B. Mitigate

Mitigation is a strategy that decreases the threat level. This is commonly done through the use of additional security systems and monitoring, such as an NGFW (Next Generation Firewall). (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

An organization needs to provide a remote access solution for a newly deployed cloud-based application. This application is designed to be used by mobile field service technicians. Which of the following would be the best option for this requirement?

❍ A. RTOS
❍ B. CRL
❍ C. Zero-trust
❍ D. SASE

A

D. SASE

A SASE (Secure Access Service Edge) solution is a next-generation VPN technology designed to optimize the process of secure communication to cloud services. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is SASE?

A

Secure Access Service Edge. Basically the VPN for cloud services. The next generation VPN that allows us to communicate to web-based applications. Allows different clients (corporate offices, home users, and mobile users) to access cloud services as if it were communicating through a VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A technician at an MSP has been asked to manage devices on third-party private network. The technician needs command line access to internal routers, switches, and firewalls. Which of the following would provide the necessary access?

❍ A. HSM
❍ B. Jump server
❍ C. NAC
❍ D. Air gap

A

B. Jump server

A jump server is a highly secured device commonly used to access secure areas of another network. The technician would first connect to the jump server using SSH or a VPN tunnel, and then “jump” from the jump server to other devices on the inside of the protected network. This would allow technicians at an MSP (Managed Service Provider) to securely access devices on their customer’s private networks. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a jump server?

A

A server that’s on the inside of a private protected network that provides access to allowed clients on the outside trying to access that network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A security administrator has been asked to build a network link to secure all communication between two remote locations. Which of the following would be the best choice for this task?

❍ A. SCAP
❍ B. Screened subnet
❍ C. IPsec
❍ D. Network access control

A

C. IPsec

IPsec (Internet Protocol Security) is commonly used to create a VPN (Virtual Private Network) protected tunnel between devices or locations. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is IPSec?

A

Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A security engineer is planning the installation of a new IPS. The network must remain operational if the IPS is turned off or disabled. Which of the following would describe this configuration?

❍ A. Containerization
❍ B. Load balancing
❍ C. Fail open
❍ D. Tunneling

A

C. Fail open

An IPS (Intrusion Prevention System) designed to fail open will maintain network connectivity during an outage or failure of the IPS. Even if the IPS was not actively preventing an intrusion, the network would still be up and running. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A company is installing a security appliance to protect the organization’s web-based applications from attacks such as SQL injections and unexpected input. Which of the following would BEST describe this appliance?

❍ A. WAF
❍ B. VPN concentrator
❍ C. UTM
❍ D. SASE

A

A. WAF

A WAF (Web Application Firewall) is designed as a firewall for web-based applications. WAFs are commonly used to protect against application attacks such as injections, cross-site scripting, and invalid input types. (3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is a WAF?

A

Web Application Firewall. A firewall that applies rules to HTTP/HTTPS conversations. It allows or denies based on expected input, so, for example, it’s mainly looking specifically for things like SQL injections and similar attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following would be the main reasons why a system administrator would use a TPM when configuring full disk encryption? (Select TWO)

❍ A. Allows the encryption of multiple volumes
❍ B. Uses burned-in cryptographic keys
❍ C. Stores certificates in a hardware security module
❍ D. Maintains a copy of the CRL
❍ E. Includes built-in protections against brute-force attacks

A

B. Uses burned-in cryptographic keys
and
E. Includes built-in protections against brute-force attacks

A TPM (Trusted Platform Module) is part of a computer’s motherboard, and it’s specifically designed to assist and protect with cryptographic functions. Full disk encryption (FDE) can use the burned-in TPM keys to verify the local device hasn’t changed, and there are security features in the TPM to prevent brute-force or dictionary attacks against the full disk encryption login credentials. (3.2)

30
Q

What is TPM?

A

Trusted Platform Module. Cryptography hardware on a device. Contains a cryptographic processor, a random number generator, key generators, and both persistent memory with unique keys burned in during manufacturing, and versatile memory for storing all the keys you make with the hardware.

31
Q

A company is deploying a series of internal applications to different cloud providers. Which of the following connection types should be deployed for this configuration?

❍ A. Air-gapped
❍ B. 802.1X
❍ C. Site-to-site IPsec VPN
❍ D. Jump server
❍ E. SD-WAN

A

E. SD-WAN

An SD-WAN (Software Defined Networking in a Wide Area Network) network allows users to efficiently communicate directly to cloud-based applications. (3.2)

32
Q

What is SD-WAN

A

Software Defined Wide Area Network: A WAN built for the cloud. Instead of telling a WAN to connect to a centralized data center, we can tell it to access the data directly inside the cloud. No more accessing Data Centers, you can go directly to the cloud.

33
Q

A security administrator would like to monitor all outbound Internet connections for malicious software. Which of the following would provide this functionality?

❍ A. Jump server
❍ B. IPsec tunnel
❍ C. Forward proxy
❍ D. Load balancer

A

C. Forward proxy

A proxy server can be used to monitor incoming and outgoing network communication. Proxy servers can be used to identify malicious software, filter content, or increase performance through file caching. (3.2)

34
Q

What is a proxy server?

A

A type of security control that sits between one part of a network and another (or the internet), allowing or preventing certain traffic to traverse the network. Useful for caching information.

35
Q

During an initial network connection, a supplicant communicates to an authenticator, which then sends an authentication request to an Active Directory database. Which of the following would BEST describe this authentication technology?

❍ A. Federation
❍ B. UTM
❍ C. 802.1X
❍ D. PKI

A

C. 802.1X

IEEE 802.1X is a standard for port-based network access control (NAC). When 802.1X is enabled, devices connecting to the network do not gain access until they provide the correct authentication credentials. This 802.1X standard refers to the client as the supplicant, the switch is commonly configured as the authenticator, and the back-end authentication server is often a centralized user database. (3.2)

36
Q

You have been tasked to configure the VPN to preserve bandwidth. Which configuration would you choose?

A) Point-to-Point Tunneling
B) Secure Socket Tunneling
C) Full tunnel
D) Split tunnel

A

D) Split tunnel

In a split tunnel configuration, only traffic destined for the corporate network is sent through the Virtual Private Network (VPN) tunnel. All other traffic, such as internet browsing, goes directly to the internet without passing through the VPN tunnel. This configuration preserves bandwidth as it doesn’t route unnecessary traffic through the corporate VPN. The full tunnel configuration has all traffic sent to the VPN so it does not minimize traffic. Neither Point-to-Point Tunneling nor Secure Socket Tunneling are tunnel configurations, they are both protocols. (3.2)

37
Q

An MSP needs a secure method of connecting to the web servers of a remote client. Which of the following would be the BEST choice for this task?

A) Proxy server
B) SIEM
C) Jump server
D) IPS
E) HSM

A

C) Jump server

Jump Server: A server that’s on the inside of a private protected network that provides access to allowed clients on the outside trying to access that network. (3.2)

38
Q

A security administrator has identified all possible points of unauthorized entry on a newly built web server. Which of the following would describe this list?

A) Responsibility matrix
B) Platform diversity
C) Journaling
D) Input validation
E) Attack surface

A

E) Attack surface

Attack Surface: The combination of potential openings into your network. How does your network look? Are you aware of all of the ways into your network? (3.2)

39
Q

When power is removed from an inline IPS, all network traffic stops. Which of the following would describe this functionality?

A) High availability
B) Parallel processing
C) Load balancing
D) Cold site
E) Failed closed

A

E) Failed closed

Fail-Close: When a system fails, data stops flowing. (3.2)

40
Q

A security technician is responsible for implementing threat detection mechanisms in an ICS used for managing a city’s water treatment plant. Which threat detection mechanism is essential for monitoring and alerting on suspicious activities in an ICS environment such as a water treatment plant?

A) Email filtering
B) Antivirus software
C) IDS
D) MDM

A

C) IDS

IDS: Intrusion Detection System. Watches network traffic and only alerts if it finds traffic it doesn’t recognize. (3.2)

41
Q

Security protocols in a cloud data center are under review to guarantee the protection of the safety of the data center staff. Which of the following best illustrates the appropriate setup for these security controls?

A) External gate way access points should fail closed
B) Data access logs should fail open
C) Fire safety mechanisms should fail open
D) User authentication systems should fail closed

A

C) Fire safety mechanisms should fail open

Fail-Open: When a system fails, data continues to flow.
Fail-Close: When a system fails, data stops flowing. (3.2)

42
Q

Which of the answers listed below refers to a suite of protocols and technologies providing encryption, authentication, and data integrity for network traffic?

A) TLS
B) SSH
C) IPsec
D) VPN

A

C) IPsec

IPSec: Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets. (3.2)

43
Q

Which part of IPsec provides authentication, integrity, and confidentiality?

A) SPD
B) PFS
C) AH
D) ESP

A

D) ESP

IPSec: Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets. (3.2)

44
Q

A system that uses public network (such as the Internet) as a means for creating private encrypted connections between remote locations is referred to as:

A) WWAN
B) VPN
C) PAN
D) VLAN

A

B) VPN

VPN: Virtual Private Network. Encrypted (private) data traversing a public network. Data meets and flows in and out of a VPN concentrator. (3.2)

45
Q

A company creates a standard set of government reports each calendar quarter. Which of the following would describe this type of data?

❍ A. Data in use
❍ B. Obfuscated
❍ C. Trade secrets
❍ D. Regulated

A

D. Regulated

Reports and information created for governmental use are regulated by laws regarding the disclosure of certain types of data. (3.3)

46
Q

A Linux administrator is downloading an updated version of her Linux distribution. The download site shows a link to the ISO and a SHA256 hash value. Which of these would describe the use of this hash value?

❍ A. Verifies that the file was not corrupted during the file transfer
❍ B. Provides a key for decrypting the ISO after download
❍ C. Authenticates the site as an official ISO distribution site
❍ D. Confirms that the file does not contain any malware

A

A. Verifies that the file was not corrupted during the file transfer

Once the file is downloaded, the administrator can calculate the file’s SHA256 hash and confirm that it matches the value on the website. (3.3)

47
Q

A company’s security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

❍ A. USB security key
❍ B. Biometric scanner
❍ C. PIN
❍ D. SMS

A

B. Biometric scanner

A biometric scanner would require a person to be physically present to verify the authentication. (3.3)

48
Q

A development team has installed a new application and database to a cloud service. After running a vulnerability scanner on the application instance, a security administrator finds the database is available for anyone to query without providing any authentication. Which of these vulnerabilities is MOST associated with this issue?

❍ A. Legacy software
❍ B. Open permissions
❍ C. Race condition
❍ D. Malicious update

A

B. Open permissions

Just like local systems, proper permissions and security controls are required when applications are installed to a cloud-based system. If permissions are not properly configured, the application data may be accessible by anyone on the Internet. (3.3)

49
Q

An organization’s content management system currently labels files and documents as “Public” and “Restricted.” On a recent update, a new classification type of “Private” was added. Which of the following would be the MOST likely reason for this addition?

❍ A. Minimized attack surface
❍ B. Simplified categorization
❍ C. Expanded privacy compliance
❍ D. Decreased search time

A

C. Expanded privacy compliance

The labeling of data as private is often associated with compliance and confidentiality concerns. (3.3)

50
Q

A security administrator is creating a policy to prevent the disclosure of credit card numbers in a customer support application. Users of the application would only be able to view the last four digits of a credit card number. Which of the following would provide this functionality?

❍ A. Hashing
❍ B. Tokenization
❍ C. Masking
❍ D. Salting

A

C. Masking

Data masking hides data from being viewed. The full credit card numbers are stored in a database, but only a limited view of this data is available when accessing the information from the application. (3.3)

51
Q

Which of the following can be used for credit card transactions from a mobile device without sending the actual credit card number across the network?

❍ A. Tokenization
❍ B. Hashing
❍ C. Steganography
❍ D. Masking

A

A. Tokenization

Tokenization replaces sensitive data with a non-sensitive placeholder. Tokenization is commonly used for NFC (Near-Field Communication) payment systems, and sends a single-use token across the network instead of the actual credit card information. (3.3)

52
Q

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

❍ A. Masking
❍ B. DLP
❍ C. Tokenization
❍ D. NGFW

A

C. Tokenization

Tokenization is a technique that replaces user data with a non-sensitive placeholder, or token. Tokenization is commonly used on mobile devices during a purchase to use a credit card without transmitting the physical credit card number across the network. (3.3)

53
Q

A company must comply with legal requirements for storing customer data in the same country as the customer’s mailing address. Which of the following would describe this requirement?

❍ A. Geographic dispersion
❍ B. Least privilege
❍ C. Data sovereignty
❍ D. Exfiltration

A

C. Data sovereignty

Data sovereignty laws can mandate how data is handled and stored. Data residing in a country is usually subject to the laws of that country, and compliance regulations may not allow the data to be moved outside of the country. (3.3)

54
Q

Which of the following describes the process of hiding data from others by embedding the data inside of a different media type?

❍ A. Hashing
❍ B. Obfuscation
❍ C. Encryption
❍ D. Masking

A

B. Obfuscation

Obfuscation is the process of taking something normally understandable and making it very difficult to understand or to be seen. One common obfuscation method used by steganography is to embed a document within an image file. (3.3)

55
Q

Which of the following is the process for replacing sensitive data with a non-sensitive and functional placeholder?

❍ A. Steganography
❍ B. Tokenization
❍ C. Retention
❍ D. Masking

A

B. Tokenization

Tokenization replaces sensitive data with a token, and this token can be used as a functional placeholder for the original data. Tokenization is commonly used with credit card processing and mobile devices. (3.3)

56
Q

A security administrator has installed a network-based DLP solution to determine if file transfers contain PII. Which of the following describes the data during the file transfer?

❍ A. In-use
❍ B. In-transit
❍ C. Highly available
❍ D. At-rest

A

B. In-transit

Data in-transit describes information actively moving across the network. As the information passes through switches and routers, it is considered to be in-transit. (3.3)

57
Q

A developer has created an application to store password information in a database. Which of the following BEST describes a way of protecting these credentials by adding random data to the password?

❍ A. Hashing
❍ B. Data masking
❍ C. Salting
❍ D. Asymmetric encryption

A

C. Salting

Passwords are often stored as hashes, but the hashes themselves are often subject to brute force or rainbow table attacks. It’s common to add some additional random data (a salt) to a password before the hashing process. This ensures that each password is truly random when stored, and it makes it more difficult for an attacker to discover all of the stored passwords. (3.3)

58
Q

Which technology would be utilized in this scenario?
Credit card numbers are being replaced with temporary values.

A) Salting
B) Tokenization
C) OCSP
D) False negative

A

B) Tokenization

Tokenization: Takes sensitive information such as a credit card number used in a purchase, and replaces it with a token number that is completely different when crossing the network. Only a one time use. Nothing is encrypted, but all the numbers are changed on the token. (3.3)

59
Q

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

❍ A. Platform diversity
❍ B. Continuity of operations
❍ C. Cold site recovery
❍ D. Tabletop exercise

A

B. Continuity of operations

It’s always useful to have an alternative set of processes to handle any type of outage or issue. Continuity of operations planning ensures that the business will continue to operate when these issues occur. (3.4)

60
Q

A company would like to minimize database corruption if power is lost to a server. Which of the following would be the BEST strategy to follow?

❍ A. Encryption
❍ B. Off-site backups
❍ C. Journaling
❍ D. Replication

A

C. Journaling

Journaling writes data to a temporary journal before writing the information to the database. If power is lost, the system can recover the last transaction from the journal when power is restored. (3.4)

61
Q

What is journaling?

A

If you’re making a backup, and the power goes out right in the middle of writing the backup, the data is probably corrupted. To avoid this, you can write a journal entry stored on the drive before the backup is initiated. Then, once it’s written, go ahead and make the backup. If the data gets corrupted, you have something to fall back on. Corruptions can be corrected if a hard drive gets corrupted data, but then looks at the journal for all of the corrections.

62
Q

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

❍ A. Capacity planning
❍ B. Business impact analysis
❍ C. Continuity of operations
❍ D. Tabletop exercise

A

D. Tabletop exercise

A tabletop exercise allows a disaster recovery team to evaluate and plan disaster recovery processes without performing a full-scale drill. (3.4)

63
Q

A company is using older operating systems for their web servers and are concerned of their stability during periods of high use. Which of the following should the company use to maximize the uptime and availability of this service?

❍ A. Cold site
❍ B. UPS
❍ C. Redundant routers
❍ D. Load balancer

A

D. Load balancer

A load balancer maintains a pool of servers and can distribute the load across those devices. If a device fails, the other servers will continue to operate and provide the necessary services. (3.4)

64
Q

A transportation company headquarters is located in an area with frequent power surges and outages. The security administrator is concerned about the potential for downtime and hardware failures. Which of the following would provide the most protection against these issues? Select TWO.

❍ A. UPS
❍ B. Parallel processing
❍ C. Snapshots
❍ D. Multi-cloud system
❍ E. Load balancing
❍ F. Generator

A

A. UPS
and
F. Generator

A UPS (Uninterruptible Power Supply) can provide backup power for a limited time when the main power source is unavailable, and a generator can maintain uptime as long as a fuel source is available. (3.4)

65
Q

An incident response team would like to validate their disaster recovery plans without making any changes to the infrastructure. Which of the following would be the best course of action?

❍ A. Tabletop exercise
❍ B. Hot site fail-over
❍ C. Simulation
❍ D. Penetration test

A

A. Tabletop exercise

A tabletop exercise is a walk-through exercise where the disaster recovery process can be discussed in a conference room without making any changes to the existing systems. (3.4)

66
Q

Which of these would be used to provide HA for a web-based database application?

❍ A. SIEM
❍ B. UPS
❍ C. DLP
❍ D. VPN concentrator

A

B. UPS

HA (High Availability) means the service should always be on and available. The only device on this list providing HA is the UPS (Uninterruptible Power Supply). If power is lost, the UPS will provide electricity using battery power or a gas-powered generator. (3.4)

67
Q

A transportation company maintains a scheduling application and a database in a virtualized cloud-based environment. Which of the following would be the BEST way to backup these services?

❍ A. Journaling
❍ B. Snapshot
❍ C. RTOS
❍ D. Containerization

A

B. Snapshot

Virtual machines (VMs) have a snapshot feature to capture both a full backup of the virtual system and incremental changes that occur over time. It’s common to take a snapshot of a VM for backup purposes or before making any significant changes to the VM. If the changes need to be rolled back, a previous snapshot can be selected and instantly applied to the VM. (3.4)

68
Q

A company is releasing a new product, and part of the release includes the installation of load balancers to the public web site. Which of the following would best describe this process?

❍ A. Platform diversity
❍ B. Capacity planning
❍ C. Multi-cloud systems
❍ D. Permission restrictions

A

B. Capacity planning

Capacity planning describes the process of matching the supply of a resource to the demand. In this example, the company is planning for an increased interest in their products and are increasing the overall capacity of their web server resources. (3.4)

69
Q

A large e-commerce platform wants to ensure uninterrupted service even during peak shopping seasons. Which approach should the security professional recommend to achieve high availability?

A) Load balancing
B) Hot site
C) Geographic spreading
D) Continuity of operations

A

A) Load balancing

Load Balancing: Load is distributed across multiple servers, but the servers are unaware of each other. Only the load balancer knows about all the servers. Servers can run different OSs. (3.4)

70
Q

A method used for improved redundancy is to put in place a server cluster. There a two kinds of server clusters symmetric and asymmetric clusters. Which of the following is true about asymmetrical clusters?

A) The standby server performs useful work in addition to supporting a failed server.
B) The standby server performs no useful work other than to be ready if it is needed.
C) The standby server launches a copy of the virtual machine the failed server.
D) Virtualization dramatically increases the number of server clusters that are needed for server redundancy.

A

B) The standby server performs no useful work other than to be ready if it is needed.

Server Clustering: Having multiple servers configured to all work together as one big server. Can be added or removed in real-time as needed. All run the same OS. All use the same shared storage. (3.4)