Sec+ Objective 3 Test Questions Flashcards
A city is building an ambulance service network for emergency medical dispatching. Which of the following should have the highest priority?
❍ A. Integration costs
❍ B. Patch availability
❍ C. System availability
❍ D. Power usage
C. System availability
Requests to emergency services are often critical in nature, and it’s important for a dispatching system to always be available when a call is made. (3.1)
Which of the following considerations are MOST commonly associated with a hybrid cloud model?
❍ A. Microservice outages
❍ B. IoT support
❍ C. Network protection mismatches
❍ D. Containerization backups
C. Network protection mismatches
A hybrid cloud includes more than one private or public cloud. This adds additional complexity to the overall infrastructure, and it’s common to inadvertently apply different authentication options and user permissions across multiple cloud providers. (3.1)
A company is installing a new application in a public cloud. Which of the following determines the assignment of data security in this cloud infrastructure?
❍ A. Playbook
❍ B. Audit committee
❍ C. Responsibility matrix
❍ D. Right-to-audit clause
C. Responsibility matrix
A cloud responsibility matrix is usually published by the provider to document the responsibilities for all cloud-based services. For example, the customer responsibilities for an IaaS (Infrastructure as a Service) implementation will be different than SaaS (Software as a Service). (3.1)
A company would like to securely deploy applications without the overhead of installing a virtual machine for each system. Which of the following would be the BEST way to deploy these applications?
❍ A. Containerization
❍ B. IoT
❍ C. Proxy
❍ D. RTOS
A. Containerization
Application containerization uses a single virtual machine to use as a foundation for separate application “containers.” These containers are implemented as isolated instances, and an application in one container is not inherently accessible from other containers on the system. (3.1)
What is containerization?
Having multiple applications running simultaneously all on one single piece of hardware and one single OS, as opposed to virtualization, where a separate OS is spun up on one VM to run one application.
Which of the following would be the BEST option for application testing in an environment completely separated from the production network?
❍ A. Virtualization
❍ B. VLANs
❍ C. Cloud computing
❍ D. Air gap
D. Air gap
An air gapped network removes all connectivity between components and ensures there would be no possible communication path between the test network and the production network. (3.1)
A company owns a time clock appliance, but the time clock doesn’t provide any access to the operating system and it doesn’t provide a method to upgrade the firmware. Which of the following describes this appliance?
❍ A. End-of-life
❍ B. ICS
❍ C. SDN
❍ D. Embedded system
D. Embedded system
An embedded system often does not provide access to the OS and may not provide a method of upgrading the system firmware. (3.1)
A technology company is manufacturing a military-grade radar tracking system designed to identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?
❍ A. RTOS
❍ B. IoT
❍ C. ICS
❍ D. SDN
A. RTOS
This tracking system requires an RTOS (Real-Time Operating System) to instantly react to input without any significant delays or queuing in the operating system. Operating systems used by the military, automobile manufacturers, and industrial equipment companies often use RTOS to process certain transactions without any significant delays. (3.1)
What is RTOS?
Real-Time Operating System. An operating system with a deterministic processing schedule. Can take a single process on it and suddenly grab all of the resources of the system and have that process take priority. Found in cars and military equipment. Extremely sensitive to security issues, but difficult to break in.
Which of the following BEST describes a responsibility matrix?
❍ A. A visual summary of cloud provider accountability
❍ B. Identification of tasks at each step of a project plan
❍ C. A list of cybersecurity requirements based on the identified risks
❍ D. Ongoing group discussions regarding cybersecurity
A. A visual summary of cloud provider accountability
A cloud provider commonly creates a responsibility matrix to document the service coverage between the cloud provider and the customer. For example, a cloud responsibility matrix may show the cloud provider responsible for network controls and the customer responsible for all stored data. (3.1)
A company runs two separate applications in their data center. The security administrator has been tasked with preventing all communication between these applications. Which of the following would be the BEST way to implement this security requirement?
❍ A. Firewall
❍ B. SDN
❍ C. Air gap
❍ D. VLANs
C. Air gap
An air gap is a physical separation between networks. Air gapped networks are commonly used to separate networks that must never communicate to each other. (3.1)
A client using an API to access an application function is an example of what?
A) Hashing
B) Secure enclave
C) Microservices
D) False negative
C) Microservices
Microservices: Instead of having one big application running all of the functions of the application simultaneously, you can have different aspects of the application run on and be supplied by different services still accessible from one client through an API gateway. The API gateway is the glue that makes all the services run when they’re needed. Security for each microservice can be provided individually, instead of security for one big application. (3.1)
An administrator is configuring the security rules in a firewall. Which of the following SDN plane would be most associated with this task?
A) Data
B) Active
C) Control
D) Infrastructure
E) Management
E) Management
Management plane: Also called the Application Layer. Where we as Network admins physically configure and manage all of these network devices. (3.1)
SDN: Software Defined Networking. Networking architecture is defined by how the networking devices operate on their planes of operation, and organized accordingly.
The three planes of operation for software defined networking are the data, control, and management planes.
What is the primary characteristic of an on-premises architecture model for hosting servers and data?
A) Reliance on third-party cloud providers
B) Geographic distribution of resources
C) Hosting servers and data within physical facilities
D) Use of serverless computing
C) Hosting servers and data within physical facilities
Benefits of On-Premises Security: Everything is local and on you to secure, giving you the freedom and control to protect things exactly how you want it, but it costs more to maintain (being a Tech Director). (3.1)
A security technician is responsible for designing the network infrastructure of a critical government agency. They need to ensure that certain sensitive systems are physically isolated from the rest of the network to prevent unauthorized access. Which network design technique should the security technician implement to achieve physical isolation of sensitive systems?
A) Logical segmentation
B) SDN
C) Virtualization
D) Air-gapped
D) Air-gapped
Air Gap: Means the devices are physically separate. If an attacker gained access to switch A, they would have no way to access switch B. (3.1)
Several steps can be taken to harden SCADA and ICS systems. Which of the following is not such a step?
A) As much as possible rely on proprietary protocols to protect the network.
B) Establish clear policies and conduct training around the policies.
C) Test to identify and evaluate possible attack scenarios.
D) Remove or disable unnecessary services.
E) Identify all connections to SCADA networks.
A) As much as possible rely on proprietary protocols to protect the network.
SCADA: Supervisory Control and Data Acquisition System. Also known as ICS, Industrial Control Systems. Basically large scale industrial networking. Various building controls talking to one another through the network. Managed usually at one computer. (3.1)
A network administrator would like each user to authenticate with their corporate username and password when connecting to the company’s wireless network. Which of the following should the network administrator configure on the wireless access points?
❍ A. WPA3
❍ B. 802.1X
❍ C. PSK
❍ D. MFA
B. 802.1X
802.1X uses a centralized authentication server, and this allows all users to use their corporate credentials during the login process. (3.2)
Which of the following risk management strategies would include the purchase and installation of an NGFW?
❍ A. Transfer
❍ B. Mitigate
❍ C. Accept
❍ D. Avoid
B. Mitigate
Mitigation is a strategy that decreases the threat level. This is commonly done through the use of additional security systems and monitoring, such as an NGFW (Next Generation Firewall). (3.2)
An organization needs to provide a remote access solution for a newly deployed cloud-based application. This application is designed to be used by mobile field service technicians. Which of the following would be the best option for this requirement?
❍ A. RTOS
❍ B. CRL
❍ C. Zero-trust
❍ D. SASE
D. SASE
A SASE (Secure Access Service Edge) solution is a next-generation VPN technology designed to optimize the process of secure communication to cloud services. (3.2)
What is SASE?
Secure Access Service Edge. Basically the VPN for cloud services. The next generation VPN that allows us to communicate to web-based applications. Allows different clients (corporate offices, home users, and mobile users) to access cloud services as if it were communicating through a VPN.
A technician at an MSP has been asked to manage devices on third-party private network. The technician needs command line access to internal routers, switches, and firewalls. Which of the following would provide the necessary access?
❍ A. HSM
❍ B. Jump server
❍ C. NAC
❍ D. Air gap
B. Jump server
A jump server is a highly secured device commonly used to access secure areas of another network. The technician would first connect to the jump server using SSH or a VPN tunnel, and then “jump” from the jump server to other devices on the inside of the protected network. This would allow technicians at an MSP (Managed Service Provider) to securely access devices on their customer’s private networks. (3.2)
What is a jump server?
A server that’s on the inside of a private protected network that provides access to allowed clients on the outside trying to access that network.
A security administrator has been asked to build a network link to secure all communication between two remote locations. Which of the following would be the best choice for this task?
❍ A. SCAP
❍ B. Screened subnet
❍ C. IPsec
❍ D. Network access control
C. IPsec
IPsec (Internet Protocol Security) is commonly used to create a VPN (Virtual Private Network) protected tunnel between devices or locations. (3.2)
What is IPSec?
Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets.
A security engineer is planning the installation of a new IPS. The network must remain operational if the IPS is turned off or disabled. Which of the following would describe this configuration?
❍ A. Containerization
❍ B. Load balancing
❍ C. Fail open
❍ D. Tunneling
C. Fail open
An IPS (Intrusion Prevention System) designed to fail open will maintain network connectivity during an outage or failure of the IPS. Even if the IPS was not actively preventing an intrusion, the network would still be up and running. (3.2)
A company is installing a security appliance to protect the organization’s web-based applications from attacks such as SQL injections and unexpected input. Which of the following would BEST describe this appliance?
❍ A. WAF
❍ B. VPN concentrator
❍ C. UTM
❍ D. SASE
A. WAF
A WAF (Web Application Firewall) is designed as a firewall for web-based applications. WAFs are commonly used to protect against application attacks such as injections, cross-site scripting, and invalid input types. (3.2)
What is a WAF?
Web Application Firewall. A firewall that applies rules to HTTP/HTTPS conversations. It allows or denies based on expected input, so, for example, it’s mainly looking specifically for things like SQL injections and similar attacks.