Section 13-14

Question 1

Which of the following is a risk that is specifically associated with hosting applications in the public cloud?

a.
Unsecured root accounts.
b.
Zero day.
c.
Shared tenancy.
d.
Insider threat.

Question 2

A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems. Which of the following strategies should the company use to achieve this security requirement?

a.
Microservices.
b.
Containerization.
c.
Virtualization.
d.
Infrastructure as code.

Question 3

An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?

a.
Deploying a SASE solution to remote employees.
b.
Building a load-balanced VPN solution with redundant internet.
c.
Purchasing a low-cost SD-WAN solution for VPN traffic.
d.
Using a cloud provider to create additional VPN concentrators.

Answer 3

a.
Deploying a SASE solution to remote employees.Correct
Deploying a Secure Access Service Edge (SASE) solution to remote employees reduces VPN traffic by integrating networking and security functions in a cloud-delivered service.

Question 4

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?

a.
Local data protection regulations.
b.
Risks from hackers residing in other countries.
c.
Impacts to existing contractual obligations.
d.
Time zone differences in log correlation.

Answer 4

a.
Local data protection regulations.Correct
Local data protection regulations must be considered first to ensure compliance with laws and regulations in the new locations. This helps avoid legal issues and ensures that data handling meets the required standards for privacy and security.

Question 5

Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

a.
Software as a service.
b.
Infrastructure as code.
c.
Internet of Things.
d.
Software-defined networking.

Question 6

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

a.
Default credentials.
b.
Non-segmented network.
c.
Supply chain vendor.
d.

Question 7

A company is redesigning its infrastructure and wants to reduce the number of physical servers in use. Which of the following architectures is best suited for this goal?

a.
Serverless.
b.
Segmentation.
c.
Virtualization.
d.
Microservices.

Question 8

Which of the following would be best suited for constantly changing environments?

a.
RTOS.
b.
Containers.
c.
Embedded systems.
d.
SCADA.

Question 9

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?

a.
Client.
b.
Third-party vendor.
c.
Cloud provider.
d.
DBA.

Answer 9

a.
Client.Correct
In the Infrastructure as a Service (IaaS) model, the client (or customer) is responsible for securing the company’s database. While the cloud provider is responsible for the security of the underlying infrastructure, the client must ensure that the data, applications, and any other components running on that infrastructure are properly secured. This includes managing database security, access controls, and any necessary configurations.

Question 10

A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?

a.
Serverless framework.
b.
Type 1 hypervisor.
c.
SD-WAN.
d.
SDN.

Answer 10

a.
Serverless framework.Correct
A serverless framework offers a cost-effective cloud-based hosting solution, as it charges based on usage rather than requiring dedicated server resources.

Question 11

The local administrator account for a company’s VPN appliance was unexpectedly used to log in to the remote management interface. Which of the following would have most likely prevented this from happening?

a.
Using least privilege.
b.
Changing the default password.
c.
Assigning individual user IDs.
d.
Reviewing logs more frequently.

Answer 11

b.
Changing the default password.Correct Answer
Changing the default password is a fundamental security practice that prevents unauthorized access using well-known default credentials.

Question 11

A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Select two).

a. Key escrow.
b. TPM presence.
c. Digital signatures.
d. Data tokenization.
e. Public key management.

Answer 11

a. Key escrow.Your Answer: Correct
Key escrow securely stores encryption keys for recovery.

b. TPM presence.

Question 12

Which of the following is the most common data loss path for an air-gapped network?

a.
Bastion host.
b.
Unsecured Bluetooth.
c.
Unpatched OS.
d.
Removable devices.

Answer 12

d.
Removable devices.Correct Answer
Removable devices are often used to transfer data in and out of isolated networks, posing a risk for data loss.

Question 13

Which of the following can best protect against an employee inadvertently installing malware on a company system?

a.
Host-based firewall.
b.
System isolation.
c.
Least privilege.
d.
Application allow list.

Answer 13

d.
Application allow list.Correct Answer
An application allow list prevents unauthorized applications from running on a system, thereby protecting against inadvertent malware installations.

Question 14

Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

a.
Configure all systems to log scheduled tasks.
b.
Collect and monitor all traffic exiting the network.
c.
Block traffic based on known malicious signatures.
d.
Install endpoint management software on all systems.

Answer 14

d.
Install endpoint management software on all systems.Correct Answer
Installing endpoint management software ensures monitoring and management of endpoints for unauthorized changes and software installations.

Question 15

A security administrator is reissuing a former employee’s laptop. Which of the following is the best combination of data handling activities for the administrator to perform? (Choose two.)

a. Data retention.
b. Certification.
c. Destruction.
d. Classification.
e. Sanitization.
f. Enumeration.

Answer 15

b. Certification.Your Answer: Correct
Certification verifies that the laptop meets the required security standards before reissuance.

e. Sanitization.

Question 16

A visitor plugs a laptop into a network jack in the lobby and is able to connect to the company’s network. Which of the following should be configured on the existing network infrastructure to best prevent this activity?

a.
Port security.
b.
Web application firewall.
c.
Transport layer security.
d.
Virtual private network.

Answer 16

a.
Port security.Correct
Configuring port security on network switches can restrict network access to authorized devices, preventing unauthorized connections.

Question 17

A security administrator needs a method to secure data in an environment that includes some form of checks to track any changes. Which of the following should the administrator set up to achieve this goal?

a.
SPF.
b.
GPO.
c.
NAC.
d.
FIM.

Answer 17

d.
FIM.Correct Answer
File Integrity Monitoring (FIM) tracks and logs changes to files, ensuring data integrity and security.

Question 18

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

a.
Place posters around the office to raise awareness of common phishing activities.
b.
Implement email security filters to prevent phishing emails from being delivered.
c.
Update the EDR policies to block automatic execution of downloaded programs.
d.
Create additional training for users to recognize the signs of phishing attempts.

Answer 18

c.
Update the EDR policies to block automatic execution of downloaded programs.Correct Answer
Updating the EDR (Endpoint Detection and Response) policies to block automatic execution of downloaded programs reduces the risk of malware execution from phishing links, minimizing the impact of phishing attacks.

Question 19

Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer’s PII?

a.
SCAP.
b.
NetFlow.
c.
Antivirus.
d.
DLP.

Answer 19

d.
DLP.Correct Answer
DLP (Data Loss Prevention) detects and prevents the unauthorized sharing of sensitive information, such as PII, to protect data privacy and compliance.