Siedel Chapter 7 Review Questions Flashcards
Megan has downloaded a container from a public repository. What should her next step be to use the container?
A. Run the container using her containerization service
B. Scan the container for malicious software
C. Validate the container by decrypting it
D. Check the container into her organizations container repository
B. Scan the container for malicious software
Explanation:
Much as with any package downloaded from the internet, Megan needs to validate the container. Ideally she should check the containers signature if one is provided and scan it for any malicious software. Running it or adding it to a repository without checking it is not a best practice, and decrypting a container does not validate it
Chris is considering whether his organization should build a data center or buy a preexisting data center. His organization needs a large amount of space and uses a significant amount of power.
Which of the following is a common reason to build a new data center rather than pay for data center space in a scenario like the one Chris is facing?
A. Cost
B. Resilience
C. Efficiency
D. Flexibility
A. Cost
Explanation:
Significant data center usage usually makes building your own less expensive in the long term. For smaller deployments, third party data center hosting companies can offer increased resilience, greater efficiency due to shared space and services, and greater flexibility as organizations grow unitl their needs exceed those of the commercial provider
Stacey wants to detect attacks against her hosted systems and would like to be able to analyze the techqniues and tools used in those attacks. What security tool could she use to accomplish both of these goals?
A. A network security group
B. A firewall
C. A honeypot
D. A beartrap
C. A honeypot
Explanation:
A honeypot is designed to be attractive to attackers and to capture their tools and techniques for later study. Firewalls and network security groups both block traffic based on rules but do not cpature the tools or techniques in most cases
Olivia wants to ensure that her new data center cannot lose its internet connectivity due to a single event that damages the fiber optic cable run to their internet service providers. What term describes the solution Olivia is looking for?
A. Linear continuity
B. Multivendor pathway connectivity
C. Separation of networks
D. Redundant fiber assessment
B. Multivendor pathway connectivity
Explanation:
Multivendor pathway connectivity describes separate physical paths to different vendors for internet access or other services. Key elements of a multivendor pathway connectivity design include ensuring that the paths do not intersect or overlap, that multiple vendors are used and that those vendors themselves do not have shared upstream dependencies. The remainder of the answers were made up for this question
Pete wants to configure network security defenses for his cloud hosted instances. What cloud security tool is best compared to a firewall?
A. Cloud watchers
B. Cloud IDS
C. Cloud IPS
D. Network security groups
D. Network security groups
Explanation:
Network security groups, like firewalls, rely on rules to define what traffic is allowed to instances. Cloud watchers isnt a common term, but CloudWatch is an Amazon tool used to monitor Amazon resources, and both IDS and IPS systems are used to monitor for attacks, while an IPS can also be used to stop them
Daniel wants to provide SSH access to hosts in a protected subnet in his cloud hosted data center environment. He deploys a system dedicated for this type of access with rules allowing lower security zones to connect through the system to higher security devices in the subnet. What type of device has Daniel deployed?
A. A bastion host
B. A security gateway
C. A VPC span
D. A span port
A. A bastion host
Explanation:
Daniel has deployed a bastion host, a specifically secured device that allows external access from a lower security zone to a higher security zone. Security gateways is a broad term for network edge security devices. A span port is used to capture network for analysis and a VPC span was made up for this question
Chargles wants to detect abnormal traffic in his organizations cloud environment. The vendor who provides his SIEM tool has advanced analytic tools that baseline normal traffic and then analyze logs and traffic to identify potential attacks based on learning models. Which of the following options best describes this type of technology?
A. Behavior based analysis
B. Artificial intelligence
C. Rules based analysis
D. Pattern matching
B. Artificial intelligence
Explanation:
Learning systems that apply data to improve their detection are considered intelligence models. They may apply behavior based analysis, pattern matching and rules as part of their actions, but learning from those is a hallmark of AI based systems
Geeta wants to connect to a Windows server using a full graphical user interface. What secure connection option should she use?
A. Telnet
B. SSH
C. RDP
D. Screen
C. RDP
Explanation:
RDP is the built in Windows remote desktop client that operates on TCP port 3389. Telnet is not encrypted and screen is a Linux command that allows sessions to be paused without losing connectivity. SSH can be used to tunnel other services, but it is typically a command line option
The organization that Jules works for wants to ensure that a loss of chilled water does not cause an outage for her data center. What option should Jules ensure is in place in case of a failure of the chilled water system?
A. The ability to switch to utility water
B. A complete fire suppression system
C. The ability to switch to external temperature air
D. A complete generator system to provide backup power to the chiller
A. The ability to switch to utility water
Explanation:
While chilled water systems provider better cooling, the ability to switch to utility provider water in the event of an outage is a common capability for chilled water systems. None of the other answers address the need for water based cooling
Amanda has joined a new company, and part of her orientation notes that stagg use virtual clients to access secure data used by the company as part of their data center operations. What type of solution should Amanda expect to see?
A. Virtual clients hosted on her laptop
B. A cloud based server environment
C. Virtual clients hosted in the cloud or on servers
D. A third party managed data center
C. Virtual clients hosted in the cloud or on servers
Explanation:
Amanda should expect to use virtual desktops or applications hosted in the cloud or on servers, allowing all sensitive work to occur remotely via an encrypted connection. She should not expect local virtual machine hosting and the problem does not indicate whether the organization uses a cloud based server environment or a third party managed data center
Jack wants to design a redundant powr system for his data center. WHich of the following is not a common element in a fully redundant power system?
A. Power from two or more utility providers
B. UPS devices in each rack
C. Multiple generators
D. Solar power arrays
D. Solar power arrays
Explanation:
While solar power may be used for a data center, it is not a common element in fully redundant power systems. Power from multiple providers on different physical paths, UPS devices in each rack, and multiple generators that allow maintenance to occur while still providing power to the facility during a power loss event are all common design features
Jim wants to harden his virtualization environment. Which of the following is not a common hypervisor hardening technique?
A. Restricting the use of superuser accounts
B. Requiring MFA
C. Logging and alerting on improper usage
D. Enabling secure boot for guests systems
D. Enabling secure boot for guests systems
Explanation:
Enabling secure booth for guest systems does not help to harden the hypervisor itself. Restricting the use of super user accounts, requiring MFA and logging and alerting on improper usage are all examples of common hypervisor hardening techniques
Naomi wants to provide secure SSH connectivity to systems in a protected VLAN. Which of the following describes the best security method for doing so?
A. Use SSH to a jumpbox, require MFA, and use SSH certificates
B. Use SSH directly to the host, require MFA, and use SSH certificates
C. Use SSH directly to the host, require MFA, and do not allow SSH certs
D. Use SSH to a jumpbox, do not require MFA, and use SSH certificates
A. Use SSH to a jumpbox, require MFA, and use SSH certificates
Explanation:
Using SSH with a jumpbox, requiring MFA and using certs are all best practices that Naomi should consider to provide a secure SSH solution
Selah’ cloud environment analyzes traffic patterns and load and adjusts the number of systems in a web server pool to meet the current and expected future load as needed. Which of the following terms best describes what her organization is doing?
A. Distributed resource scheduling
B. Dynamic optimization
C. Maintenance mode
D. High availability
B. Dynamic optimization
Explanation:
Selahs organization is using dynamic optimization techqniues to use data driven, responsive adjustments in their environment to meet load based needs. Distributed resource scheduling focuses on providing resources to virtual machines to ensure their needs are met and that maintenance can occur. Maintenance mode removes systems from a virtual machine cluster by shedding load to other systems so maintenance can occur. High availability can help with the scenario described but does not necessarily adjust to meet load conditions
Franks organization wants to institute a 24/7 monitoring and response capability focused on security. What type of operations capability will Frank establish?
A. A SIEM
B. A NOC
C. A SOC
D. An IDS
C. A SOC
Explanation:
Frank will establish a security operations center, or SOC. A NOC, or network operations center, focuses on network management and monitoring, although SOCs and NOCs often have overlapping responsibilities