Cybersecurity Quiz Sections 9.1.8, 9.2.7, 9.3.4, 9.4.6, 9.5.6, 9.6.7, 9.7.7, 9.8.7, 9.9.6
A group of small local businesses have joined together to share access to a cloud-based payment system. Which type of cloud is MOST likely being implemented? A. Community B. Public C. Private D. Hybrid
A
Mobile device management (MDM) provides the ability to do which of the following? A. Track the device. B. Remotely install apps. C. Update apps as needed. D. Control data access.
A
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on their personal tablets. The chief information officer worries that one of these users might also use their tablet to steal sensitive information from the organization's network. Your job is to implement a solution that prevents insiders from accessing sensitive information stored on the organization's network from their personal devices while still giving them access to the internet. Which of the following should you implement? A. A guest wireless network that is isolated from your organization's production network B. A Network Access Control (NAC) solution C. An Acceptable Use Policy (AUP) D. A mobile device management (MDM) infrastructure
A
Which Amazon device can be used to control smart devices (such as lights) throughout a home using voice commands? A. Echo B. Siri C. Home D. Cortana
A
Which load balancing method distributes a workload across multiple computers? A. Workload balancing B. Bottleneck C. Resource pooling D. Virtualization
A
Which of the following BEST describes the Platform as a Service (PaaS) cloud computing service model? A. PaaS delivers everything a developer needs to build an application on the cloud infrastructure. B. PaaS stores and provides data from a centralized location without the need for local collection and storage. C. PaaS delivers infrastructure to the client, such as processing, storage, networks, and virtualized environments. D. PaaS delivers software applications to the client either over the internet or on a local area network (LAN).
A
Which of the following could be an example of a malicious insider attack? A. A user uses the built-in microphone to record conversations. B. A user's device has become infected with malware. C. A user has not implemented appropriate security settings. D. A user has lost a company-owned device.
A
Which of the following devices is computer software, firmware, or hardware that creates and runs virtual machines? A. Hypervisor B. Virtual firewall C. Virtual switch D. Virtual router
A
Which of the following do Raspberry Pi systems make use of? A. SoC B. FPGA C. SCADA D. RTOS
A
Which of the following does the Application layer use to communicate with the Control layer? A. Northbound APIs B. These layers do not communicate C. Controllers D. Southbound APIs
A
Which of the following is a network virtualization solution provided by Microsoft? A. Hyper-V B. VMware C. Citrix D. VirtualBox
A
Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor? A. Escape B. Load balancing C. Bottleneck D. Jump
A
Which of the following is used as a secure tunnel to connect two networks? A. VPA B. VFA C. VLAN D. VAN
A
Which of the following serves real-time applications without buffer delays? A. RTOS B. FPGA C. SCADA D. SoC
A
You are the security administrator for your organization. You have implemented a cloud service to provide features such as authentication, anti-malware, intrusion detection, and penetration testing. Which cloud service have you most likely implemented? A. SECaaS B. PaaS C. IaaS D. SaaS
A
You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk. Which of the following actions would BEST protect your system? A. Run the browser within a virtual environment. B. Configure the browser to block all cookies and pop-ups. C. Change the security level for the Internet zone to High. D. Run the browser in protected mode.
A
Your organization recently purchased 20 Android tablets for use by the organization's management team. You are using a Windows domain. Which of the following should you use to push security settings to the devices? A. Intune B. Application Control C. Group Policy D. Credential Manager
A
Which of the following statements about virtual networks is true? (Select two.) A. Multiple virtual networks can be associated with a single physical network adapter. B. A virtual network is dependent on the configuration and physical hardware of the host operating system. C. A virtual network is independent of the configuration and physical hardware of the host operating system. D. Each virtual network must be associated with a single physical network adapter. E. Accessing network resources requires that the operating system on the virtual machine be configured on an isolated network.
A and B
Cloud storage is a virtual service, so the infrastructure is the responsibility of the storage provider. Access control should be set as a local file system would be, with no need for the provider to have access to the stored data. You are implementing the following measures to secure your cloud storage: Verify that security controls are the same as in a physical data center. Use data classification policies. Assign information into categories that determine storage, handling, and access requirements. Assign information classification based on information sensitivity and criticality. Which of the following is another security measure you can implement? A. Create versioned copies of your cloud data. B. Dispose of data when it is no longer needed by using specialized tools. C. Configure distributed resources to act as one in a federated architecture. D. Configure redundancy and distribution of data.
B
Mobile application management (MAM) provides the ability to do which of the following? A. Manage mobile devices. B. Remotely install and uninstall apps. C. Comply with security policies. D. Control data access.
B
Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization. For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president's home-recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network. You've reviewed the vice president's social media pages. You found pictures of her home posted, but you didn't notice anything in the photos that would give away her home address. She assured you that her smartphone was never misplaced prior to the attack. Which security weakness is the MOST likely cause of the security breach? A. A Christmas tree attack was executed on her smartphone. B. Geotagging was enabled on her smartphone. C. Weak passwords were used on her smartphone. D. Sideloaded apps were installed on her smartphone.
B
The IT manager has tasked you with installing new physical machines. These computer systems are barebone systems that simply establish a remote connection to the data center to run the user's virtualized desktop. Which type of deployment model is being used? A. PaaS B. Thin client C. Thick client D. IaaS
B
What is isolating a virtual machine from the physical network to allow testing to be performed without impacting the production environment called? A. Resource pooling B. Sandboxing C. Workload balancing D. Testing
B
What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called? A. High availability B. Integration C. Encryption D. Instance awareness
B
Which APIs do individual networking devices use to communicate with the control plane from the Physical layer? A. None B. Southbound C. Northbound D. Northbound and Southbound
B
Which formula is used to determine a cloud provider's availability percentage? A. Uptime/downtime + uptime B. Uptime/uptime + downtime C. Downtime/uptime + downtime D. Downtime/downtime + uptime
B
Which of the following BEST describes a virtual desktop infrastructure (VDI)? A. Specifies where and when mobile devices can be possessed within the organization. For example, the possession of mobile devices may be prohibited in high-security areas. B. Provides enhanced security and better data protection because most of the data processing is provided by servers in the data center rather than on the local device. C. Gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data. D. Defines which kinds of data are allowed or which kinds of data are prohibited on personally owned devices brought into the workplace.
B
Which of the following BEST describes the Application SDN layer? A. Is software that is able to inventory hardware components in the network. B. Communicates with the Control layer through the northbound interface. C. Communicates with the Control layer through the southbound interface. D. Receives its requests and then provides configuration and instructions.
B
Which of the following are disadvantages of server virtualization? A. A compromised guest system might affect multiple servers. B. A compromised host system might affect multiple servers. C. Systems are isolated from each other and cannot interact with other systems. D. It increases hardware costs.
B
Which of the following devices facilitates communication between different virtual machines by checking data packets before moving them to a destination? A. Hypervisor B. Virtual switch C. Virtual firewall D. Virtual router
B
Which of the following is a technique that disperses a workload between two or more computers or resources to achieve optimal resource utilization, throughput, or response time? A. Hypervisor B. Load balancing C. Bottleneck D. Virtualization
B
Which of the following is an advantage of software-defined networking (SDN)? A. Standards are still being developed B. More granular control C. Is currently a new technology D. Lack of vendor support
B
Which of the following is an example of protocol-based network virtualization? A. VFA B. VLAN C. vSwitch D. VMM
B
Which of the following is the recommend Intune configuration? A. Account portal B. Intune Standalone C. Company portal D. Hybrid MDM
B
Which type of firewall protects against packets coming from certain IP addresses? A. Circuit-level B. Packet-filtering C. Application layer D. Stateful
B
Which type of hypervisor runs as an application on the host machine? A. Type 3 B. Type 2 C. Type 4 D. Type 1
B
You manage information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.) A. Rely on the device manufacturer to maintain device security with automated firmware updates. B. Install the latest firmware updates from the device manufacturer. C. Verify that your network's existing security infrastructure is working properly. D. Enroll each device in a mobile device management (MDM) system. E. Install anti-malware software on each device.
B and C
Google Cloud, Amazon Web Services (AWS), and Microsoft Azure are some of the most widely used cloud storage solutions for enterprises. Which of the following factors prompt companies to take advantage of cloud storage? (Select two.) A. Need for Software as a Service (SaaS) for managing enterprise applications B. Need to bring costs down C. Need for Platform as a Service (PaaS) for developing applications D. Growing demand for storage E. Need for a storage provider to manage access control
B and D
Which of the following are true concerning virtual desktop infrastructure (VDI)? (Select two.) A. Roaming profiles must be configured to allow mobile users to keep their same desktop environment across systems. B. User desktop environments are centrally hosted on servers instead of on individual desktop systems. C. User desktop environments are provided by individual desktop systems instead of by remote servers. D. In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers. E. In the event of a widespread malware infection, the administrator can reimage user desktops by pushing an image out to each user desktop system over the network.
B and D
A smartphone was lost at the airport. There is no way to recover the device. Which of the following ensures data confidentiality on the device? A. GPS B. TPM C. Remote wipe D. Screen lock
C
Network engineers have the option of using software to configure and control the network rather than relying on individual static configuration files that are located on each network device. Which of the following is a relatively new technology that allows network and security professionals to use software to manage, control, and make changes to a network? A. Control layer networking B. Load balancing software C. Software-defined networking (SDN) D. Infrastructure software networking
C
Software defined networking (SDN) uses a controller to manage devices. The controller is able to inventory hardware components on the network, gather network statistics, make routing decisions based on gathered data, and facilitate communication between devices from different vendors. It can also be used to make widespread configuration changes on just one device. Which of the following best describes an SDN controller? A. The SDN controller is hardware. B. The SDN controller is a virtual networking device. C. The SDN controller is software. D. The SDN controller is a networking protocol.
C
The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies. Where would you go to set up the Intune policies? A. In the Company portal, select Policy > Add Policy. B. In the Admin portal, select Management > Policy > Add Policy. C. In the Admin portal, select Policy > Add Policy. D. In the Company portal, select Management > Policy > Add Policy.
C
The IT manager has tasked you with implementing a solution that ensures that mobile devices are up to date, have anti-malware installed, and have the latest definition updates before being allowed to connect to the network. Which of the following should you implement? A. MDM B. VDI C. NAC D. BYOD
C
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands. The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen. Which of the following should you implement? A. An Acceptable Use Policy (AUP) B. A guest wireless network that is isolated from your organization's production network C. A mobile device management (MDM) infrastructure D. A Network Access Control (NAC) solution
C
What is the limit of virtual machines that can be connected to a virtual network? A. 54 B. 16,777,214 C. Unlimited D. 65,534
C
Which SDN layer would a load balancer that stops and starts VMs as resource use increases reside on? A. Control B. Session C. Application D. Physical
C
Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself? A. Self-service portal B. BYOD C. Remote management D. App catalog
C
Which of the following can provide the most specific protection and monitoring capabilities? A. Cloud-native controls B. Secure web gateway C. Cloud-access security broker D. Cloud-based firewall
C
Which of the following cloud computing solutions delivers software applications to a client either over the internet or on a local area network? A. DaaS B. PaaS C. SaaS D. IaaS
C
Which of the following cloud storage access services acts as a gatekeeper, extending an organization's security policies into the cloud storage infrastructure? A. A co-located cloud computer service B. A web service application programming interface C. A cloud-access security broker D. A cloud storage gateway
C
Which of the following is a disadvantage of software-defined networking (SDN)? A. SDN creates centralized management. B. SDN gathers network information and statistics. C. SDN standards are still being developed. D. SDN facilitates communication between hardware from different vendors.
C
Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network? A. Cloud native controls B. Virtual area network C. Cloud-based firewall D. Cloud-access security broker
C
Which of the following is an open-source hardware and software company that designs and manufactures single-board microcontrollers as well as kits to build digital devices? A. Microsoft B. Raspberry Pi C. Arduino D. Amazon
C
Which of the following lets you make phone calls over a packet-switched network? A. SCADA B. FPGA C. VoIP D. RTOS
C
Which of the following methods can cloud providers implement to provide high availability? A. Encryption B. Instance awareness C. Replication D. Integration
C
Which of the following mobile device management (MDM) solutions allows an organization to manage all devices, including printers, workstations, and even IoT devices? A. EMM B. MDM C. UEM D. MAM
C
Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices? A. UEM B. MAM C. EMM D. MDM
C
Which of the following virtual devices provides packet filtering and monitoring? A. VMM B. VLAN C. VFA D. vSwitch
C
Which type of firewall operates at Layer 7 of the OSI model? A. Stateful B. Circuit-level gateway C. Application layer D. Packet-filtering
C
You notice that a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections. Which of the following labels applies to this growing ecosystem of smart devices? A. The smartnet B. Internet of smart devices C. Internet of Things (IoT) D. Dynamic environment
C
Which of the following are advantages of virtualization? (Select two.) A. Improved host-based attack detection B. Reduced utilization of hardware resources C. Centralized administration D. Easy migration of systems to different hardware E. Redundancy of hardware components for fault tolerance
C and D
Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.) A. These devices are typically installed in the DMZ that resides outside of an organization's perimeter firewall. B. It is difficult to update the virus definitions used to protect these devices. C. Devices are typically more difficult to monitor than traditional network devices. D. Smart device vendors tend to proactively protect their products against security threats. E. Devices tend to employ much weaker security than traditional network devices.
C and E
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the BEST approach to take to accomplish this? (Select two. Each option is part of a complete solution.) A. Configure security settings in a Group Policy Object. B. Require users to install the configuration profile. C. Configure and apply security policy settings in a mobile device management (MDM) system. D. Configure and distribute security settings in a configuration profile. E. Enroll the devices in a mobile device management (MDM) system. F. Join the tablets to a Windows domain.
C and E
If a user's BYOD device (such as a tablet or phone) is infected with malware, that malware can be spread if that user connects to your organization's network. One way to prevent this event is to use a Network Access Control (NAC) system. How does an NAC protect your network from being infected by a BYOD device? A. The NAC notifies users that personally owned devices are subject to random searches if brought on site. B. The NAC specifies which apps can be used while the BYOD device is connected to the organization's network. C. The NAC forces BYOD devices to connect to a guest network that is isolated from your production network. D. The NAC remediates devices before allowing them to connect to your network.
D
In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal? A. Add B. Protect C. Configure D. Deploy
D
What is a virtual LAN that runs on top of a physical LAN called? A. VMM B. VLAN C. VFA D. VAN
D
What is the minimum number of users needed in a Windows Enterprise agreement for Intune to be included? A. No minimum B. 100 C. 1,000 D. 500
D
What is the on-premises, cloud-based software tool that sits between an organization and a cloud service provider called? A. Cloud-native controls B. Secure web gateway C. Cloud-based firewall D. Cloud-access security broker
D
Which device deployment model gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data? A. BYOD B. CYOD C. VDI D. COPE
D
Which of the following BEST describes the Physical SDN layer? A. Sometimes called northbound APIs. B. Gives new life to old networking hardware. C. Receives its requests from the Application layer. D. Also known as the Infrastructure layer.
D
Which of the following Intune portals is used by end users to manage their own account and enroll devices? A. Admin portal B. Add Intune Users C. Account portal D. Company portal
D
Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed out to users within 24 hours? A. BYOD B. App catalog C. Self-service portal D. Remote management
D
Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that they have rights to access? A. Self-service portal B. Remote management C. BYOD D. App catalog
D
Which of the following defines an acceptable use agreement? A. An agreement that outlines the organization's monitoring activities. B. A legal contract between the organization and the employee that specifies that the employee is not to disclose the organization's confidential information. C. An agreement that prohibits an employee from working for a competing organization for a specified period of time after he or she leaves the organization. D. An agreement that identifies employees' rights to use company property, such as internet access and computer equipment, for personal use.
D
Which of the following devices are special computer systems that gather, analyze, and manage automated factory equipment? A. UAV B. MFD C. SoC D. SCADA
D
Which of the following is a network security service that filters malware from user-side internet connections using different techniques? A. Cloud-access security broker B. Cloud-based firewall C. Virtual area network D. Secure web gateway
D
Which of the following is a policy that defines appropriate and inappropriate usage of company resources, assets, and communications? A. Business impact analysis (BIA) B. Business continuity plan (BCP) C. Disaster recovery plan (DRP) D. Acceptable use policy (AUP)
D
Which of the following is a solution that pushes security policies directly to mobile devices over a network connection? A. Credential Manager B. Group Policy C. Application Control D. Mobile device management (MDM)
D
Which of the following is an advantage of a virtual browser? A. Prevents phishing and drive-by downloads B. Filters internet content based on ratings C. Prevents adware and spyware that monitor your internet activity D. Protects the host operating system from malicious downloads
D
Which of the following is the first phase of the Microsoft Intune application life cycle? A. Configure B. Protect C. Deploy D. Add
D
Which of the following mobile device security considerations disables the ability to use the device after a short period of inactivity? A. GPS B. TPM C. Remote wipe D. Screen lock
D
Which of the following provides the network virtualization solution called XenServer? A. VMWare B. Cisco C. Microsoft D. Citrix
D
Which of the following tools allows the user to set security rules for an instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization? A. Replication B. Integration C. Encryption D. Instance awareness
D
Your organization allows employees to bring their own devices into work, but management is concerned that a malicious internal user could use a mobile device to conduct an insider attack. Which of the following should be implemented to help mitigate this threat? A. Implement a Network Access Control (NAC) solution. B. Implement a guest wireless network that is isolated from your organization's production network. C. Implement an AUP that specifies which apps are allowed for use with organizational data. D. Implement an AUP that specifies where and when mobile devices can be possessed within the organization.
D
Your organization recently purchased 20 Android tablets for use by the organization's management team. To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you implement A. Application Control B. App blacklisting C. Credential Manager D. App whitelisting
D
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.) A. Install anti-malware software on each device. B. Enroll each device in a mobile device management system. C. Install a network monitoring agent on each device. D. Install the latest firmware updates from the device manufacturer. E. Verify that your network's existing security infrastructure is working properly.
D and E
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating systems' versions and editions. Currently, all of your virtual machines used for testing are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent issues, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do? (Select two. Both responses are part of the complete solution.) A. Disable the switch port the hypervisor's network interface is connected to. B. Create a new virtual switch configured for bridged (external) networking. C. Create MAC address filters on the network switch that block each virtual machine's virtual network interfaces. D. Connect the virtual network interfaces in the virtual machines to the virtual switch. E. Disconnect the network cable from the hypervisor's network interface. F. Create a new virtual switch configured for host-only (internal) networking.
D and F