Chapter 10 & 14
In an interview, you are asked to explain the major objective of having resilience in an organization. How should you respond?
The major objective of resilience in an organization is to provide uninterrupted services.
What is a Type I hypervisor?
A hypervisor that runs directly on computer hardware
"Keep passwords secure and do not share accounts. Authorized users are responsible for the security of their passwords and accounts." "All computers and laptops should be secured with a password-protected screensaver, setting the automatic activation feature set at 10 minutes or less, or logging off when the host is unattended." Which policy includes these directives?
Acceptable Use Policy
Which of the following documents provide alternative modes of operation for interrupted business activities?
Business Continuity Plan
"Computer workstations must be locked when the workspace is unoccupied and turned off at the end of the business day." "Laptops must be either locked with a locking cable or locked in a drawer or filing cabinet." Which policy includes these directives?
Clean desk space
In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply?
Containers use OS components for virtualization
After a disaster disrupted your organization's functioning, you were assigned to determine the sequence for reinstating systems. Which of the following documents should you refer to when deciding the restoration order?
Data recovery plan
Why is maintaining a hot recovery site is important for e-commerce businesses?
E-commerce businesses cannot risk significant downtime.
Which mobile device location-based policy is used to identify geographical location by analyzing media files?
Geo-tagging
You are a security administrator asked to restrict employees in your organization from accessing their social media accounts at their workplace. Which of the following mobile device location-based policies should you use to accomplish this?
Geofencing
Which of the following policies propose using non-disclosure agreements (NDA)?
Onboarding and offboarding
You are working as a cybersecurity expert in an enterprise. While examining the newly established enterprise network, you found that when a request to write data to the drive is made, the controller sends that request to each drive. When a read action is required, the data is read twice, once from each drive. Which type of RAID is used in the newly established network?
RAID Level 1
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?
Take a snapshot of the virtual machine before testing the configuration
You are asked to construct a server cluster to provide resilience to the webserver hosted by your enterprise. Which of the following clustering systems should you implement to ensure the standby server only works when the other server fails?
asymmetric
Which of the following protects SNMP-managed devices from unauthorized access?
community string
Which of the following is a virtualization instance that uses OS components for virtualization?
container
Which of the following can be achieved using availability zones in cloud computing?
fault tolerance
Which cloud app security features check the last login's location and current login attempts to restrict login if found suspicious?
impossible travel
Which of the following policies restrict employees from being in a position to manipulate security configurations by limiting the time they spend with control of those configurations?
job rotation
Which of the following best describes an acceptable use policy?
A policy that defines the actions users may perform while accessing systems and networking equipment
Which of the following best describes an acceptable use policy?
A policy that defines the actions users may perform while accessing systems and networking equipment.
You want to examine every future login attempt made on the enterprise devices. Which of the following windows group policy settings should you enable to make sure every login attempt is logged?
Account audits
You are a security consultant. An enterprise client contacted you because their mail domain is blocked due to an unidentified entity using it to send spam. How should you advise them to prevent this from happening in the future?
Configure the SMTP relay to limit relays to only local users
n a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking?
Creating a virtual network
You are the security manager of an ISP, and you are asked to protect the name server from being hijacked. Which of the following protocols should you use?
DNSSEC
Which of the following is a feature of secrets management?
Default encryption
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?
FTPS
Which of the following tools can be used to secure multiple VMs?
Firewall virtual appliance
Which of the following protocols can make accessing data using man-in-the-middle attacks difficult while web browsing?
IPv6
Which of the following is the most versatile cloud model?
IaaS
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?
If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities.
You are working as a cloud administrator, and are asked to migrate a virtual machine to a more capable physical machine, as the demand for the service hosted on the VM increased past its limit. As your enterprise still uses conventional switches, migration took time and resulted in customer dissatisfaction. How should you mitigate this issue in the future?
Implement a software-defined network
You decided to test a potential malware application by sandboxing. However, you want to ensure that if the application is infected, it will not affect the host operating system. What should you do to ensure that the host OS is protected?
Implement virtual machine escape protection
In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply?
Mail gateways prevent unwanted mails from being delivered.
You are assigned to install multiple physical paths between devices and the SAN so that an interruption in one path will not affect communication. Which of the following techniques should you implement to manage the risk of interruption?
Multipath
Dave is preparing a COOP for his company. In it, he included how and where employees and resources will be relocated in case of a natural disaster, how data will be recovered in case a terrorist attack shuts down public networks, and how the company's critical services and processes will be affected by an IT system failure. Did Dave compile the COOP correctly?
No. Dave's COOP plan should not include how critical services and processes will be affected by an IT system failure.
What do servers connected in a cluster use to communicate with each other?
Private cluster connection
One of the important systems in your organization was accidentally exposed to malware. Which of the following features should you use to manage the risk of malware?
Revert to known state
You are a security administrator for an enterprise. You were asked to implement a cloud app security function in your enterprise network so that login attempts from identified threat actors can be restricted. Which of the following cloud app security function should you use?
Risky IP address
Which of the following protocols can be used for secure video and voice calling?
SRTP
Which of the following tools can be used to protect containers from attack?
Security-Enhanced Linux
Which of the following best describes a Fake RAID?
Software RAID assisted by BIOS
You are a security admin for an enterprise, and you were asked to ensure high availability of data using redundancy. Which of the following action should you perform?
Store the same data in different devices across different locations
Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike?
Take snapshots to save the virtual machine state
You work at the headquarters of an enterprise known for unethical practices. The company has many remote sites, but most functions are performed at one location. Your enterprise recently hired a third-party vendor known for high-accuracy business impact analyses. The BIA performed by the vendor has since proved wrong, as an incident impacted the business significantly more than forecast. You are assigned to conduct a study on the BIA's misconception and submit a report. What should you investigate as the possible reason for the BIA's inaccuracy?
The vendor overlooked the organization's remote sites.
In an interview, the interviewer asks you to boot a PC. Before the boot process begins, an interface asks you to choose between Windows 10 and Ubuntu Linux. The interviewer then asks you to identify the type of VR monitor program being used. What should your reply be?
Type I hypervisor
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?
Use private subnets for backend servers
Your enterprise recently decided to hire new employees as work-from-home interns. For the new employees to work from home, you need to create a network that will allow them to securely access enterprise data from remote locations. Which of the following protocols should you use?
VPN
Which of the following tools can be used for virtual machine sprawl avoidance?
Virtual Machine Manager