Chapter 1 Questions

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

8. You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application? A. Take a snapshot of the VM before deploying the new application. B. Take a snapshot of the VM after deploying the new application. C. Ensure the server is configured for non persistence. D. Back up the server after installing the new application.

A. Taking a snapshot of the virtual machine (VM) before deploying it ensures that the VM can be reverted to the original configuration if the new application causes problems. Taking a snapshot after the installation doesn't allow you to revert the image. Non-persistence is used in a virtual desktop infrastructure (VDI), where user changes to the desktop are not changed. It isn't appropriate to use non-persistence on a virtual server. Backing up the server might be appropriate before installing the new application but not after.

13. Which type of virtualization allows a computer's operating system kernel to run multiple isolated instances of a guest virtual machine, with each guest sharing the kernel? A. Container virtualization B. Type I hypervisor virtualization C. Type II hypervisor virtualization D. VDE

A. Container-based virtualization (also called application cell virtualization) uses the same operating system kernel of the host computer. It is often used to run isolated applications or services within a virtual environment. Type I hypervisor virtualizavirtualization runs directly on the system hardware. Type II hypervisor virtualization runs VMs that all include their own operating system, including their own kernel. A virtual desktop environment (VDE) provides a full desktop operating system to users

11. Users within your organization access virtual desktops hosted on remote servers. This describes which of the following? A. VDE B. Snapshots for non persistence C. Type I hypervisors D. VM sprawl

A. In a virtual desktop environment (VDE), users access virtual desktops hosted on remote servers. VDE desktops can use snapshots for non persistence, but it is also possible to allow users to have persistent unique desktops in a VDE. Type I hypervisors (bare metal hypervisors) run directly on the system without an operating system and are not used for a VDE. VM sprawl describes a problem of many unmanaged VMs, but the scenario doesn't mention that the virtual desktops are not managed.

9. Ned is not able to access any network resources from his Linux based computer. Which of the following commands would he use to view the network configuration of his system? A. ifconfig B. ipconfig C. netstat D. tracert

A. The ifconfig command displays network settings on a Linux computer. This includes the IP address, subnet mask, and default gateway assigned to the network interface card (NIC). The ipconfig command performs similar checks on Windows computers, but not on Linux systems. Netstat shows network statistics and active connections but not the network settings. The tracert command traces the route of data and can help determine which network devices are failing.

6. Your organization wants to reduce the amount of money it is losing due to thefts. Which of the following is the BEST example of an equipment theft deterrent? A. Snapshots B. Cable locks C. Strong passwords D. Persistent VDI

B. Cable locks are effective equipment theft deterrents for laptops and other systems. Snapshots refer to digital snapshots that capture the state of a virtual machine at a moment in time. Passwords prevent unauthorized access to systems, but don't provide physical security. A virtual desktop infrastructure (VDI) allows users to access a desktop on a remote server. A persistent VDI saves the user changes on the desktop, but it does not deter thefts.

2. Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use cases is he MOST likely using? A. Supporting confidentiality B. Supporting integrity C. Supporting encryption D. Supporting availability

B. He is most likely using a use case of supporting integrity. By verifying that the hashes are the same on the configuration files, he is verifying that the files have not changed. Confidentiality is enforced with encryption, access controls, and steganography. Encryption is a method of enforcing confidentiality and it doesn't use hashes. Availability ensures systems are up and operational when needed.

1. You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution? A. Use hashes. B. Encrypt it before sending. C. Protect it with a digital signature. D. Use RAID.

B. You can maintain confidentiality of any data, including Personally Identifiable Information (PII) with encryption. Hashes provide integrity, not confidentiality. A digital signature provides authentication, non-repudiation, and integrity. A redundant array of inexpensive disks (RAID) provides higher availability for a disk subsystem.

12. Your organization has implemented a VDI for most users. When a user logs off, the desktop reverts to its original state without saving any changes made by the user. Which of the following BEST describes this behavior? A. Container virtualization B. VM escape C. Non persistence D. Elasticity

C. Non persistence in a virtual desktop infrastructure (VDI) indicates that the desktop is the same for most (or all) users and when the user logs off, the desktop reverts to a known state or rolls back to a known configuration. With container virtualization, application cells run isolated services or applications within the host, using the host's kernel. Virtual machine (VM) escape is an attack where the attacker accesses the host system from within the VM. Elasticity refers to the ability to resize a VM in response to increased or decreased load.

5. As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include? A. Ensure critical systems provide uninterrupted service. B. Protect data in transit from unauthorized disclosure. C. Ensure systems are not susceptible to unauthorized changes. D. Secure data to prevent unauthorized disclosure.

C. The chief technology officer (CTO) should ensure systems are not susceptible to unauthorized changes, which is an element of integrity. A security program should address the three core security principles of confidentiality, integrity, and availability (CIA). The system in the example is already addressing confidentiality and availability. Ensuring critical systems provide uninterrupted service addresses availability. Protecting data and securing data to prevent unauthorized disclosure addresses confidentiality.

10. Administrators frequently create VMs for testing. They sometimes leave these running without using them again after they complete their tests. Which of the following does this describe? A. VM escape B. VDI snapshot C. VM sprawl D. Type II hypervisor

C. VM sprawl occurs when an organization has many VMs that aren't managed properly. Unmonitored VMs typically won't get updated and can be vulnerable to attacks. VM escape is an attack that allows an attacker to access the host system from within the virtual system. A virtual desktop infrastructure (VDI) provides users with virtual desktops hosted on a server. A VDI snapshot is commonly used to provide users with the same non-persistent desktop that doesn't save changes. The VMs might be Type II hypervisors (running as software within a host operating system), but that isn't relevant to leaving them running and unmonitored.

4. Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support? A. Supporting confidentiality B. Supporting availability C. Supporting obfuscation D. Supporting nonrepudiation

D. Digital signatures will support a use case of supporting non-repudiation. Digital signatures don't encrypt data, so they do not support a use case of supporting confidentiality. Redundancy and fault-tolerance solutions will increase availability. Steganography is one way of supporting obfuscation.

3. Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions? A. To support steganography B. To support integrity C. To support availability D. To support obfuscation

D. Hiding data within data is one way to support a use case of supporting obfuscation. In this scenario, Louie is using steganography to hide the files within the image, but that is the method, not the purpose. Hashing methods and digital signatures support integrity. Redundancy and fault-tolerance methods increase availability.

7. Your organization is considering virtualization solutions. Management wants to ensure that any solution provides the best ROI. Which of the following situations indicates that virtualization would provide the best ROI? A. Most physical servers within the organization are currently utilized at close to 100 percent. B. The organization has many servers that do not require failover services. C. Most desktop PCs require fast processors and a high amount of memory. D. Most physical servers within the organization are currently underutilized.

D. If most physical servers within the organization are currently underutilized, virtualization will provide a high return on investment (ROI). If the servers are currently utilized close to 100 percent, new servers will need to be purchased to virtualize them. It is possible to implement failover services on virtualized servers so there is little cost difference between physical and virtualized servers. The amount of processing power or memory requirements isn't relevant unless you know how much systems are currently utilizing.

14. You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections? A. arp B. ipconfig C. ping D. netstat

D. The netstat command displays active connections on a system. Arp displays information related to media access control (MAC) addresses. Ipconfig displays TCP/IP configuration information for wired and wireless network interface cards. Ping checks connectivity with remote systems.

15. You have configured a firewall in your network to block ICMP traffic. You want to verify that it is blocking this traffic. Which of the following commands would you use? A. arp B. ipconfig C. netstat D. ping

D. The ping command sends Internet Control Message Protocol (ICMP) echo requests and checks for ICMP echo replies. Arp resolves IP addresses to media access control (MAC) addresses and does not use echo commands. Ipconfig checks the configuration of a NIC. Netstat shows active connections and network statistics.


Set pelajaran terkait

Evolution: How did Lamarck explain evolution?

View Set

Thermodynamics Chapter 2 True/False

View Set

NURS 2210 Exam 3 - Iggy Ch's 49-51

View Set

35Qw/exp Management of Patients with Fluid, Electrolyte, & Acid-Base Imbalances

View Set