CTI 120 Ch 15

Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity? Screen lock GPS Remote wipe TPM

Screen lock

What permissions do you need to perform a backup?

-Admin privileges are needed to configure scheduled backups or to manually initiate a backup. -When performing a backup to a shared network folder, the credentials used for the backup must have Full Control permissions to the share and NTFS permissions of the destination folder.

You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with the username admin and the password admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.) -Change the default administrative user name and password. -Use encrypted type 7 passwords. -Use TFTP to back up the router configuration to a remote location. -Use a web browser to access the router configuration using an HTTP connection. -Use an SSH client to access the router configuration.

-Change the default administrative user name and password. -Use an SSH client to access the router configuration.

Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.) -Configure security settings in a Group Policy object. -Join the tablets to your domain. -Manually configure security settings using the Local Group Policy Editor program. -Enroll the devices in a mobile device management system. -Link the Group Policy object to the container where the tablets' computer objects reside. -Configure and apply security policy settings in a mobile device management system.

-Enroll the devices in a mobile device management system -Configure and apply security policy settings in a mobile device management system.

Which of the following is the best recommendation for applying hotfixes to your servers? Apply all hotfixes before applying the corresponding service pack. Wait until a hotfix becomes a patch, then apply it. Apply hotfixes immediately as they are released. Apply only the hotfixes that apply to software running on your systems.

Apply only the hotfixes that apply to software running on your systems.

Full backup

Backs up all data, both new data and old data that is already backed up.

Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60%, and the temperature is 80 degrees. What should you do to help reduce problems? Add a humidifier to the server room. Add a de-humidifier to the server room. Add a separate A/C unit in the server room. Add line conditioners in the server room.

Add a separate A/C unit in the server room.

Standby Power Supply(SPS)

An offline device that only switches on to provide power when an undervoltage occurs. If the switchover is not fast enough, the computer loses power and shuts down.

Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is a part of a complete solution.) Configure and distribute security settings in a configuration profile. Enroll the devices in a mobile device management system. Configure security settings in a Group Policy object. Require uses to install the configuration profile. Configure and apply security policy settings in a mobile device management system. Join the tablets to a Windows domain.

-Enroll the devices in a mobile device management system. -Configure and apply security policy settings in a mobile device management system.

Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.) -Perform a clean install of the mobile operating system on each user's device. -Configure mobile device security policies using gpedit.msc. -Enroll the devices with the Intune service. -Join each device to your organization's domain. -Download and install the Intune client software on the mobile device.

-Enroll the devices with the Intune service. -Download and install the Intune client software on the mobile device.

You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have resolved the problem, but you would like to be able to manage the server remotely just in case more issues occur. Which of the following protocols would you use for remote management? (Select two.) PPP ICA L2TP PPTP VNC PPPoE

-ICA -VNC Virtual Network Computing (VNC) was originally developed for UNIX. Applications using VNC include RealVNC, TightVNC, UltraVNC, and Vine Server. Independent Computing Architecture (ICA) is the protocol used by Citrix products (WinFrame and MetaFrame/XenApp).

Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (Select two. Each response is a separate solution.) -Implement storage segmentation. -Install the devices in your organization's directory services tree. -Enable device encryption. -Join the devices to your organization's domain. -Configure a Group Policy object (GPO) containing mobile device-specific security settings.

-Implement storage segmentation. -Enable device encryption.

Which of the following statements is true? A system image backup: -Can be saved to a Bitlocker-enabled volume. -Is saved as a .vhd file. -Does not include user profile settings. -Is the only type of backup supported by the backup and restore console.

-Is saved as a .vhd file.

Where can you go to find updates for applications or drivers?

-Manufacturer's website -Built in update feature

Most mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate. Left- Wifi triangualation cell phone tower triangulation IP address resolution GPS =============== right- most accurate more accurate less accurate least accurate

-Most accurate GPS -More accurate Wi-Fi triangulation -Less accurate Cell phone tower triangulation -Least accurate IP address resolution

What can you do to prevent malware from a mobile device from spreading?

-NAC(network access control) can remediate devices and scan before allowing. -guest wireless network

Which of the following media types can you save backup files on? (Select two.) -The system disk -Network attached storage (NAS) -Tape drives -External hard drives

-Network attached storage(NAS) -External hard drives

You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.) -The cold aisle should face the air conditioner's return duct. -The rear of your servers should face the hot aisle. -The front of your servers should face the hot aisle. -The front of your servers should face the cold aisle. -The hot aisle should face the air conditioner's output ducts. -The rear of your servers should face the cold aisle.

-The rear of your servers should face the hot aisle. -The front of your servers should face the cold aisle.

Match each bring your own device (BYOD) security concern with a possible remedy. Remedies can be used not at all, once or more than once. -Implement a network access control solution (NAC) -Specify where and when mobile devices can be possessed in your acceptable use policy -Specify who use can call for help with mobile device apps in your acceptable use policy -Enroll devices in a mobile device management system. ------------------------------------ -Users take pictures of proprietary processes and procedures. -Devices with a data plan can email stolen data. -Devices have no PIN or password configured. -Anti-malware software is not installed. -A device containing sensitive data may be lost.

-Users take pictures of proprietary processes and procedures.===Specify where and when mobile devices can be possessed in your acceptable use policy. -Devices with a data plan can email stolen data.===Specify where and when mobile devices can be possessed in your acceptable use policy. -Devices have no PIN or password configured.===Enroll devices in a mobile device management system -Anti-malware software is not installed.===Implement a network access control (NAC) solution. -A device containing sensitive data may be lost. ===Enroll devices in a mobile device management system.

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over UTP plenum cable that will run through the suspended tile ceiling of the data center. To provide power for the new devices, you had an electrician install several new 20-amp wall outlets near the new rack. Each device in the rack will be plugged directly into one of these new wall outlets. What is wrong with this configuration? (Select two.) You should implement redundant power supplies for the network devices. You should implement a UPS between the wall outlet and the network devices. You should not connect networking equipment to a 20-amp wall circuit. You must use a straight-through cable to connect the two switches together. You should not run a plenum cable through a suspended tile ceiling.

-You should implement redundant power supplies for the network devices. -You should implement a UPS between the wall outlet and the network devices.

What should your acceptable use policy specify?

-define a process for provisioning users -define acceptable uses -define who owns company data -address the threat of insider attacks

Why should you enable logging only for specific events?

-extensive logging can consume a lot of system resources.== lowers system performance

What are the best temperatures and humidity ranges for electronic components?

-keep temp at 68F. cooler is better -humidity 50-65%

What is the air exchange rate for a server room?

20-30 air changes per hour

You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment? -2U UPS -4U firewall -3U server -4U UPS

2U UPS

Cold Site

A cold site is an alternate location with power that may or may not include some hardware.

blackout

A complete power failure

uninterruptible power supply (UPS)

A device that constantly provides battery power to the computer and is recharged by the wall outlet. An online UPS constantly powers the computer from the battery. An offline UPS powers the computer from the wall outlet but switches to battery if the power fails.

Throughput Tester

A device that measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from a disk in a specific period of time).

File Backup

A file backup includes specified files and folders backed up to a compressed file. File backups do not include system files, program files, encrypted files (including EFS-encrypted files), files in the Recycle Bin, user profile settings or temporary files.

Transient

A fluctuation caused by line noise or disturbance

Hot Site

A hot site is a duplicate of your primary site that contains full computer systems and complete data backups.

Hotfix

A hotfix is an operating system patch that fixes bugs and other software vulnerabilities.

Fault

A momentary power outage

Protocol Analyzer

A passive device that that captures transmitted frames and allows you to view the frame contents, but does not allow you to modify and retransmit frames.

Log

A record of events that have occurred on a system. Logging capabilities are built into operating systems, services, and applications. Log entries are generated in response to changes in configuration, system state, or network conditions.

brownout

A reduction in voltage that lasts longer than a few seconds.

Remote Desktop

A remote desktop utility displays the graphical user interface of a remote device. Remote desktop solutions are used to remotely manage a computer or allow support personnel to view and troubleshoot a remote user's system.

Service Pack (SP)

A service pack is a collection of hotfixes and other system enhancements.

Sag or dip

A sudden reduction in voltage for a short period of time(as long as a few seconds)

Surge or spike

A sudden rise in voltage

System image backup

A system image backup consists of an entire volume backed up to a .vhd file. It contains everything on the system, including the operating system, installed programs, drivers and user data files.

Terminal Emulation Utility

A terminal emulation utility is a program that allows a console connection through the network. The terminal emulation software communicates with the device over the network and displays the text based console screen. The two common termination emulation programs used are Telnet and SSH.

Terminal Emulation

A terminal is a monitor and keyboard attached to a device(such as a mainframe, server or router) through a serial or special console port. The terminal displays a text based interface and users interact with the device by typing commands.

Load Tester

A tool that simulates a load on a server or service. For example, the load tester might simulate a large number of client connections to a website, test file downloads for an FTP site, or large volumes of email.

Warm Site

A warm site includes critical hardware and data.

You provide IT support for a dentist's office. The office has a limited number of wireless clients, so a simple wireless router is used to provide Wi-Fi access. On your latest visit, you check the manufacturer's website and discover that an update has been released by the wireless router manufacturer. You decide to download and install the update.

Backup Configuration

Which type of server backup is for recovering only critical volumes?

Bare metal recovery

Beside protecting a computer from under-voltages, a typical UPS also performs which two actions? Prevents electric shock Prevents ESD Conditions the power signal Protects from over-voltages

Conditions the power signal Protects from over-voltages

Which of the following enterprise wireless configuration strategies best keeps public wireless access separate from private wireless access? -Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point. -Deploy independent stand-alone access points throughout your enterprise and configure each to use the same SSID, the same channel, and the same IP subnet. -Establish shared key authentication that uses one passphrase for guest users and another passphrase for private users. -Implement MAC address filtering to restrict connections to the private access point only to MAC addresses that are explicitly allowed.

Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point.

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure in a single component does not cause the website to become unavailable. What should you add to your configuration to accomplish this? -Reconfigure the disk array in a RAID 1+0 configuration. -On each server, add a second network connection to the internet. -On each server, add a second network connection to connect the server to the shared storage device. -Connect one server to the internet through a different ISP .

Connect one server to the internet through a different ISP. In this scenario, the ISP is the single point of failure. If the ISP connection goes down, then the website is unavailable. Connecting one server to a different ISP or both servers to two ISPs provides redundancy for the connection.

Downgrading

Downgrading is the process of reverting software (or hardware) back to an older version; a downgrade is the opposite of an upgrade.

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (typically monthly)? Hotfix Targeted software patch Kernel fix kit Service pack

Hotfix

What is the difference between a hotfix and a service pack?

Hotfix-patch aimed to fix one issue. identified by KB(knowledge base) and has a help article discussing it. service pack- contains all patches that are needed to make it up to date.

The owner of a hotel has contracted you to implement a wireless network to provide internet access for patrons. The owner has asked that you implement security controls so that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the internet. If a patron does not provide the correct code, they should not be allowed to access the internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do? Implement a guest network. Implement pre-shared key authentication. Implement MAC address filtering. Implement 802.1x authentication using a RADIUS server.

Implement a guest network.

You have been hired by a startup company to install a new data center. The company is small, so they have elected to use an unused employee break room as the data center. You are concerned about the physical security of the servers that will be installed in the data center. What should you do? (Select two.) -Install a biometric lock on the data center door. -Install a humidifier within the data center. -Install two-post 48U racks. -Install two-post 24U racks. -Install racks with locking doors.

Install a biometric lock on the data center door. Install racks with locking doors.

How does remote desktop software differ from terminal emulation software?

Instead of showing a simple command line interface, a remote desktop utility displays the graphical user interface of a remote device. Remote desktop solutions are used to remotely manage a computer or allow support personnel to view and troubleshoot a remote user's system.

You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center? Transformer Capacitor Transistor Inverter

Inverter

What does Windows Update do?

Keeps the system up to date. -Automatically identifies, downloads, and installs updates for the operating system and driver files that Microsoft provides with Windows.

You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use? Throughput tester Baseline Load tester System log Packet sniffer

Load tester

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device that is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you see frames addressed to the four workstations, but not to the router. Which feature should you configure? Bonding Promiscuous mode Mirroring Spanning tree

Mirroring A switch will only forward packets to the switch port that holds a destination device. This means that when your packet sniffer is connected to a switch port, it will not see traffic sent to other switch ports. To configure the switch to send all frames to the packet sniffing device, configure port mirroring on the switch. Port mirroring makes it so all frames sent to all other switch ports will be forwarded on the mirrored port.

Mobile Devices

Mobile devices include smartphones, laptops, tablet PCs, PDAs, and other handheld computing devices.

BYOD

Mobile devices that users bring to work and use to complete daily work-related tasks are sometimes referred to as bring your own device (BYOD) devices.

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipment from power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work? Yes. This configuration complies with data center best practices. No. You should not use blade servers for virtualization. No. You must implement the UPS and power supplies to the rack externally. No. You should not run a cable across the floor of the data center. No. You must use a cross-over cable to connect the two switches together.

No. You should not run a cable across the floor of the data center.

Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do? -Install an additional air conditioning unit for the server room. -Nothing. The temperature within the rack is within acceptable limits. -Re-orient the cold aisle within the server room so that it is directed toward the air conditioner's return duct. -Install a humidifier to increase the humidity within the server room.

Nothing. The temperature within the rack is within acceptable limits.

Incremental Backup

Only backs up data that has changed since the last full backup or the last incremental backup.

Differential backup

Only backs up data that has changed since the last full backup.

You are concerned about attacks directed at the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use? System log Packet sniffer Load tester Event log Throughput tester

Packet sniffer

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement? Negative pressure system UPS Positive pressure system Backup generator Line conditioner

Positive pressure system Use positive pressure systems. Positive pressure systems protect the air quality in the facility by causing air to be forced out through doors, windows, and other openings. Negative pressure systems draw air in, potentially bringing in airborne particles such as dust, smoke from a fire, or contamination from a chemical leak. Positive pressure systems are more energy effective.

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation, not other devices. Which feature should you configure? Spanning tree Mirroring Bonding Promiscuous mode

Promiscuous mode

Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic? WPA RDP WTSP NNTP

RDP

You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use? RDP TFTP FTP Telnet SSH

RDP

In addition to performing regular backups, what must you do to protect your system from data loss? -Write-protect all backup media. -Store the backup media in an on-site fireproof vault. -Restrict restoration privileges to system administrators. -Regularly test restoration procedures.

Regularly test restoration procedures.

What can you use to remotely clear data on a mobile device?

Remote Wipe

A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device? Remote wipe TPM GPS Screen lock

Remote wipe

Rollback

Rollback means to revert the system to the pre-update version. This is useful in cases when updates interfere with certain programs or you simply prefer the pre-update system.

You are considering using Wi-Fi triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? -Signal strength -WAP placement -Wireless standard in use -Wireless encryption in use

Signal strength

Packet Sniffer

Software that captures (records) frames that are transmitted on the network.

Your organization's security policy specifies that, regardless of ownership, any mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Which of the following should you implement to ensure organizational data can be remote wiped while preserving personal data?

Storage segmentation

Which of the following is the least effective power loss protection for computer systems? Surge protector Uninterruptible power supply Secondary power source Backup power generator

Surge protector

What is the difference between Telnet and SSH?

Telnet uses plain text and doesn not encrypt, whereas SSH is encrypted.

You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix? -Apply the hotfix immediately to all servers. -Test the hotfix, then apply it to the server that had the problem. -Apply the hotfix immediately to the server; apply the hotfix to other devices only as the security threat manifests itself. -Test the hotfix, then apply it to all servers.

Test the hotfix, then apply it to all servers

Which of the following are not reasons to remote wipe a mobile device? The device is being assigned to another user. The device is inactive for a period of time. The device is stolen or lost. The device is locked, and someone has entered multiple incorrect entries of the password or PIN.

The device is inactive for a period of time.

Why should you store backup media off site? -To prevent the same disaster from affecting both the network and the backup media. -To make the restoration process more efficient. -To reduce the possibility of theft. -To comply with government regulations.

To prevent the same disaster from affecting both the network and the backup media.

What is the difference between a data backup and a server backup?

data- is in regards to the files/documents server- is the system files, and the bigger picture so to speak. the instructions.

What does flashing do to firmware?

Updates the firmware.

Flashing

Updating firmware by flashing(replacing or updating) the code stored on a ROM chip.

Upgrading

Upgrading is the process of replacing a product with a newer version of the same product. When you perform an upgrade, you generally replace hardware, software, or firmware with a newer or better version to bring the system up to date or to improve its characteristics.

How can you use a remote desktop solution for troubleshooting and technical support within your organization?

When both the server and the client are using the proper setup, the person helping is able to see everything the customer sees and is able to fix the computer. aka does the work for the customer. IT can help fix easy tasks without leaving their desk.

How does a brownout differ from a blackout?

brownout- temporary blackout-complete power outage

What are the differences between hot, warm, and cold sites?

hot- has all hardware and copy of your software. warm- has the hardware for a copy of your setup but not exactly everything else to be ready to go. cold- only location, might not even have the hardware needed.

How does backing up your server to an internal disk differ from backing up to an external disk?

internal vs external....duh? internal if you dedicate the disk for storage backups then it won't even show up in Windows Explorer.

How does a load tester differ from a throughput tester?

load tester-simulates a load on a target system. like testing how much a website can handle before actually launching it. throughput tester- sends a known amount of data through the network and then estimates the amount of time that took for that data to be received.

How should hot and cold aisles be set up for optimal air circulation?

server racls facing back-to-back. cold air goes in the front and hot air expels between the racks and flows up.

What must you do to configure a packet sniffer to be able to see all frames on a subnet?

set it to p-mode aka promiscuous mode.

What is the difference between an SPS and a UPS?

sps- its a ups that is on standby until an under voltage occurs.

What is device redirection? How does it add flexibility to remote desktop connections?

workstation(client) sends data to the target(server?) and then the target sends out the info to whatever device it is meant for.