9

Ace your homework & exams now with Quizwiz!

UBS BitLocker to implement full volume encryption on a notebook system. The Notebook motherboard does not have a TPM chip so you've use an external USB drive to store the BitLocker startup key. Which system components are encrypted in the scenario?

-C:\ volume -Master boot record

which of the following algorithms are using asymmetric encryption

-Diffie Hellman -RSA

IPsec is implemented through two separate protocols. what are these protocols called?

-ESP -AH

which of the following disk configurations might sustain losing two disks?

-RAID 1+0 -RAID 0+1

which of the following protocols can TLS use for key exchange?

-RSA -Diffie Hellman

which of the following tools allow for remote management of servers?

-SSH -telnet

which of the following protocols are often added to other protocols to provide secure transmission of data?

-TLS -SSL

you use BitLocker to implement full volume encryption on the notebook system The Notebook motherboard to not have a TPM chip so you use an external flash drive to store the BitLocker startup key you use EFS to encrypt the C:\secrets folder and its contents. Which of the following is true in the scenario?

-by default only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it - if the C:\secret\confidential docx file is copy to an external USB flash drive it will be saved in an unencrypted state

google cloud, amazon web services, and microsoft azure are some of the most widely used cloud storage solutions for enterprises. which of the following factors prompt companies to take advantage of cloud storage?

-growing demand for storage -need to bring costs down

which of the following are characteristics of ECC?

-uses a finite set of values within an algebraic field - asymmetric encryption

your network performs a full backup every night. each Sunday, the previous night's backup tape is archived. on a Wednesday morning, the storage system fails. How many restore operations will you need to perform to recover all of the data?

1

how many keys are used with public keycryptography

2

your network uses the following backup strategy: full backups every Sunday night differntial backups Monday night through Saturday night on a Thursday morning, the storage system fails. how many operations will you need to perform to recover all of the data?

2

you have been asked to implement a RAID 5 solution on your network. what is the minimum number of hard disks that can be used to configure RAID 5?

3

your network uses the following backup strategy: full backups every Sunday night incremental backups Monday night through Saturday night on a Thursday morning, the storage system fails. how many operations will you need to perform to recover all of the data?

4

which of the following is a secure alternative to FTP that uses SSL for encryption?

FTPS

which TCP/IP protocol is a secure form of HTTP that uses SSL as a sublayer for security?

HTTPS

which of the following network layer protocols provides authentication and encryption services for IP-based network traffic?

IPsec

what option is an advantage RAID 5 has over RAID 1?

RAID 5 improves performance over RAID 1

an SSL client has determined that the certificate Authority is showing a server certificate is on its list of trusted Cas what is the next step in verifying the server's identity

RCA's public key must validate the cas digital signature on the server certificate

Red Lobster private key that you have used to encrypt files you need to get a copy of the private key to open some encrypted files who should you contact

Recovery Agent

which standards is the most widely used for certificates

X. 509

which of the following cloud storage access services acts as a gatekeeper, extending an organization's security policies into the cloud storage infrastructure?

a cloud access security broker

which of the following best describes High amplification when apply to the hashing algorithms

a small change in the message results in a big change in the hash value

a pki is an implementation for managing which type of encryption

asymmetric

what does an differential backup do during the backup?

backs up all files with the archive bit set and does not reset the archive bit

what does an incremental backup do during the backup?

backs up all files with the archive bit set and resets the archive bit

which of the following conditions does not result in a certificate being added to the certificate revocation list

certificate exploration

which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present?

cold site

you create a new document and save it to a hard drive on a file server on your company's Network. The new employee decryption tool to encrypt a file using AES. The secretary is an example of accomplishing word security goal?

confidentiality

hashing algorithms are used to perform what activity

create a message Digest

what is the primary function of the IKE protocol used with IPsec?

create a security association between communicating partners

which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?

data loss prevention

you have a computer with three hard disks a RAID 0 volume space on disk 1 and disk 2 a RAID 1 volume uses space on disk 2 and disk 3 Disk 2 fails. which of the following is true?

data on the RAID 1 volume is accessible, data on the RAID 0 volume is not

which backup strategy backs up only files that have the archive bit set, but does not mark them as having been backed up?

differential

you manage you company's website. the web1 server hosts the website. this server has the following configurations: dual core processor dual power supplies RAID 5 volume one RAID controller two 1000 mbps network adapters which component is a single point of failure for the website?

disk controller

which of the following is another security measure you can implement to secure cloud storage?

disposing of data when it is no loner needed by using specialized tools

implements the Diffie Hellman key exchange protocol using elliptic curve cryptography

ecdh

you would like to implement BitLocker to encrypt data on a hard disk even it if it is moved to another system. You want the system to boot automatically without providing a start-up key on an external USB device. What should you do

enable TPM in the Bios

which of the following DLP implementations can be used to monitor and control access to the physical devices on workstations or servers?

endpoint DLP

excess for only a lifetime of a specific communication session

ephemeral keys

DLP can be used to identify sensitive files in a file system and then embed the organization's security policy within a file. which of the following DLP implementations travels with sensitive data file when they are moved or copied?

file-level DLP

while backup strategy backs up all files from a computer's file system regardless of whether the file's archive bit is set or not and marks them as having been backed up?

full

your organization uses the following tape rotation strategy for its backup tapes. 1. the first set of tapes is used for daily backups 2. at the end of each week, the latest daily backup tape is promoted to the weekly backup tape 3. at the end of each month, one of the weekly backup tapes is promoted to the monthly back up tape what kind of backup tape rotation strategy is being used?

grandfather

which of the following is used to verify that it downloaded file has not been altered

hash

birthday attack focuses on what

hashing algorithms

what is a pki

hierarchy of computers for issuing certificates

you have been asked to deploy a network solution that includes an alternate location where operational recovery is provided within minutes of disaster. which of the following strategies would you choose?

hot site

which of the following protocols uses port 443?

https

MTTR

identifies the average amount of time necessary to repair a failed component or to restore operations

MTBF

identifies the average lifetime of a system or component

MTD

identifies the length of time an organization can survive with a specified service, asset, or process down

to obtain a digital certificate and participate in a public key infrastructure pki what must be submitted and where to obtain a digital certificate and participate in a public key infrastructure pki what must be submitted and where

identifying data and a certification request to the registration Authority

which aspect of birth certificate makes it a reliable and useful mechanism for proving the identity of a person system or service on the internet?

it is a trusted third party

when should a hardware device be replaces in order to minimize downtime?

just before it's MTBF is reached

you have a web server on your network that hosts the public website for your company. you want to make sure that the website will continue to be available even if a NIC, hard drive, or other problem prevents the server from responding. which solution should you implement?

load balancing

you manage a server that runs your company website. the web server has reached its capacity, and the number of client requests is greater that the server can handle. you would like to find a solution so that a second server can respond to requests for website content. which solution should you implement?

load balancing

which of the following is the weakest hashing algorithm

md5

MTTF

measures the average time to failure of a system or component

when is the best time to apply for a certificate renewal

near the end of the certificates valid lifetime

DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization's security policies. which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in a proprietary intellectual property?

network DLP

which technology was developed to help improve the efficiency and reliability of checking the validity of certificates in large complex environment

online certificate status protocol

sha - 1 uses which of the following bit length hashing algorithms

only 160 bit

which of the following are backed up during an differntial backup?

only files that have changed since the last backup

which of the following are backed up during an incremental backup?

only files that have changed since the last full or incremental backup

uses no deterministic algorithm when generating public keys

perfect forward secrecy

your disaster recovery plan calls for tape backups stored at a different location. the location is a safe deposit box at the local bank. because of this, the disaster recovery plan specifies that you choose the method that uses the fewest tapes, but also allows you to quickly backup and restore files. which backup strategy would best meet the disaster recovery plan for tape backups?

perform a full backup once per week and a differential backup the other days of the week

to prevent server downtime, which of the following components should be installed redundantly in a server system?

power supply

which of the following is not a feature of the cloud storage model of data storage?

provide access control to the file system stored in the cloud

which form of alternate sites is the cheapest, but may not allow an organization to recover before reaching their maximum tolerable downtime?

reciprocal agreement

what is the primary security feature that can be designed into a network's infrastructure to protect and support availability?

redundancy

which of the following is an entity that accepts and validates information contained within a request for certificate

registration Authority

even if you perform regular backups, what must be done to ensure that you are protected against data loss?

regularly test restoration procedures

a system failure has occurred. which of the following restoration processes would result in the fastest restoration of all data to its most current state?

restore the full backup and the last differential backup

a receiver wants to verify the Integrity of a message received from a sender. Josh and volume is contained within the digital signature of the sender. Which of the following was the receiver used to access the hashing values and verify the Integrity of the transmission?

senders public key

SSL (secure socket layer) operates at which layer of the OSI model?

session

which of the following does not or cannot produce a hash value of 128 bits

sha - 1

which of the following is the strongest hashing algorithm

sha - 1

can be reused by multiple communication sessions

static keys

which action is taken when the private key associated with a digital certificate becomes compromised

the certificate is revoked and added to the certificate revocation list

certificate revocation should occur under all but which of the following conditions

the certificate owner has held the certificate Beyond establish lifetime timer

when using SSL authentication, what does the client verify first when checking a server's identity?

the current date and time must fall within the server's certificate validity period

how many keys are used with asymmetric (public-key) cryptography?

two

which of the following items are contained in a digital certificate

validity period public key

if your mission-critical services have a maximum tolerable downtime (MTD)(or a recovery time objective [RTO]) of 36 hours, what is the optimum form of recovery site?

warm

you manage a website for your company. the website uses three servers configured in a cluster. incoming requests are distributed automatically between the three servers. all servers use a shared storage service that holds the website contents. each server has a single network connection and a single power supply. considering the availability of your website, which component represents a single point of failure?

website storage

sensitive data is monitored by the data loss prevention (DLP) system in four different states. which of the following is not one of the states monitored by DLP?

while a file with sensitive data is being created

you have just downloaded a file you create a hash of a file and compare to the hash posted on the website the two hashes match what do you know about the file

your copy is the same as a copy posted on the website

which of the following is not an advantage of using cloud storage?

your organization can purchase additional storage capacity when needed

you want a security solution that protects entire hard drive from pratense access even if the drive is moved to another system. Which solution would you choose

BitLocker

when two different messages produce the same hash value what has occurred

Collision

which cryptography system generates encryption keys that could be used with des, aesidea, rc5 or any other symmetric cryptography solution

Diffie Hellman

which of the following security measures and Crips entire contents of a hard drive

Drive lock

which of the following Security Solutions would prevent a user from reading a file that she did not create

EFS

which form of asymmetric cryptography is based upon Diffie Hellman

El Gamal

you want to protect date on hard drives for users with laptops. You want the drive to be encrypted and you want to prevent the laptops from booting unless the special USB drive is inserted. In addition the system should not boot if it changes detected in any of the boot files. What should you do?

Implement BitLocker with TPM

telnet is inherently insecure because of its communications is in plaintext and easily intercepted. which of the following is an acceptable alternative to telnet?

SSH

which protocol does HTTPS use to offer greater security in web transactions?

SSL

you are purchasing a hard disk from an online retailer over the internet. what does your browser use to ensure that others cannot see your credit card number on the internet?

SSL

you want to allow traveling users to connect to your private network through the internet. users will connect from various locations, including airports, hotels, and public access points such as coffee shops and libraries. as such, you own't be able to configure the firewalls that might be controlling access to the internet in these locations. which of the following protocols would be most likely to be allowed through the widest number of firewalls?

SSL


Related study sets

BIOL 348 Chapter 5 (STUDY THIS ONE)

View Set

Accounting for Long-Term Liabilities and Bonds Payable

View Set

PFIN 7 Chapter 7 Using Consumer Loans

View Set