Module 10
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?
Use private subnets for backend servers
What is a Type I hypervisor?
A hypervisor that runs directly on computer hardware
You are a security consultant. An enterprise client contacted you because their mail domain is blocked due to an unidentified entity using it to send spam. How should you advise them to prevent this from happening in the future?
Configure the SMTP relay to limit relays to only local users
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?
If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities.
In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply?
Mail gateways prevent unwanted mails from being delivered.
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?
Take a snapshot of the virtual machine before testing the configuration
Which of the following protects SNMP-managed devices from unauthorized access?
Community string
Marnus is working as a cloud administrator, and he has been asked to perform segmentation on specific cloud networks. Which of the following should be done by Marnus?
Create network rules for the services permitted between accessible zones to make sure endpoints belonging to other approved zones can reach them.
You are the security manager of an ISP, and you are asked to protect the name server from being hijacked. Which of the following protocols should you use?
DNSSEC
Which of the following is a feature of secrets management?
Default encryption
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?
FTPS
Which of the following tools can be used to secure multiple VMs?
Firewall virtual appliance
Which of the following protocol can be used for secure routing and switching?
IPsec
Which of the following protocols can make accessing data using man-in-the-middle attacks difficult while web browsing?
IPv6
Which of the following is the most versatile cloud model?
IaaS
You are working as a cloud administrator and are asked to migrate a virtual machine to a more capable physical machine, as the demand for the service hosted on the VM increased past its limit. As your enterprise still uses conventional switches, migration took time and resulted in customer dissatisfaction. How should you mitigate this issue in the future?
Implement a software-defined network
You decided to test a potential malware application by sandboxing. However, you want to ensure that if the application is infected, it will not affect the host operating system. What should you do to ensure that the host OS is protected?
Implement virtual machine escape protection
Which of the following protocols can be used for secure video and voice calling?
SRTP (secure real-time protocol)
Which of the following tools can be used to protect containers from attack?
Security-Enhanced Linux
In an interview, the interviewer asks you to boot a PC. Before the boot process begins, an interface asks you to choose between Windows 10 and Ubuntu Linux. The interviewer then asks you to identify the type of VR monitor program being used. What should your reply be?
Type I hypervisor
Your enterprise recently decided to hire new employees as work-from-home interns. For the new employees to work from home, you need to create a network that will allow them to securely access enterprise data from remote locations. Which of the following protocols should you use?
VPN
Which of the following tools can be used for virtual machine sprawl avoidance?
Virtual machine manager
