security pro 8-9

Ace your homework & exams now with Quizwiz!

You need to add security for your wireless network, and you would like to use the most secure method. Which method should you implement?

WPA2

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

Bluejacking

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server

Your organization recently purchased 20 Android tablets for use by the organization's management team. To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you implement?

App whitelisting

Which SDN layer would a load balancer that stops and starts VMs as resource use increases reside on?

Application

Which type of firewall operates at Layer 7 of the OSI model?

Application layer

Which of the following BEST describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application on the cloud infrastructure.

Which type of firewall protects against packets coming from certain IP addresses?

Packet-filtering

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?

Rogue access point

Which of the following is a network security service that filters malware from user-side internet connections using different techniques?

Secure web gateway

The IT manager has tasked you with installing the new wireless LAN controller (WLC). Where should you install the controller?

Network closet

What is the minimum number of users needed in a Windows Enterprise agreement for Intune to be included?

500

Which of the following cloud storage access services acts as a gatekeeper, extending an organization's security policies into the cloud storage infrastructure?

A cloud-access security broker

Which of the following are disadvantages of server virtualization?

A compromised host system might affect multiple servers.

You need to configure a wireless network using WPA2-Enterprise. Which of the following components should be part of your design? (Select two.)

AES encryption 802.1x

Which of the following is the first phase of the Microsoft Intune application life cycle?

Add

Which of the following best describes an evil twin?

An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.

Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that they have rights to access?

App catalog

Which of the following are advantages of virtualization? (Select two.)

Centralized administration Easy migration of systems to different hardware

You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from using the access point (AP) configuration utility?

Change the administrative password on the AP.

Which of the following provides the network virtualization solution called XenServer?

Citrix

What is the on-premises, cloud-based software tool that sits between an organization and a cloud service provider called?

Cloud-access security broker

Which of the following can provide the most specific protection and monitoring capabilities?

Cloud-access security broker

Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?

Cloud-based firewall

Which of the following BEST describes the Application SDN layer?

Communicates with the Control layer through the northbound interface.

A group of small local businesses have joined together to share access to a cloud-based payment system. Which type of cloud is MOST likely being implemented?

Community

Which of the following Intune portals is used by end users to manage their own account and enroll devices?

Company portal

Which of the following tools allows the user to set security rules for an instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization?

Instance awareness

You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)

Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.

You want to connect a laptop computer running Windows to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?

Configure the connection with a pre-shared key and AES encryption.

What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called?

Integration

You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating systems' versions and editions. Currently, all of your virtual machines used for testing are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent issues, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do? (Select two. Both responses are part of the complete solution.)

Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.

In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal?

Deploy

Cloud storage is a virtual service, so the infrastructure is the responsibility of the storage provider. Access control should be set as a local file system would be, with no need for the provider to have access to the stored data. You are implementing the following measures to secure your cloud storage:

Dispose of data when it is no longer needed by using specialized tools.

Which EAP implementation is MOST secure?

EAP-TLS

Which type of interference is caused by motors, heavy machinery, and fluorescent lights?

EMI

Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices?

EMM

Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the BEST approach to take to accomplish this? (Select two. Each option is part of a complete solution.)

Enroll the devices in a mobile device management (MDM) system. Configure and apply security policy settings in a mobile device management (MDM) system.

Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?

Escape

Which class of wireless access point (WAP) has everything necessary to manage clients and broadcast a network already built into its functionality?

Fat

Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization. For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president's home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network.

Geotagging was enabled on her smartphone.

Google Cloud, Amazon Web Services (AWS), and Microsoft Azure are some of the most widely used cloud storage solutions for enterprises. Which of the following factors prompt companies to take advantage of cloud storage? (Select two.)

Growing demand for storage Need to bring costs down

Which of the following is generated after a site survey and shows the Wi-Fi signal strength throughout the building?

Heat map

You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. Which type of wireless antenna should you use on each side of the link? (Select two.)

High-gain Parabolic

Which of the following is a network virtualization solution provided by Microsoft?

Hyper-V

Which of the following devices is computer software, firmware, or hardware that creates and runs virtual machines?

Hypervisor

Which type of attack is WEP extremely vulnerable to?

IV attack

The owner of a hotel has contracted with you to implement a wireless network to provide internet access for guests. The owner has asked that you implement security controls so that only paying guests are allowed to use the wireless network. She wants guests to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, guests should then be allowed full access to the internet. If a user does not provide the correct code, he or she should not be allowed to access the internet. What should you do?

Implement a captive portal

The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies. Where would you go to set up the Intune policies?

In the Admin portal, select Policy > Add Policy.

Which of the following are true concerning virtual desktop infrastructure (VDI)? (Select two.)

In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers. User desktop environments are centrally hosted on servers instead of on individual desktop systems.

You are replacing a wired business network with an 802.11g wireless network. You currently use Active Directory on the company network as your directory service. The new wireless network has multiple wireless access points, and you want to use WPA2 on the network. What should you do to configure the wireless network? (Select two.)

Install a RADIUS server and use 802.1x authentication Configure devices to run in infrastructure mode

Which of the following does the Application layer use to communicate with the Control layer?

Northbound APIs

Your organization recently purchased 20 Android tablets for use by the organization's management team. You are using a Windows domain. Which of the following should you use to push security settings to the devices?

Intune

Which of the following is the recommend Intune configuration?

Intune Standalone

You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal. Which type of attack are you most likely experiencing?

Jamming

Which of the following is a technique that disperses a workload between two or more computers or resources to achieve optimal resource utilization, throughput, or response time?

Load balancing

Which of the following do switches and wireless access points use to control access through a device?

MAC address filtering

Which of the following is a solution that pushes security policies directly to mobile devices over a network connection?

Mobile device management (MDM)

Which of the following is an advantage of software-defined networking (SDN)?

More granular control

Which of the following statements about virtual networks is true? (Select two.)

Multiple virtual networks can be associated with a single physical network adapter. A virtual network is dependent on the configuration and physical hardware of the host operating system.

Which of the following is an advantage of a virtual browser?

Protects the host operating system from malicious downloads

Match each description on the left with the appropriate cloud technology on the right.

Public cloud Provides cloud services to just about anyone. Private cloud Provides cloud services to a single organization. Community cloud Allows cloud services to be shared by several organizations. Hybrid cloud Integrates one cloud service with other cloud services.

Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself?

Remote management

Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed out to users within 24 hours?

Remote management

A smartphone was lost at the airport. There is no way to recover the device. Which of the following ensures data confidentiality on the device?

Remote wipe

Mobile application management (MAM) provides the ability to do which of the following?

Remotely install and uninstall apps.

Which of the following methods can cloud providers implement to provide high availability?

Replication

You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk. Which of the following actions would BEST protect your system?

Run the browser within a virtual environment.

Which of the following is a disadvantage of software defined networking (SDN)?

SDN standards are still being developed.

You are the security administrator for your organization. You have implemented a cloud service to provide features such as authentication, anti-malware, intrusion detection, and penetration testing. Which cloud service have you most likely implemented?

SECaaS

Which type of wireless access point is generally used in a residential setting?

SOHO

Which of the following is used on a wireless network to identify the network name?

SSID

You have physically added a wireless access point to your network and installed a wireless networking card in two laptops that run Windows. Neither laptop can find the network. You have come to the conclusion that you must manually configure the access point (AP). Which of the following values uniquely identifies the network AP?

SSID

Which of the following cloud computing solutions delivers software applications to a client either over the internet or on a local area network?

SaaS

What is isolating a virtual machine from the physical network to allow testing to be performed without impacting the production environment called?

Sandboxing

Which of the following mobile device security considerations disables the ability to use the device after a short period of inactivity?

Screen lock

Network engineers have the option of using software to configure and control the network rather than relying on individual static configuration files that are located on each network device. Which of the following is a relatively new technology that allows network and security professionals to use software to manage, control, and make changes to a network?

Software-defined networking (SDN)

Which APIs do individual networking devices use to communicate with the control plane from the Physical layer?

Southbound

Software defined networking (SDN) uses a controller to manage devices. The controller is able to inventory hardware components on the network, gather network statistics, make routing decisions based on gathered data, and facilitate communication between devices from different vendors. It can also be used to make widespread configuration changes on just one device. Which of the following best describes an SDN controller?

The SDN controller is software.

The IT manager has tasked you with installing new physical machines. These computer systems are barebone systems that simply establish a remote connection to the data center to run the user's virtualized desktop. Which type of deployment model is being used?

Thin client

Drag the software defined networking (SDN) layer on the left to the appropriate function on the right. (Each SDN layer may be used once, more than once, or not at all.)

This layer receives its requests from the Application layer. Control layer This layer is also known as the Infrastructure layer. Physical layer This layer communicates with the Control layer through what is called the northbound interface. Application layer This layer provides the Physical layer with configuration and instructions. Control layer On this layer, individual networking devices use southbound APIs to communicate with the control plane. Physical layer

Mobile device management (MDM) provides the ability to do which of the following?

Track the device.

Which type of hypervisor runs as an application on the host machine?

Type 2

Which of the following mobile device management (MDM) solutions allows an organization to manage all devices, including printers, workstations, and even IoT devices?

UEM

What is the limit of virtual machines that can be connected to a virtual network?

Unlimited

Which formula is used to determine a cloud provider's availability percentage?

Uptime/uptime + downtime

What is a virtual LAN that runs on top of a physical LAN called?

VAN

Which of the following virtual devices provides packet filtering and monitoring?

VFA

Which of the following is an example of protocol-based network virtualization?

VLAN

Which of the following is used as a secure tunnel to connect two networks?

VPN

Which of the following best describes Bluesnarfing?

Viewing calendar, emails, and messages on a mobile device without authorization

Which of the following devices facilitates communication between different virtual machines by checking data packets before moving them to a destination?

Virtual switch

You need to implement a solution to manage multiple access points in your organization. Which of the following would you most likely use?

WLC

Which of the following BEST describes the Physical SDN layer?

Which of the following BEST describes the Physical SDN layer?

Which of the following devices would you use to perform a site survey?

Wi-Fi analyzer

Which of the following is responsible for broadcasting information and data over radio waves?

Wireless access point

Which load balancing method distributes a workload across multiple computers?

Workload balancing

Which type of RFID tag can send a signal over a long distance?

active

Which of the following types of site surveys should be performed first?

passive

An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?

relay


Related study sets

Med Term Ch.2-3 Test (ch.2 multiple choice)

View Set

IT 214 Full Practice Midterm Exam 2

View Set

Exchange rates and international capital flows ch16

View Set

Chapter 26 - Washington (Leukemias & Lymphomas)

View Set

Основи наукового пізнання сесія

View Set