Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
|
Your organization wants to improve the security posture of internal database servers. Of the following choices, what provides the BEST solution? A. Opening ports on a server's firewall B. Disabling unnecessary services C. Keeping systems up to date with current patches. D. Keeping systems up to date with current service packs. |
Correct Answer: B. Disabling unnecessary services helps reduce threats, including threats from zero-day vulnerabilities. It also reduces the threat from open ports on a firewall if the associated services are disabled, but opening ports won't reduce threats. Keeping systems up to date with patches and service packs protects against known vulnerabilities and is certainly a good practice. However, by definition, there aren't any patches or service packs available for zero-day vulnerabilities. |
|
|
You need to monitor the security posture of several servers in your organization and keeps a security administrator aware of their status. Which of the following tasks with BEST help you meet this goal? A. Establishing baseline reporting B. Determining attack surface C. Implementing patch management D. Enabling sandboxing |
Correct Answer: A. Establishing baseline reporting processes allows you to monitor the systems and identify any changes from the baseline that might affect their security posture. You would determine the attack surface prior to establishing a baseline. Patch management is important, but it doesn't monitor the overall security posture of systems. Sandboxing allows you to isolate systems for testing, but isn't used for online production systems. |
|
|
Maggie is compiling a list of approved software for desktop operating systems within a company. What is the MOST likely purpose of this list? A. Host software baseline B. Baseline reporting C. Application configuration baseline D. Code review |
Correct Answer: A. A host software baseline (also called an application baseline) identifies a list of approved software for systems and compares it with installed applications. Baseline reporting is a process that monitors systems for changes and reports discrepancies. An application configuration baseline identifies proper settings for applications. A code review looks at the actual code of the software, and doesn't just create a list. |
|
|
Your organization wants to ensure that employees do not install or play operating system games, such as solitaire and FreeCell, on their computers. Which of the following is the BEST choice to prevent this? A. Security policy B. Application whitelisting C. Anti-malware software D. Antivirus software |
Correct Answer: B. Application whitelisting identifies authorized applications and prevents users from installing or running any other applications. Alternately, you can use a blacklist to identify specific applications that cannot be installed or run on a system. A security policy (such as an acceptable use policy) can state a rule to discourage this behavior, but it doesn't enforce the rule by preventing users from installing or running the software. Anti-malware software and antivirus software can detect and block malware, but not applications.
|
|
|
An IT department recently had its hardware budget reduced, but the organization still expects them to maintain availability of services. Of the following choices, what would BEST help them maintain availability with a reduced budget? A. Failover clusters B. Virtualization C. Bollards D. Hashing |
Correct Answer: B. Virtualization provides increased availability because it is much easier to rebuild a virtual server than a physical server after a failure. Virtualization supports a reduced budget because virtual servers require less hardware, less space in a data center, less power, and less heating and air conditioning. Failover clusters are more expensive. Bollards are phyiscal barriers that block vehicles. Hashing provide integrity, not availability. |
|
|
You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application? A. Take a snapshot of the VM before deploying the new application B. Take a snapshot of the VM after deploying the new application C. Apply blacklisting techniques on the server for the new applications. D. Back up the server after installing the new application. |
Correct Answer: A. Taking a snapshot of the virtual machine (VM) before deploying it ensures that the VM can be reverted to the original configuration if the new application causes problems. Taking a snapshot after the installation doesn't allow you to revert the image. Blacklisting prevents an application from running, so it isn't appropriate for a new application deployed on a server. Backing up the server might be appropriate before installing the new application but not after.
|
|
|
A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating system do not have current security fixes. Administrators have had to rebuild some servers from scratch due to mysterious problems. Which of the following solutions will mitigate these problems.
A. Virtualization B. Sandboxing C. IDS D. Patch management |
Correct Answer:D Patch Management procedures ensure that systems are kept up to date with current security fixes and patches and help eliminate problems with known attack methods. The scenario indicates that these systems have been attacked, exploiting the vulnerabilities caused by not patching them. Virtualization will have the same problems if the systems are not kept up to date. Sandboxing isolates systems for testing, but there isn't any indication these servers should be isolated. An intrusion detection system (IDS) might identify some attacks, but the systems will still be exploited if they aren't patched.
|
|
|
Administrators ensure server operating systems are updated at least once a month with relevant patches, but they do not track other software updates. Of the following choices, what is the BEST choice to mitigate risks on these servers? A. Application change management B. Application patch management C. Whole disk encryption D. Application hardening |
Correct Answer: B. Application patch management practices ensure that applications are kept up date with relevant patches, similar to how the operating systems are kept up to date with patches. Application change management helps control changes to the applications. Whole disk encryption helps protect confidentiality, but is unrelated to this question. Application hardening secures the applications when they are deployed, but doesn't keep them up to date with current patches.
|
|
|
Homer noticed that several generators within the nuclear power plant have been turning on without user interaction. Security investigators discovered that an unauthorized file was installed and causing these generators to start at timed intervals. Further, they determine this file was installed during a visit by external engineers. What should Homer recommend to mitigate this threat in the future? A. Create an internal CA B. Implement WPA2 Enterprise C. Implement patch management processes D. Configure the SCADA within a VLAN |
Correct Answer: D. The generators are likely controlled within a supervisory control and data acquisition (SCADA) system and isolating them within a virtual local area network (VLAN) will protect them from unauthorized access. An internal certificate authority (CA) issues and manages certificates within a public key infrastructure (PKI), but there isn't any indication certificates are is use. Wi-Fi Protected Access II (WPA2) secures wireless networks, but doesn't protect SCADA networks. Patch management processes help ensure systems are kept up to date with patches, but this doesn't apply in this scenario.
|
|
|
Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices. Which of the following would BEST address these concerns? A. Disabling the use of removable media B. Installing an application that tracks the location of the device. C. Implementing a BYOD policy D. Enabling geo-tagging |
Correct Answer: A. Disabling the use of mobile media on the devices will reduce the potential of data loss from these devices. It would make it more difficult to copy data to and from the devices. Tracking the location won't affect data. The devices are provided by the company, so a bring your own device (BYOD) policy isn't relevant. Geo-tagging only refers to geographic location information attached to pictures posted on social media sites. |
|
|
Which of the following is the MOST likely negative result if administrators do not implement access controls correctly on an encrypted USB hard drive? A. Data can be corrupted B. Security controls can be bypassed C. Drives can be geo-tagged. D. Data is not encrypted |
Correct Answer: B. If access controls are not implemented correctly, an attacker might be able to bypass them and access the data. The incorrect implementation of the access controls won't corrupt the data. Files such as pictures posted on social media can be geo-tagged, but this is unrelated to a hard drive. The scenario say the drive is encrypted, so the data is encrypted. |
|
|
Your company provides electrical and plumbing services to homeowners. Employees use tablets during service calls to record activity, create invoices, and accept credit card payments. Which of the following would BEST prevent disclosure of customer data if any of these devices are lost or stolen? A. Mobile device management B. Disabling unused features C. Remote wiping D. GPS tracking |
Correct Answer: C. Remote wiping sends a signal to a device and erases all data, which would prevent disclosure of customer data. Mobile device management helps ensure devices are kept up to date with current patches. Disabling unused features is a basic hardening step for mobile devices, but doesn't help if the device is lost. Global Positioning System (GPS) tracking helps locate the device, but doesn't necessarily prevent data disclosure if the device cannot be retrieved.
|
|
|
Key personnel in your organization have mobile devices, which stores sensitive information. What can you implement to prevent data loss from these devices if a thief steals one? A. Asset tracking B. Screen lock C. Mobile device management D. GPS tracking |
Correct Answer: B. A screen lock helps prevent data loss in the event of theft of a mobile device storing sensitive information. Other security controls (not listed as in this question) that help prevent loss of data in this situation are account lockouts, full device encryption, and remote wipe capabilities. Asset tracking is an inventory control method. Mobile device management helps keep systems up to date with current patches. Global Positioning System (GPS) tracking helps locate the device.
|
|
|
Which of the following represents a primary security concern when authorizing mobile devices on a network? A. Cost of the device B. Compatibility C. Virtualization D. Data Security |
Correct Answer: D. Protecting data is a primary security concern when authorizing mobile devices on a network, often because mobile devices are more difficult to manage. The cost of the devices is trivial when compared with the cost of other network devices and the value of data. Compatibility issues aren't a major concern and typically only affect the ability to use an application. Virtualization techniques can be used with mobile devices allowing users to access virtual desktops, but these enhance security
|
|
|
Your company is planning on implementing a policy for users so that they can connect their mobile devices to the network. However, management wants to restrict network access for these devices. They should have Internet access and be able to access some internal servers, but management wants to ensure that they do not have access to the primary network where company-owned devices operate. Which of the following will BEST meet this goal? A. WPA2 Enterprise B. VPN C. GPS D. VLAN |
Correct Answer: D. A virtual local area network (VLAN) provides network segmentation and can prevent employee-owned devices from accessing the primary network, WPA1 Enterprise provides strong security for the devices by ensuring they authenticate through an 802.1x server, but this doesn't segment them on a separate network. A virtual private network (VPN) allows remote employees to connect to a private network, but is unrelated to this question. A global positioning system (GPS) is useful for locating lost devices but not segmenting network traffic. |
|
|
Your organization hosts a web site with a back-end database. The database stores customer data, including credit card numbers. Which of the following is the BEST way to protect the credit card data? A. Full database encryption B. Whole disk encryption C. Database column encryption D. File-level encryption |
Correct Answer: C. Database column (or field) encryption is the best choice because it can be used to encrypt the fields holding credit card data, but not fields that don't need to be encrypted. Full database encryption and whole disk encryption aren't appropriate because everything doesn't need to be encrypted to protect the credit card data. File-level encryption isn't appropriate on a database and will often make it inaccessible to the database application. |
|
|
Bart copied an encrypted file from his desktop computer to his USB drive and discovered that the copied file isn't encrypted. He asks you what he can do to ensure files he's encrypted remain encrypted when he copies them to a USB drive. What would you recommend as the BEST solution to this problem? A. Use file-level encryption B. Convert USB to FAT32 C. Use whole disk encryption on the desktop computer. D. Use whole disk encryption on the USB drive. |
Correct Answer: D. The best solution is to use whole disk encryption on the USB drive. The scenario indicates Bart is using file-level encryption (such as NTFs encryption) on the desktop computer, but the USB drive doesn't support it, possibly because it's formatted as a FAT32 drive. The result is that the system decrypts the file before copying it to the USB drive. Another solution is to convert the USB to NTFS. Whole disk encryption on the desktop computer wouldn't protect files copied to the USB drive. |
|
|
You are comparing different encryption methods. Which method includes a storage root key? A. HSM B. NTFS C. VSAN D. TPM |
Correct Answer: D. A Trusted Platform Module (TPM) includes a storage root key. The TPM generates this key when a user activates the TPM. A hardware security module (HSM) uses RSA keys, but not a storage root key. NT File System (NTFS) supports encryption with Encrypting File Systems (EFS). A virtual storage area network (VSAN) is a virtualization technique, and it doesn't provide encryption. |
|
|
Management wants to ensure that employees do not print any documents that include customer PII. Which of the following solutions would meet this goal? A. HSM B. TPM C. VLAN D. DLP |
Correct Answer: D. A data loss prevention (DLP) solution can limit documents sent to a printer to be printed using content filters. A hardware security module (HSM) and a Trusted Platform Module (TPM) both provide full disk encryption, but cannot block documents sent to a printer. A virtual local area network (VLAN) segments traffic, but isn't selective about documents sent to a printer. |
|
|
Of the following choices, which one is a cloud-computing option that allows customers to apply patches to the operating system? A. Hybrid cloud B. Software as a Service C. Infrastructure as a Service D. Private |
Correct Answer: C. Infrastructure as a Service (IaaS) is a cloud-computing option where the vendor provides access to a computer, but customers must manage the system, including keeping it up to date with current patches. A hybrid cloud is a combination of a public cloud and a private cloud. Software as a Service (SaaS) provides access to applications, such as email. An IaaS solution can be public, private or a hybrid solution. |
