Chapter 8 & 9 PDF

Question #1: Since a recent upgrade to a WLAN infrastructure, several mobile users have been unable to access the internet from the lobby. The networking team performs a heat map survey of the building and finds several WAPS in the area. The WAPS are using similar frequencies with high power settings. Which of the following installation considerations should the security team evaluate next? A. Channel overlap (answer) B. Encryption type C. New WLAN deployment D. WAP placement Question #2: A business uses Wi-Fi with content filtering enabled. An employee noticed a coworker accessed a blocked site from a work computer and reported the issue. While investigating the issue, a security administrator found another device providing internet access to certain employees. Which of the following best describes the security risk? A. The host-based security agent is not running on all computers. B. A rogue access point is allowing users to bypass controls. (answer) C. Employees who have certain credentials are using a hidden SSID. D. A valid access point is being jammed to limit availability Chapter 9 Question #1: Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider? A.Software as a service B.Infrastructure as code (answer) C.Internet of Things D.Software-defined networking Question #2: Which of the following would be best suited for constantly changing environments? A.RTOS B. Containers (answer) C.Embedded systems D.SCADA Question #3: A business received a small grant to migrate its infrastructure to an off-premises solution. Which of the following should be considered first? A.Security of cloud providers B.Cost of implementation C.Ability of engineers D.Security of architecture(answer) Question #4: A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system? A.Default credentials B.Non-segmented network C.Supply chain vendor(answer) D.Vulnerable software Question #5: A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements? A.Serverless framework(answer) B.Type 1 hypervisor C.SD-WAN D.SDN Question #6: A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS servers, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing? A.Concurrent session usage B.Secure DNS cryptographic downgrade C.On-path resource consumption D.Reflected denial of service(answer) Question #7: Which of the following roles, according to the shared responsibility model, is responsible for securing the company's database in an laaS model for a cloud environment? A.Client (answer) B.Third-party vendor C.Cloud provider D.DBA Question #8: Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks? A. Availability(answer) B. Non-repudiation C. Integrity D. Confidentiality Question #9: A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems. Which of the following strategies should the company use to achieve this security requirement? A. Microservices B. Containerization (answer) C. Virtualization D. Infrastructure as code Question #10: Which of the following is classified as high availability in a cloud environment? A. Access broker B. Cloud HSM C. WAF D. Load balancer(answer) Question #11: A security analyst needs to propose a remediation plan for each item in a risk register. The item with the highest priority requires employees to have separate logins for SaaS solutions and different password complexity requirements for each solution. Which of the following implementation plans will most likely resolve this security issue? A. Creating a unified password complexity standard B. Integrating each SaaS solution with the identity provider (answer) C. Securing access to each SaaS by using a single wildcard certificate D. Configuring geofencing on each SaaS solution Question #12: A company recently decided to allow employees to work remotely. The company wants to protect its data without using a VPN. Which of the following technologies should the company implement? A. Secure web gateway(answer) B. Virtual private cloud endpoint C. Deep packet inspection D. Next-generation firewall Question #13: A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach and does not have an on-premises IT infrastructure. Which of the following would best secure the organization? A. Upgrading to a next-generation firewall B. Deploying an appropriate in-line CASB solution (answer) C. Conducting user training on software policies D. Configuring double key encryption in SaaS platforms Question #14: While considering the organization's cloud-adoption strategy, the Chief Information Security Officer sets a goal to outsource patching of firmware, operating systems, and applications to the chosen cloud vendor. Which of the following best meets this goal? A. Community cloud B. PaaS C. Containerization D. Private cloud E. SaaS (answer) F. laaS Question #15: A company wants to reduce the time and expense associated with code deployment. Which of the following technologies should the company utilize? A.Serverless architecture (answer) B.Thin clients C.Private cloud D.Virtual machines Question #16: A company is utilizing an offshore team to help support the finance department. The company wants to keep the data secure by keeping it on a company device but does not want to provide equipment to the offshore team. Which of the following should the company implement to meet this requirement? A. VDI (answer) B. MDM C. VPN D. VPC Question #17: Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere? A. PaaS B. Hybrid cloud C. Private cloud D. laaS E. SaaS(answer) Question #18: A security team is setting up a new environment for hosting the organization's on-premises software application as a cloud-based service. Which of the following should the team ensure is in place in order for the organization to follow security best practices? A.Visualization and isolation of resources(answer) B.Network segmentation C.Data encryption D.Strong authentication policies Question #19: An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in so the security team wants to reduce the number of credentials each employee must maintain. Which of the following is the first step the security team should take? A.Enable SAML B.Create OAuth tokens. C.Use password vaulting. D.Select an IdP (answer) Question #20: An organization plans to expand its operations internationally and needs to keep data at the new location secure. The organization wants to use the most secure architecture model possible. Which of the following models offers the highest level of security? A.Cloud-based B.Peer-to-peer C.On-premises(answer) D.Hybrid Question #21: The Chief Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells the analyst the installation must be done as quickly as possible. Which of the following courses of action should the security analyst take first? A.Log in to the server and perform a health check on the VM. B.Install the patch Immediately. C.Confirm that the backup service is running D.Take a snapshot of the VM.(answer) Question #22: A customer has a contract with a CSP and wants to identify which controls should be implemented in the laaS enclave. Which of the following is most likely to contain this information? A.Statement of work B.Responsibility matrix (answer) C.Service-level agreement D.Master service agreement

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue