Incorrect Questions - Lesson 1 Practice Questions PDF

Summary

This document contains a collection of practice questions and answers related to cybersecurity.

Full Transcript

Question Answer Which is a key difference between Diffie-Hellman and Diffie-Hellman is only for encryption, RSA is only for digital signatures. RSA algorithms in secure communications? Diffie-Hellman is for ke...

Question Answer Which is a key difference between Diffie-Hellman and Diffie-Hellman is only for encryption, RSA is only for digital signatures. RSA algorithms in secure communications? Diffie-Hellman is for key exchange, RSA is for key exchange and digital signatures. RSA is a type of firewall, while Diffie-Hellman is a type of antivirus. Diffie-Hellman encrypts data at rest, RSA encrypts data in transit. A multinational corporation seeks to streamline its employees‘ access to a suite of internal and external cloud-based tools. They want a system where OAuth employees can log in once and have access to all SAML necessary applications without needing to re- LDAP authenticate for each one. Which protocol is best suited Kerberos for this type of enterprise-wide single sign-on (SSO) functionality? The IT department of a company is planning its budget for the next fiscal year. Over the past three years, the company has observed a consistent 5% annual ALE increase in the number of company-issued mobile ARO devices that need replacement due to various reasons RPO like damage, obsolescence, or loss. Which of the SLE following best predicts the number of devices that will likely need replacement in the upcoming year? An online retail website experiences variable traffic patterns, with periods of low activity and sudden bursts Scalability of high user demand, especially during sales events. Implementing a content delivery network (CDN) Which cloud computing principle should be Elasticity implemented to efficiently manage these fluctuating Upgrading server hardware resource requirements? In this type of cyber attack, an attacker tries multiple Brute Force Attack usernames with a few commonly used passwords Dictionary Attack rather than trying many passwords on a single user. Spraying Attack Which attack method does this describe? Plaintext Attack A user unknowingly submits a web form on a banking XSS website that transfers funds without their consent. This CSRF action was triggered by visiting another malicious Buffer Overflow website. What type of attack has occurred? Spear Phishing Question Answer Megan, a cybersecurity specialist, is reviewing the port configuration of a critical server in her organization‘s network. An nmap scan reveals that TCP ports 21 (FTP), 443 (HTTPS), and 3389 (RDP) are open. Given the 21 organization‘s strict security policy that mandates the 443 use of secure, encrypted protocols for all remote 21 and 3389 connections and data transfer, Megan needs to 3389 determine which port(s) should be disabled to comply with this policy. Which port(s) should Megan disable to align with the organization‘s secure protocol requirements? In the field of cryptography, one technique is particularly effective for ensuring both the integrity and RSA authenticity of a message. This method combines a HMAC cryptographic hash function with a secret SSL cryptographic key. What is this technique called? AES In the realm of Bluetooth security vulnerabilities, which term best describes an attack where the attacker gains full access to a phone, installs a backdoor, and can Bluejacking initiate actions such as listening in on conversations or Bluesnarfing enabling call forwarding? Bluebugging Bluetooth Phishing A web developer is implementing a system where users can log in to an application using their existing social OpenID media accounts. Which protocol is most suitable for SAML allowing this type of third-party authentication without OAuth sharing the user‘s password with the application? RADIUS Question Answer For a network administrator responsible for managing user accounts and permissions in a large organization, RADIUS which solution is best suited for providing a centralized Kerberos system to store, authenticate, and make user LDAP information accessible to various applications and Custom Database services? In the context of cloud computing, an organization is considering various cloud deployment models to Community facilitate resource sharing among multiple Private organizations while maintaining separation from the Public public. Which cloud deployment model is most suitable Hybrid for this scenario? Which of the following cybersecurity frameworks is best suited for integrating networking and security services into a single, cloud-based platform to support Cloud-based Identity and Access Management (IAM) the evolving secure access needs of organizations? Unified Threat Management (UTM) Secure Access Service Edge (SASE) Network Access Control (NAC) A corporation is focusing on enhancing its security measures by isolating critical applications from potential threats within a shared physical server Network Segmentation with VLANs infrastructure. Which technology is MOST suitable for Access Control Lists (ACLs) achieving effective isolation of these critical systems? Data Encryption Containerization What is the primary objective of conducting an account To ensure compliance with regulatory standards audit in the context of Privileged Access Management To monitor real-time user activities (PAM)? To identify and rectify privilege creep To track system performance and usage What is the primary role of the embedded certificate in a To store the user‘s password in an encrypted format smart card used for authentication purposes in a To hold the user's private key for secure authentication network environment? To contain a digital signature for email encryption To act as a physical token for access control Question Answer What is the primary purpose of EAP (Extensible To provide a method for two systems to create a secure encryption key for data Authentication Protocol) in a network security context? transmission To facilitate dynamic IP addressing for devices connecting to a network. To standardize the format of data packets for efficient routing and delivery. To provide a secure management framework for network devices and services. In a decentralized network where anyone can freely conduct financial transactions, how does blockchain By storing each transaction in an immutable chain of blocks, where each block is linked to technology ensure the integrity and security of these the previous one through a unique hash. transactions? By encrypting all transaction data with individual private keys for secure access and verification. Through a network of computers (nodes) that collectively validate and record each transaction. By relying on a trusted central authority to verify and process all transactions. What term is used to describe the likelihood that a potential danger might exploit a weakness in a system, Vulnerability leading to negative consequences for an organization? Threat Risk Exploit Kevin, an IT security analyst at a large corporation, receives an alert about unusual activity on an office workstation. He discovers a suspicious executable, sync_tool.exe, running in the background and a corresponding batch file scheduled in the Windows Task Scheduler to execute hourly. The batch file, named sync.bat and located at C:\Windows\Tasks\, contains the following commands: 1. @echo off Remote Access Trojan (RAT) 2. rem Sync system data Ransomware 3. net use Z: \\10.0.0.150\data_share /user:sync_user /p: Rootkit yes Virus 4. Z:\tools\sync_tool.exe 5. net use Z: /delete Kevin observes that sync_tool.exe is not part of any standard software on the workstation and notes its regular communication with external IP addresses. Evaluate the batch file and the behavior of sync_tool. exe to determine the likely type of malware present on the workstation. Question Answer When it comes to enforcing security policies and Due Care procedures for employees and systems in a company, Due Diligence which term best describes the responsibility and Regulatory Compliance approach? Risk Assessment: In a cybersecurity incident, an attacker captures encrypted authentication credentials as they are Replay Attack transmitted over a network. The attacker then uses Session Hijacking these credentials later to impersonate the user and gain On-Path Attack unauthorized system access. What type of attack does Cryptographic Attack this scenario most closely represent? In the Zero Trust model, the Policy Decision Point (PDP) controls access to resources based on strict policies. Policy Engine (PE) and Policy Administrator (PA) What are its key components?“ Access Control Lists (ACLs) and Security Policy Database Policy Enforcement Point (PEP) and Microsegmentation Techniques User Identity Verification and Device Security Assessment The acceptable amount of data loss measured in time during a data loss event The acceptable amount of data loss measured in time during a data loss event Recovery Point Objective (RPO) sets the maximum The necessary duration for system recovery after a disaster acceptable amount of data loss in terms of time. It The deadline for IT staff to complete data recovery training quantifies how much recent data an organization can The regularity of integrity checks for system backups afford to lose in a data loss event by determining the age of the backup data that needs to be restored. A network administrator wants to review all active ping 10.10.10.1 connections and listening ports on a server to check for nmap -sV 10.10.10.1 any unauthorized or suspicious connections. Which tracert 10.10.10.1 command would be most appropriate for this purpose? netstat -an The Chief Information Security Officer (CISO) at a company has mandated new user account policies to Password History and Geolocation enhance security. These policies require users to Password Complexity and Geofencing choose a password that is different from their last ten Geotagging and Password Reuse passwords and restrict user logins from certain high- Password Reuse and Geolocation risk countries. Which of the following combined measures should the security team implement? Question Answer Security-enhanced Linux (SELinux) is a prominent Discretionary Access Control (DAC) example of an operating system implementing a Mandatory Access Control (MAC) specific access control scheme. Which type of access Role-Based Access Control (RBAC) control scheme does SELinux primarily use? Attribute-Based Access Control (ABAC) What is the primary purpose of the Security Content Automation Protocol (SCAP) in the context of To automate the generation of security policies and procedures. cybersecurity? To facilitate communication between vulnerability scanners and other security and management tools. To encrypt sensitive security data and content. To provide real-time monitoring of network traffic for security threats. What is ‘Lateral Movement‘ in the context of network penetration testing? The process of moving deeper into a network to gain more control. The technique of switching between different network protocols. Moving from one compromised system to another within the same network. Escalating privileges from a user level to an administrative level. In an organization, who is primarily responsible for managing the policies and guidelines related to data Data Custodian usage, ensuring data quality, and defining data Data Controller standards and procedures? Data Processor Data Owner A network engineer, Mark, is configuring a device to manage network traffic. He reviews the device‘s configuration, which includes the following rules: Firewall permit IP any any eq 22 Proxy Server permit IP any any eq 3389 VPN Gateway deny IP any any Remote Access Server Based on these entries, which type of network device is Mark most likely configuring? As part of its disaster recovery plan, a company is considering establishing additional data centers. Which Geographic Location factor is most critical to ensure the organization‘s Redundant Power Supply resilience in case of natural disasters? Advanced Fire Suppression Systems Uninterruptible Power Supply (UPS) Question Answer Alex, a security analyst, is alerted to potential security risks on one of the company‘s servers. While inspecting Logic Bomb the system logs, he uncovers a concerning CRON job Backdoor set to execute a script located at /etc/cron. Rootkit daily/cleanup.sh daily. The script includes the following Spam lines: An organization is conducting a risk assessment to identify potential security risks to their IT infrastructure. They estimate that the likelihood of a cyber attack is 50000 20% and the impact of the attack would be $500,000. 100000 What is the annualized loss expectancy (ALE) of the 200000 risk? 500000 In the context of cybersecurity, choosing the right cryptographic solution for low-power devices, such as ECC IoT devices, embedded systems, and mobile devices, is SHA-256 Algorithm crucial due to their limited processing capabilities. RSA Encryption Which of the following cryptographic solutions would AES be best suited for these types of devices? Which term in change management refers to the Change Log documented processes an organization consistently Standard Operating Procedures (SOP) follows for every change, ensuring that each is Change Control Board implemented in a uniform and reliable manner? Risk Analysis For logging and reviewing system events on Linux- Event Viewer based systems, what is the standard method used? Syslog SIEM Auditd In the realm of cryptography, certain elements are added to cryptographic processes to enhance security, Shim particularly against specific types of attacks. Which of Salt the following is specifically used to ensure that Initialization Vector (IV) encrypted messages are unique and to prevent attacks Seed such as replay attacks? Question Answer When assessing the accuracy of a biometric system, which of the following metrics is most desirable for optimal performance? The lowest possible False Acceptance Rate (FAR) The highest possible False Acceptance Rate (FAR) The highest possible Crossover Error Rate (CER) The lowest possible Crossover Error Rate (CER) In his organization, Michael needs to manage network Network-based firewall traffic for each employee‘s computer, customizing the Host-based firewall security settings per machine. What kind of security IDS solution should he use? Proxy server Rachel, a web developer, is reviewing website logs and notices a recurring entry: being submitted in a user SQL Injection; use parameterized queries. feedback form. She recognizes this pattern as XSS; implement input validation and encoding. potentially harmful. Buffer Overflow; increase storage allocation for inputs. Task: Determine the type of web security vulnerability CSRF Attack; introduce anti-CSRF tokens. this pattern suggests and recommend an appropriate countermeasure. In the Zero Trust security model, which component enforces access control decisions on the data plane, Policy Decision Point (PDP) acting as the intermediary between the control plane Policy Enforcement Point (PEP) and the data plane? User Identity Management System Network Access Control (NAC) IPsec is widely utilized in VPNs for securing data AH provides encryption, and ESP ensures data integrity transmission through a tunnel. What are the specific AH offers authentication and integrity, while ESP provides confidentiality, integrity, and roles of the Authentication Header (AH) and authentication Encapsulating Security Payload (ESP) in IPsec? ESP provides authentication only, and AH ensures encryption Both AH and ESP are used for encrypting VPN traffic In the context of system recovery and maintenance, MTTR which metric is used to measure the average time taken RPO to repair a system and restore it to its normal RTO operational state after a failure? MTBF Question Answer Alice needs to send a confidential message to Bob securely. They decide to use an asymmetric encryption Alice and Bob use a shared secret key for both encrypting and decrypting the message. algorithm. How should Alice and Bob proceed using Alice encrypts the message with her private key, and Bob decrypts it with her public key. asymmetric encryption to ensure the message is Alice encrypts the message with Bob‘s public key, and Bob decrypts it with his private key. securely transmitted? Alice sends an encrypted message to Bob, who uses a hash function to decrypt it. In a high-security government facility, the system restricts access to information based on both the classification of the data (e.g., confidential, secret, top Discretionary Access Control (DAC) secret) and the clearance level of the individual seeking Mandatory Access Control (MAC) access. Which access control model does this scenario Role-Based Access Control (RBAC) exemplify? Attribute-Based Access Control (ABAC) To reduce the risk of insider threats and enhance security, a financial institution wants to implement a Permanent Role-Based Access system where accounts with specific privileges are Just-in-Time Permissions created for users when needed and automatically Temporal Accounts deleted after a set period. Which approach should the Continuous Access Monitoring institution adopt? In the realm of cybersecurity, a comprehensive solution is needed to detect and respond to threats across IPS various network domains, including email, endpoints, SIEM servers, cloud services, and networks. Which XDR technology provides such extensive threat detection Firewall and response capabilities across different security layers? An online healthcare platform storing sensitive patient records is undergoing a migration to new infrastructure and requires a robust cryptographic hash function for digital signatures and ensuring data integrity. The MD5 organization is focused on balancing high-security RSA strength with performance efficiency for handling large SHA-1 datasets. Given the current threat landscape and SHA-3 industry best practices, which cryptographic hash function would be the most appropriate choice for this specific application? Question Answer Which formula best represents the calculation for the potential value of a single threat event, such as a SLE = EF / AV cyberattack on an asset? AV + EF = SLE SLE = AV × EF AV - EF = SLE In the context of wireless network security, what Flooding the access point with an overwhelming number of connection requests, leading to characterizes a disassociation attack? network unavailability. Sending a frame that impersonates a client‘s request to end its session with the access point. Capturing and altering the data transmitted between a client and the access point, compromising data integrity Unauthorized encryption of the signal between the client and the access point, denying access to authorized users. After a security breach, a company installs a mantrap at Managerial Control the entrance of their data center. What type of security Operational Control control does this mantrap represent? Technical Control Physical Control For an industrial organization, securing its SCADA (Supervisory Control and Data Acquisition) system from Network Segmentation external cyber threats is paramount. The system is IDS crucial for controlling automated processes. Which Air Gapping security measure should be implemented to effectively SCADA Encryption isolate the SCADA system from potential cyber threats? A cybersecurity professional observes that an attacker Eavesdropping Attack is actively intercepting and potentially modifying the On-Path Attack data transmitted between a user and a network service. Session Hijacking What type of cybersecurity threat does this scenario ARP Poisoning best represent? The security team of an organization seeks a tool that can aggregate information on known vulnerabilities, allocate standardized identifiers for each, and offer SCAP insights on their severity and potential implications. CVE Which tool is best suited for fulfilling these specific SIEM requirements? Nessus Question Answer A user of a financial service website inadvertently sends a money transfer request when visiting a XSS malicious website, due to a script that exploits the user CSRF ‘s authenticated session on the financial service Buffer Overflow website. What type of attack is this? Spear Phishing You notice that a virtual machine (VM) in your network VM Sprawl is interacting unexpectedly with its host system and VM Escape other VMs on the same server. Resource Contention Task: Identify the type of security threat this activity Hypervisor Vulnerability most likely represents. In the aftermath of a data breach, the cybersecurity team at your company analyzes logs from the compromised server. They discover entries indicating that the attacker accessed a file containing hashed Dictionary Attack passwords. Subsequent log entries show rapid Brute Force Attack matching of these hashed passwords with plaintext Rainbow Table Attack passwords. The log shows entries like the following: SQL Injection Attack Given the rapid matching of hashed passwords to their plaintext equivalents, what type of cyber attack does this log pattern suggest? In the OSI model, what is the role of Layer 2, also known Providing end-to-end communication as the Data Link Layer? Routing data across multiple networks Managing the physical connection between devices Facilitating data transfer between network devices What is the primary use of the ‘route‘ command in a To configure network interfaces network environment? To view and manipulate the routing table To monitor network traffic in real-time To set up virtual private networks (VPNs) A corporation‘s IT department has reported a consistent increase in malware attacks, rising by approximately Risk Impact 20% annually. The risk management team needs to Threat Likelihood estimate the likelihood of these attacks continuing at Vulnerability Severity the same rate for the upcoming year to enhance their Control Effectiveness defensive strategies. Which metric is MOST suitable for this purpose? Question Answer When troubleshooting an issue related to the Windows Application Log operating system itself, such as a service failing to start Security Log or a driver error, which log in the Windows Event System Log Viewer should an IT professional check first? Forwarded Events Log The WiFi Protected Setup (WPS) feature on many WPS is vulnerable to brute-force attacks that attempt different PINs until successful, wireless routers is intended to simplify the process of allowing tools like Reaver to discover the PIN within hours. connecting devices to the network. However, it has a WPS can be bypassed by intercepting WiFi signals, enabling unauthorized users to connect known vulnerability. What is this vulnerability, and how without a PIN. can it be exploited? The encryption used by WPS is outdated, allowing attackers to decrypt the WiFi password easily. WPS does not encrypt its signals, making it easy for attackers to spoof legitimate devices. Modern security architectures leverage the impermanence of certain access credentials to Temporary Authentication Certificates (TACs) strengthen system security. What best describes these MFA Codes short-lived credentials designed to minimize the impact Ephemeral Credentials of credential theft by expiring after a set time or a single Role-Based Access Control (RBAC) Permissions use? As a network administrator investigating a connectivity curl issue, you need to confirm if a specific server is ping reachable and responding over HTTP. Which command- traceroute line tool should you use for this purpose? netstat If an individual application undergoes an update or Restricted activities modification, what action might be necessary to ensure Downtime the changes are applied? Application restart Service restart For organizations that need to handle high volumes of Key management system cryptographic operations, which device offers high- Secure enclave performance cryptographic processing? Hardware security module (HSM) Trusted Platform Module (TPM) Which tool is often integrated into servers to provide a Secure enclave secure foundation for cryptographic operations, Key management system especially in data centers? Trusted Platform Module (TPM) Hardware security module (HSM) Question Answer In the context of databases, which encryption level Full-disk encryption targets individual data entries or rows? File encryption Volume encryption Record encryption Which control type involves the use of security guards or surveillance cameras? Managerial Operational Physical Technical Which control type provides a warning or indication of violations? Preventive Detective Corrective Deterrent Which of the following is NOT a primary purpose of Wasting attackers‘ time and resources deception and disruption technology in cybersecurity? Luring attackers to decoy systems Encrypting sensitive data Studying attacker tactics and behaviors Which technology is specifically designed to mislead Honeytoken attackers by presenting them with false information or Deception and disruption technology decoy systems? Honeynet Honeyfile Who is typically responsible for ensuring that a change aligns with business objectives and has the authority to Approval process approve or reject the change? Test results Stakeholders Ownership In network architecture, which component is Control Plane responsible for deciding how data packets should be Policy Enforcement Point forwarded? Data Plane Policy Engine Question Answer When a user logs into a system using a smart card combined with a personal identification number (PIN), When a user logs into a system using a smart card combined with a personal identification number this is an example of which type of authentication (PIN), this is an example of which type of authentication mechanism? mechanism? What is used to check the revocation status of a digital Online Certificate Status Protocol (OCSP) certificate in real-time? Self-signed certificate Certificate revocation lists (CRLs) Certificate signing request (CSR) generation Which device is specifically designed to manage, process, and store cryptographic keys securely outside Key management system of the host‘s environment? Secure enclave Trusted Platform Module (TPM) Hardware security module (HSM) The root of trust represents a trusted entity that verifies the linkage between a public key and its owner. FALSE True A honeytoken can be embedded within a database or Honeynet other data repositories. If the honeytoken is queried or Honeyfile accessed, it indicates potential unauthorized activity, as Honeypot the token serves no real purpose other than detection. Honeytoken The root of trust in a security system refers to the foundational element that other security measures are FALSE built upon. True The primary purpose of a Trusted Platform Module (TPM) is for key management and centralized storage of cryptographic keys. TRUE False Question Answer What is the term for a secure storage mechanism where Private key cryptographic keys are held, ensuring they can be PKI vault recovered if lost? Public key repository Key escrow When a computer system presents a digital certificate Somewhere you are as proof of its identity, this is a form of which type of Something you are authentication? Something you have Something you know Which system is primarily responsible for the Secure enclave centralized management of cryptographic keys Key management system throughout their lifecycle? Trusted Platform Module (TPM) Hardware security module (HSM) In network architecture, which component focuses on Policy Enforcement Point the actual forwarding of data packets? Data Plane Policy Engine Control Plane Managerial controls, such as guidelines, policies, and procedures, provide a framework for an organization‘s Physical security posture. Guidelines for remote access would Managerial fall under this category as they provide strategic Technical direction on how to securely access data. Operational In a Gap Analysis, what term is used to describe the difference between the current state of security Security Delta measures and the desired state outlined in the security Security Dividend policy? Security Discrepancy Security Drift Why is it essential to regularly update documentation in To reflect the current state and changes in the environment a dynamic IT environment? To make the documents look visually appealing To ensure compliance with outdated standards To reduce the storage space of documentation Question Answer Which type of vulnerability is more likely to be exploited using shellcode to gain control over a system? Buffer overflow Race conditions Malicious update Memory injection In a cloud environment, which vulnerability arises when Virtual machine (VM) escape an attacker gains unauthorized access to a virtual Resource reuse machine by bypassing its isolation mechanisms? Cloud-specific vulnerability Service provider compromise An attacker purchases a domain name that visually Typosquatting resembles a popular brand by using characters from Brand impersonation different alphabets. This tactic is a variation of? Phishing Homograph attack Operating system (OS)-based vulnerabilities refer to Application flaws or weaknesses in the design, implementation, or Operating system (OS)-based operation of an entire computing platform. These Race conditions vulnerabilities can affect the security and stability of all Memory injection applications and processes running on the OS. A software company that sells a specific application to Distributors businesses and offers support for it is best described Suppliers as? Managed service providers (MSPs) Vendors Image-based threats involve embedding malicious code within image files. When the image is viewed or Removable device processed, the embedded code can be executed, Image-based leading to potential exploitation of vulnerabilities in the Voice call software handling the image. Email Which aspect of the supply chain is particularly Vendors vulnerable due to its ability to introduce compromised Distributors hardware or software into an organization‘s Managed service providers (MSPs) environment? Suppliers Question Answer Client-based software requires installation on the client ‘s system to function. If this software has Agentless vulnerabilities, it can be exploited by attackers once Voice call installed. In contrast, agentless software does not Client-based require installation and operates remotely. File-based Which of the following would be a primary concern Their origin (internal/external) when assessing the capability of a threat actor? Their level of sophistication Their motivation Their geographical location Which entity is responsible for selling products, often Suppliers software or hardware, directly to consumers or Vendors businesses? Managed service providers (MSPs) Supply chain Which type of malware attaches itself to a host file and Virus can spread to other files and systems when the host file Spyware is executed? Trojan Ransomware An attacker exploiting vulnerabilities by intercepting Open service ports data transmitted between a smartphone and a wireless Bluetooth headset is targeting which type of connection? Wired Wireless An attacker sends text messages claiming to be from a Vishing bank and urging recipients to call a number to verify Pretexting their account details. This attack method is known as? Phishing Smishing An IT professional who sets up a personal cloud Hacktivist storage account to store company data without Organized crime informing the IT department is engaging in? Shadow IT Insider threat An attacker exploiting a flaw in the way an operating Operating system (OS)-based system manages memory allocation is targeting a Application vulnerability at the level of? Malicious update Memory injection Question Answer Pretexting involves creating a fabricated scenario to Phishing obtain specific information or access. In this case, the Vishing attacker uses gathered information to create a plausible Pretexting story and deceive the IT helpdesk. Smishing Managed service providers (MSPs) often handle the IT Managed service providers (MSPs) infrastructure and services for multiple businesses. A Vendors breach in an MSP can compromise the security of all Suppliers businesses that rely on its services, making them a Individual products high-value target for attackers. In the context of power solutions for data centers, Generators which equipment is essential for ensuring operations Power regulators during maintenance or repair activities on the main Uninterruptible power supply (UPS) power source? Power converters Which data classification is typically applied to personal information about individuals that is not meant Sensitive to be shared widely, such as home addresses or Critical personal email addresses? Private Public Which strategy can help an organization avoid vendor Continuity of operations lock-in and provide flexibility in choosing cloud Multi-cloud systems services based on specific needs? Capacity planning Platform diversity An architecture where the cloud provider manages An architecture that uses only one powerful server server provisioning and scaling An architecture where servers are not used An architecture that relies solely on physical servers An architecture where the cloud provider manages server provisioning and scaling Transport Layer Security (TLS) is a protocol that Internet protocol security (IPSec) provides secure communications over the internet by Transport Layer Security (TLS) encrypting web traffic, commonly used in web browsers Secure access service edge (SASE) and other applications Virtual private network (VPN) Which data classification would typically be applied to Public an organization‘s internal policies and procedures that Confidential are not meant for public disclosure? Private Restricted Question Answer What is a primary security concern when implementing Ensuring all services use the same database microservices architecture? Managing and securing inter-service communications Ensuring tight coupling between services Ensuring all services are written in the same programming language Which of the following is a primary consideration when The cost of the control solution selecting effective controls for a network? The brand of the control solution The compatibility of the control with existing infrastructure The popularity of the control solution Which of the following systems is designed to have Embedded systems minimal interruption and high reliability? Real-time operating system (RTOS) Decentralized systems High availability systems Which device can help protect sensitive electronic Power regulators equipment from power surges and spikes? Power converters Uninterruptible power supply (UPS) Generators Which of the following is NOT a primary advantage of Enhanced physical security of the infrastructure using Infrastructure as Code (IaC)? Consistent and repeatable environment setups Version control for infrastructure configurations Reduction in manual configuration errors Which firewall type primarily focuses on filtering traffic Next-generation firewall (NGFW) based on attributes like IP address, protocol, and port Layer 7 firewall number? Layer 4 firewall Web application firewall (WAF) Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer Question Answer

Use Quizgecko on...
Browser
Browser