Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Practice Tests: Exam SY0-501 > Risk Management (5) > Flashcards

Risk Management (5) Flashcards

1
Q

A SQL database server is scheduled for full backups on Sundays at 2:00 a.m. and incremental backups each weeknight at 11:00 p.m. Write verification is enabled, and backup tapes are stored off-site at a bank safety deposit box. Which of the following should be completed to ensure integrity and confidentiality of the backups? (Choose two.)

Use SSL to encrypt the backup data.

Encrypt the backup data before it is stored off-site.

Ensure that an employee other than the backup operator analyzes each day’s backup logs.

Ensure that the employee performing the backup is a member of the administrators’ group.

A

Encrypt the backup data before it is stored off-site.

Ensure that an employee other than the backup operator analyzes each day’s backup logs.

Encrypting the backup data before it is stored off-site ensures confidentiality. To avoid data tampering and ensure data integrity, a different employee should review the backup logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You are planning to perform a security audit and would like to see what type of network traffic is transmitting within your company’s network. Which of the following tools would you use?

Port scanner

Protocol analyzer

Network intrusion detection system

A

Protocol analyzer

A protocol analyzer used with a promiscuous mode NIC can capture all network traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Your company has hired a new administrative assistant to a commercial lender named Leigh Ann. She will be using a web browser on a company computer at the office to access internal documents on a public cloud provider over the Internet. Which type of document should Leigh Ann read and sign?

Internet acceptable use policy

Audit policy

Password policy

A

Internet acceptable use policy

The correct answer is an Internet acceptable use policy. Leigh Ann will be using the company’s equipment to access the Internet, so she should read and sign this policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

During a conversation with another colleague, you suggest there is a single point of failure in the single load balancer in place for the company’s SQL server. You suggest implementing two load balancers in place with only one in service at a given time. What type of load balancing configuration have you described?

Active-active

Active directory

Active-passive

A

Active-passive

Active-passive is a configuration that involves two load-balancers. Traffic is sent to the primary node, and the secondary node will be in listening mode. When too much traffic is sent to the main server, the second server will handle some of the requests. This will prevent a single point of failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following policies would you implement to help prevent the company’s users from revealing their login credentials for others to view?

Job rotation

Data owner

Clean desk

A

Clean desk

A clean desk policy ensures that all sensitive/confidential documents are removed from an end-user workstation and locked up when the documents are not in use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following are part of the chain of custody?

Delegating evidence collection to your manager

Capturing the system image to another hard drive

Preserving, protecting, and documenting evidence

A

Preserving, protecting, and documenting evidence

Chain of custody offers assurances that evidence has been preserved, protected, and handled correctly after it has been collected. Documents show who handled the evidence and when they handled it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Zackary has been assigned the task of performing a penetration test on a server and was given limited information about the inner workings of the server. Which of the following tests will he be performing?

White box

Gray box

Black box

A

Gray box

Gray-box testing uncovers any application vulnerabilities within the internal structure, devices, and components of a software application. During gray-box testing, limited information regarding the internal devices and structure is given to the testing team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following are considered administrative controls? (Choose two.)

Firewall rules

Personnel hiring policy

Separation of duties

Intrusion prevention system

A

Personnel hiring policy

Separation of duties

A personnel hiring policy and separation of duties are administrative controls. Administrative controls are defined through policies, procedures, and guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following are examples of alternate business practices? (Choose two.)

The business’s point-of-sale terminal goes down, and employees use pen and paper to take orders and a calculator to determine customers’ bills.

The network system crashes due to an update, and employees are told to take time off until the company’s network system is restored.

Power is lost at a company’s site and the manager posts a closed sign until power is restored.

A bank location has lost power, and the employees are sent to another location to resume business.

A

The business’s point-of-sale terminal goes down, and employees use pen and paper to take orders and a calculator to determine customers’ bills.

A bank location has lost power, and the employees are sent to another location to resume business.

An alternate business practice is a temporary substitute for normal business activities. Having employees write down customers’ orders is a substitute for the point-of-sale system. Having employees work from another bank location means that the employees can continue using the computer system and phones to assist customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following require careful handling and special policies for data retention and distribution? (Choose two.)

Personal electronic devices

MOU

PII

NDA

A

Personal electronic devices

PII

Personally identifiable information (PII) is personal information that can be used to identify an individual. PII must be carefully handled and distributed to prevent ID theft and fraud. Personal electronic devices, in a BYOD environment, should be protected and secured because these devices can be used for personal and business purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Matt is the head of IT security for a university department. He recently read articles about security breaches that involved malware on USB removable devices and is concerned about future incidents within the university. Matt reviews the past incident responses to determine how these occurrences may be prevented and how to improve the past responses. What type of document should Matt prepare?

MOU

After-action report

Nondisclosure agreement

A

After-action report

An after-action report examines a response to an incident or exercise and identifies its strengths that will be maintained and built on. Also, it helps recognize potential areas of improvement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Categorizing residual risk is most important to which of the following risk response techniques?

Risk mitigation

Risk acceptance

Risk avoidance

A

Risk acceptance

Risk acceptance is a strategy of recognizing, identifying, and accepting a risk that is sufficiently unlikely or has such limited impact that a corrective control is not warranted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You are the IT manager and one of your employees asks who assigns data labels. Which of the following assigns data labels?

Owner

Custodian

Privacy officer

A

Owner

Data owners assign labels such as top secret to data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is the most pressing security concern related to social media networks?

Other users can view your MAC address.

Employees can leak a company’s confidential information.

Employees can express their opinion about their company.

A

Employees can leak a company’s confidential information.

Employees can leak a company’s confidential information. Exposing a company’s information could put the company’s security position at risk because hackers can use this information to gain unauthorized access to the company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are a network administrator looking to test patches quickly and often before pushing them out to the production workstations. Which of the following would be the best way to do this?

Create a full disk image to restore the system after each patch installation.

Create a virtual machine and utilize snapshots.

Create an incremental backup of an unpatched workstation.

A

Create a virtual machine and utilize snapshots.

A snapshot is the state of a system at a particular point in time. Snapshots offer considerably easier and faster backups than any traditional backup system can

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You have instructed your junior network administrator to test the integrity of the company’s backed-up data. Which of the following is the best way to test the integrity of a backup?

Review written procedures.

Use software to recover deleted files.

Restore part of the backup.

A

Restore part of the backup.

To test the integrity of backed-up data, restore part of the backup

17
Q

What concept is being used when user accounts are created by one employee and user permissions are configured by another employee?

Background checks

Job rotation

Separation of duties

A

Separation of duties

Separation of duties is the concept of having more than one person required to complete a task

18
Q

Your company is requesting the installation of a fence around the property and cipher locks on all front entrances. Which of the following concepts is your company concerned about?

Integrity

Availability

Safety

A

Safety

Safety is a common goal of security that includes providing protection for personnel and other assets

19
Q

Which of the following is an example of a vulnerability assessment tool?

Ophcrack

John the Ripper

Nessus

A

Nessus is considered a vulnerability scanner. It attempts to identify weaknesses in a system

20
Q

A security analyst is analyzing the cost the company could incur if the customer database was breached. The database contains 2,500 records with PII. Studies show the cost per record would be $300. The likelihood that the database would be breached in the next year is only 5%. Which of the following would be the ALE for a security breach?

$15,000

$37,500

$150,000

A

$37,500

ALE (annual loss expectancy) = SLE (single loss expectancy) × ARO (annualized rate of occurrence). SLE equals $750,000 (2,500 records × $300), and ARO equals 5%, so $750,000 times 5% equals $37,500

21
Q

Your team must perform a test of a specific system to be sure the system operates at the alternate site. The results of the test must be compared with the company’s live environment. Which test is your team performing?

Cutover test

Walk-through

Parallel test

A

Parallel test

A parallel test can test certain systems to confirm their operation at alternate sites. Compare the results of the test to the results of the original system to confirm that the alternate site operates as close to normal as possible

22
Q

Which of the following concepts defines a company goal for system restoration and acceptable data loss?

MTTR

RPO

ARO

A

RPO

RPO (recovery point objective) specifies the allowable data loss. It is the amount of time that can pass during an interruption before the quantity of data lost during that period surpasses business continuity planning’s maximum acceptable threshold

23
Q

Your IT team has created a disaster recovery plan to be used in case a SQL database server fails. What type of control is this?

Detective

Corrective

Preventive

A

Corrective

A corrective control is designed to correct a situation

24
Q

Which of the following is not a step in the incident response process?

Snapshot

Preparation

Recovery

A

Snapshot

A snapshot is the state of a system at a particular point in time. It’s also known as a system image and is not a step in the incident response process

25
Q

Which of the following threats is mitigated by shredding paper documents?

Shoulder surfing

Physical

Adware

A

Physical

Shredding documents can prevent physical threats such as theft of the documents or obtaining information from the documents

26
Q

Your company hires a third-party auditor to analyze the company’s data backup and long-term archiving policy. Which type of organization document should you provide to the auditor?

Clean desk policy

Acceptable use policy

Data retention policy

A

Data retention policy

A data retention policy states how data should be stored based on various types; such as storage location, amount of time the data should be retained, and the type of storage medium should be used

27
Q

You are a network administrator and have been given the duty of creating users accounts for new employees the company has hired. These employees are added to the identity and access management system and assigned mobile devices. What process are you performing?

Offboarding

System owner

Onboarding

A

Onboarding

Onboarding is the process of adding an employee to a company’s identity and access management system

28
Q

Which of the following defines a standard operating procedure (SOP)? (Choose three.)

Standard

Privacy

Procedure

Guideline

A

Standard

Procedure

Guideline

The correct answer is standard, procedure, and guideline. A standard defines how to measure the level of adherence to the policy. A procedure contains the step-by-step instructions for implementing components of the policy. A guideline is a suggestion, recommendation, or best practices for how to meet the policy standard

29
Q

Computer equipment was suspected to be involved in a computer crime and was seized. The computer equipment was left unattended in a corridor for 10 minutes while officers restrained a potential suspect. The seized equipment is no longer admissible as evidence because of which of the following violations?

Chain of custody

Order of volatility

Preparation

A

Chain of custody

Chain of custody refers to the chronological documentation showing the custody, control, transfer, analysis, and disposition of physical or electronic evidence

30
Q

Which of the following should be performed when conducting a qualitative risk analysis? (Choose two.)

ARO

SLE

Asset estimation

Rating potential threats

A

Asset estimation

Rating potential threats

The correct answers are asset estimation and rating potential threats. Qualitative risk analysis measures the probability of risks that will hinder normal business operations and rate them relative to one another. Assets that are protected from risks must have assigned value to determine whether the cost of risk mitigation is justified

CompTIA Security+ Practice Tests: Exam SY0-501 (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions