Deck 6 Flashcards

1
Q

Which alternate site allows for fastest disaster recovery?

A

Hot Site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In active-active configuration, network traffic is distributed across?

A

All designated network devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following networking protocols provide(s) redundancy?

A

VRRP.

FHRP.

VRRP is Virtual Router Redundancy Protocol and provides for automatic assignment of IP routers to hosts. VRRP increases the availability and reliability of routing paths via autmatic default gateway selections on an IP subnet. It does so via the creation of virtual routers (primary/active and secondary/standby) acting as a group. The virtual router is assigned to act as a default gateway of hosts, instead of a physical router.

FHRP or First Hop Redundancy Protocol provides redundancy to the gateway router within an organization’s network by using a virtual IP and MAC address. It protects the default gateway on a subnet by allowing two or more routers to provide backup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the protocols listed below enable(s) designating a backup router in the event of an active router failure?

A

VRRP.

HSRP.

HSRP is Hot Standby Router Protocol (a FHRP) that provides redundancy for IP networks by allowing two or more routers to share a virtual IP and MAC address. HSRP protects the default gateway on a subnet by allowing two or more routers to provide backup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following terms is used to describe an average time required to repair a failed component or device?

A

MTTR.

Mean Time To Repair.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

High MTBF value indicates that a component or system provides low reliability and is more likely to fail.

A

False.

Mean Time Between Failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?

A

RTO (not RPO).

RTO is Recovery Time Objective and is a metric that measures the maximum amoutn of time that an application, system or process can be down without causing significant damage to the business.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In Business Continuity Planning (BCP), the maximum tolerable point in time to which systems and data must be recovered after an outage is called?

A

RPO.

RPO is Recovery Point Objective and is the maximum amount of data loss an organization can tolerate before significant harm occurs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the security measures listed below would be effective against the malicious insider threat?

A

DLP System.

Principle of Least Privilege.

Usage Auditing and Review.

(NOT: Strong Authentication).

DLP System or Data Loss Prevention is a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data across premise and cloud-based systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called?

A

Screened Subnet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as pre-admission NAC where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network, and/or post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

802.1X is an IEEE standard for implementing?

A

Port-based NAC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the characteristics of TACACS+?

A

Encrypts the entire payload of the access-request packet.

Primarily used for device administration (not network access).

Separates authentication and authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the characteristic features of RADIUS?

A

Primarily used for network access.

Combines authenication and authorization.

Encrypts only the password in the access-request packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following authentication protocols can be used to enable SSO?

A

Kerberos.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Assigning a unique encrypted key, called a ticket, to each user that logs on to the network is a characteristic feature of?

A

Kerberos.

17
Q

Which of the following answers refers to a security solution designed to detect anomalies in the log and event data collected from multiple network devices?

A

SIEM.