Chapter 1 - Security Basics . Flashcards Preview

CompTIA Sec+ SY0-501 > Chapter 1 - Security Basics . > Flashcards

Flashcards in Chapter 1 - Security Basics . Deck (64)
Loading flashcards...

You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution?

A). Use Hashes
B). Encrypt it before sending
C). Protect it with a digital signature
D). Use RAID

B). Encrypt it before sending

Encryption - provides confidentiality of any type of information, including proprietary data.


Austin manages network devices in his store and maintains copies of the configuration filed for all the managed routers and switches. On a weekly basis, he creates hashes for these filed and compares them with hashes he created on the same files the previous week. Which of the following cases is he MOST likely using?

A). Supporting confidentiality
B). Supporting integrity
C). Supporting encryption
D). Supporting availability

B). Supporting Integrity


Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions?

A). To support steganography
B). To support integrity
C). To support availability
D). To support obfuscation

D). To support obfuscation


Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support?

A). Supporting confidentiality
B). Supporting availability
C). Supporting obfuscation
D). Supporting non-repudiation

D). Supporting non-repudiation


As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include?

A). Ensure critical systems provide uninterrupted service.
B). Protect data-in-transit from unauthorized disclosure.
C). Ensure systems are not susceptible to unauthorized changes.
D). Secure data to prevent unauthorized disclosure.

C). Ensure systems are not susceptible to unauthorized changes.


Your organization wants to reduce the amount of money it is losing due to thefts. Which of the following is the BEST example of an equipment theft deterrent?

A). Snapshots
B). Cable locks
C). Strong passwords
D). Persistent VDI

B). Cable locks - are effective equipment theft deterrents for laptops and other systems.


Your organization is considering virtualization solutions. Management wants to ensure that any solution provides the best ROI. Which of the following situations indicates that virtualization would provide the best ROI?

A). Most physical servers within the organization are currently utilized at close to 100% .
B). The organization has many servers that do not require failover services.
C). Most desktop PCs require fast processors and a high amount of memory.
D). Most physical servers within the organization the organization are currently underutilized.

D). Most physical servers within the organization are currently underutilized.


You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application?

A). Take a snapshot of the VM before deploying the new application.
B). Take a snapshot of the VM after deploying the new application.
C). Ensure the server is configured for non-persistence.
D). Back up the server after installing the new application.

A). Take a snapshot of the VM before deploying the new application.


Lopez is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system?

A). ifconfig
B). ipconfig
C). netstat
D). tracert

B). ifconfig - command displays network setting in a Linux computer.


Administrators frequently create VMs for testing. They sometimes leave these running without using them again after they complete their tests. Which of the following does this describe?

A). VM escape
B). VDI snapshot
C). VM sprawl
D). Type ll hypervisor

C). VM sprawl - occurs when an organization has many VMs that aren’t managed properly.


Hashes provide integrity, not confidentiality (T/F) ?



What three things do digital signatures provide?

- Authentication
- Non-Repudiation
- Integrity


What does a redundant array of inexpensive disk (RAID) provide?

A higher availability for disk subsystem.


What does it mean if the hashes are the same on the configuration files?

That the files have NOT changed.


What three things enforce confidentiality?

- Encryption
- Access Controls
- Steganography


Encryption uses hashes (T/F) ?



What does availability ensure?

That systems are up and operational when needed.


What is steganography?

Hiding files within the image.


Redundant and fault-tolerance methods increase what?



Digital signatures encrypt data (T/F) ?



Protecting data and securing data to prevent unauthorized disclosure addresses what?



Digital snapshots that capture the state of a virtual machine at a moment in time refers to what?



Passwords prevent unauthorized access to systems, but don’t provide physical security (T/F) ?



A virtual desktop infrastructure (VDI) allows users to access a desktop on a remote server (T/F) ?



A persistent VDI saves the user changes on the desktop, but it does not deter thefts (T/F) ?



Taking a snapshot after the installation allows you to revert the image (T/F) ?



Is it necessary to back up the server before & after installing the new application?


Backing up BEFORE the installation is necessary, but NOT afterwards.


What three things does the ‘ifconfig’ command include?

- IP address
- Subnet Mask
- Default Gateway assigned to the NIC


What kind of computers is the ‘ipconfig’ command given to, to view configurations?

Windows computers


What does “Netstat” show?

Shows network statistics and active connections.