Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cloud+ > Cloud+6 > Flashcards

Cloud+6 Flashcards

1
Q 
1.Cersei wants to protect the application servers within her cloud deployment by implementing granular control of the traffic and workflows in the deployment. Which of the following would she implement?
	a.	Microsegmentation
	b.	Shadow IT
	c.	DDoS
	d.	Dos
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
2.Joffrey is about to deploy a new web server. He wants to ensure that when a user accesses the server, that their web browsing session is encrypted between the browser and the server. Which of the following should he use with the web server to provide this functionality?
	a.	SSH
	b.	SSL
	c.	TLS
	d.	ACL
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3.Gilly is walking down the hallway at her office when she notices someone in a delivery uniform carrying boxes down the hall without an escort. She also doesn’t see a visitor’s badge, which is supposed to be clipped to a visitor’s collar. Which of the following might have just occurred?
a. Insufficient security controls and processes
b. Unauthorized physical access
c. Security device failure
d. Weak or obsolete security technologies

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
4.Gendry has been learning more about security within the cloud after hearing that it is a hot topic within the IT industry. He starts reading up on SHA-3 being used for hashing. Which of the following best describes SHA-3?
	a.	Firewall
	b.	Key
	c.	ACL
	d.	Cipher
A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
5.Bran has recently learned about the CIA triad. He knows that encryption is important to a variety of things within his organization’s infrastructure. One of those is the ability to ensure that data being transmitted across the network cannot be modified undetected. Which of the following tenets of the CIA triad supports this idea?
	a.	Confidentiality
	b.	Intrusion detection
	c.	Covert
	d.	Integrity
A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
6.Podrick wants to implement a technology on the company’s servers that will detect any intrusions as well as implement rules or other methods to immediately stop traffic that appears to be an intrusion. Which of the following is he looking to install?
	a.	HIDS
	b.	HIPS
	c.	NIDS
	d.	NIPS
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
7.Hodor has a VPC that is only accessed by IP address and does not do any DNS lookups for any of the applications that it runs. Which of the following rules should he add to the firewall?
	a.	Deny port 53
	b.	Deny port 1433
	c.	Deny port 23
	d.	Deny port 69
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
8.Tormund has created a set of firewall rules and has noticed that when there is traffic that matches a rule, the traffic allowed in one direction automatically allows traffic in the other direction for an active connection as long as there is at least one message going in either direction within 10 minutes. What is the name of that type of firewall?
	a.	Stateless
	b.	Stateful
	c.	Status-monitoring
	d.	Active-analysis
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

9.Euron has received several complaints that none of the users can access the company’s resources that are hosted on a cloud service provider. The company has a piece of hardware installed that provides a VPN tunnel to the CSP. Upon entering the data center, he sees that all of the lights are off on the device. He unplugs it and plugs it back in and does not see any changes. Which of the following has most likely occurred?
a. Weak or obsolete security technologies
b. Incorrect hardening settings
c. Insufficient security controls and processes
d. Security device failure

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

10.Shae wants to implement antivirus in her cloud environments. Where should she look at installing this protection to be most effective?
a. Inside the DMZ
b. On each host of the network
c. On the e-mail servers
d. All of the other options are correct

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
11.Eddard wants to install a VM running in the perimeter network that provides antivirus/anti-malware capabilities for the rest of the network. Which of the following describes the type of VM that he wants to install?
	a.	NSG
	b.	NVA
	c.	ASG
	d.	NTP
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
12.Jamie is head of security at his company and has gotten an alert from the monitoring system that the web servers are receiving a sudden spike in traffic from a number of foreign IP addresses. This is causing the website to run very slow or return errors to some users. Which of the following is most likely occurring?
	a.	DoS attack
	b.	Ping flood
	c.	DDoS attack
	d.	Smurf attack
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
13.Bronn is examining the log files and notices a constant stream of traffic initializing sessions to an FTP server coming from a single IP address. Which of the following is most likely occurring?
	a.	DoS attack
	b.	Ping flood
	c.	DDoS attack
	d.	Smurf attack
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
14.Sansa has moved the only Linux server within VPC1 to the Linux-only VPC15. The remaining servers in VPC1 all run Windows Server. Which of the following should she do on the firewall for VPC1?
	a.	Disable port 22
	b.	Disable port 3389
	c.	Disable port 53
	d.	Disable port 443
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
15.Theon wants to transfer some files to one of the Linux servers that he manages. Which of the following would ensure that the transmissions are secure while not relying on SSL/TLS for the encryption?
	a.	FTP
	b.	FTPS
	c.	SFTP
	d.	TFTP
A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

16.Ellaria is analyzing the infrastructure that her organization uses and sees that the first rule of the firewall is as shown below. Which of the following is probably true?
a. Physical access by an unauthorized person
b. Unencrypted data and unencrypted communications
c. Incorrect hardening settings
d. Security device failure

A

C

17
Q

17.Petyr has been called into Fictional Corp to perform a security audit of their systems. One of the things that he notes on his report is that the sales department is using FTP to remotely upload scanned copies of physical order sheets from customers. Why is this an issue?
a. Sales reps may not be comfortable using an FTP client; a web browser interface would be much easier for them to use.
b. FTP will time out their sessions if inactive for 10 minutes.
c. FTP is considered insecure.
d. Sales reps may be tempted to share their username and password with others to perform the task for them.

A

C

18
Q 
18.Samwell wants to create a lightly protected subnet within the VNet that acts as a filter between the Internet and the other internal network resources. Which of the following describes the type of subnet that he is looking to deploy?
	a.	ACL
	b.	GCP
	c.	STP
	d.	DMZ
A

D

19
Q 
19.Tommen is doing an audit and finds that the firewall still includes some rules for some Windows servers that no longer exist in a VPC. The remaining servers all run a variant of Linux. Which of the following rules should he delete from the firewall?
	a.	Allow port 3389
	b.	Allow port 53
	c.	Allow port 443
	d.	Allow port 80
A

A

20
Q 
20.Khal has set up a new web server on the company’s private cloud. He has installed the security certificate necessary so that the application can be accessed by HTTPS. He isn’t overly familiar with how these certificates work, so he decides to read up on the details. He learns that there is a pair of keys used to encrypt and decrypt the initial communications. Which of the following is the key that does not get sent to the browser?
	a.	public key
	b.	private key
	c.	secret key
	d.	asymmetric key
A

B

21
Q

21.Meera notices someone entering a side door of her company’s facility, but did not swipe a badge on the proximity badge reader before being able to open the door, even though there is a badge reader installed. Which of the following may have occurred?
a. Weak or obsolete security technologies
b. Incorrect hardening settings
c. Security device failure
d. Insufficient security controls and processes

A

C

22
Q 
22.Davos has been reading about encryption recently. He begins to wonder how anything can be secure if everyone is using the same set of algorithms. After all, anyone using the same algorithm would be able to decrypt anything that had been encrypted using that algorithm. Which of the following helps make the data unusable by anyone else using that same encryption scheme without having this information?
	a.	Algorithm
	b.	Cipher
	c.	Key
	d.	Block
A

C

23
Q 
23.Jon recently returned from an IT conference where he learned about a technology that could alert the administrators to any intrusions that may occur by installing software on each of the servers within the cloud deployment. Unfortunately, this particular system wouldn’t stop the intrusion automatically. Which of the following technologies did he learn about?
	a.	HIPS
	b.	HIDS
	c.	NIPS
	d.	NIDS
A

B

24
Q 
24.Jorah is performing an analysis of some of the systems and protocols his company uses. Which of the following, if found in use, should he recommend discontinuing? (Select all that apply)
	a.	SSH
	b.	Telnet
	c.	FTP
	d.	RDP
A

B

25
Q

25.Brienne is trying to access one of her company’s websites but gets an error message about not being able to trust the website. Which of the following has most likely occurred?
a. The cipher the site has been using is now deprecated and should no longer be used
b. The certificate authority cannot be verified
c. The certificate’s serial number is invalid
d. The site’s certificate has expired

A

D

26
Q

26.Myrcella has been hired to perform an audit of a security incident where a large corporation was using an open-source application that they had deployed to a cloud service provider. The application was used to manage the many people whose information it tracked and included a lot of identifying information about them that could be used in identity fraud. Unfortunately, the person that installed the application never removed the default administrative account that was still using the default password. Which of the following describes this scenario?
a. Weak or obsolete security technologies
b. Unencrypted data and unencrypted communications
c. Insufficient security controls
d. Incorrect hardening settings

A

D

27
Q 
27.Daenerys is examining the logs of one of the Linux servers as part of a standard auditing process. She comes across a number of entries showing that an administrative account has logged in from a foreign IP address many times over the past six months. She knows that the company doesn’t have any operations in the country that the IP address is assigned to. Which of the following might describe the type of attack that has occurred?
	a.	APT
	b.	POODLE
	c.	Smurf
	d.	Christmas tree
A

A

28
Q

28.Walder is reviewing the logs and sees a spike in overnight activity by one of the user accounts that he knows the employee left the organization over a month ago. Which of the following is most likely the cause of these logins?
a. Data breach
b. Failureto properly deactivate accounts
c. Account hijacking
d. User error

A

B

29
Q 
29.Tyrion wants to use a virtual firewall to filter the types of traffic that are allowed or not allowed into a virtual private cloud instance he has created on the cloud service provider his company uses. Which of the following can he use to accomplish this goal?
	a.	VNC
	b.	NACL
	c.	NAT
	d.	VLAN
A

B

30
Q 
30.Missandei’s manager has asked her to implement microsegmentation for her company’s cloud deployment. She wasn’t overly familiar with this term and upon researching came across the reasoning to implement this as being that nothing should be trusted in a cloud environment and every system, communication, and user is considered a threat until proven otherwise. Which of the following concepts does this describe?
	a.	Zero-trust security model
	b.	Proof positive security model
	c.	ID only security model
	d.	Assurance security model
A

A

31
Q 
31.Stannis wants to block any traffic that uses insecure protocols from entering his VPC. Which of the following might he use to accomplish that goal?
	a.	Firewall
	b.	HIPS
	c.	HIDS
	d.	Anti-malware
A

A

32
Q 
32.Arya is looking to install a security appliance that is designed to detect applications and other resources running within the domain and monitor them according to her organization’s policies. Which of the following would she want to implement?
	a.	CASB
	b.	CIFS
	c.	CMDB
	d.	CAB
A

A

Cloud+ (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions