Domain 2 Questions

Question 1

2

A large firm uses a non-persistent operating system for its remote users. This allows the employees to access company resources while teleworking. When the computers are turned off, the operating system disappears. Which of the following operating systems is the company using?

Full disk encryption
Trusted operating system
TPM
Live boot media

Answer 1

Live boot media

Live boot media is a non-persistent operating system on a compact disk or USB. Live boot media can be run on any computer to provide the user a complete operating system while the computer is on.

Question 2

2

A network administrator needs a service to easily manage Virtual Private Cloud (VPC) and edge connections. The service must have a central console for ease of monitoring all components. Which of the following is the best solution for the administrator to use in a cloud computing environment?

Transit gateway
NAT gateway
Cloud storage gateway
gateway endpoint

Answer 2

Transit gateway

A transit gateway is a cloud network hub that allows users to interconnect virtual private clouds (VPC) and on-premises networks through a central console.

Question 3

2

An application developer uses a third-party source to send cryptographic data through multiple processors to stretch the data and ensure secure algorithms. What is the developer preventing the use of?

Rainbow table attack
Weak keys
Salting
Collision

Answer 3

Weak keys

Weak keys are poor or short algorithms in cryptographic keys used with a specific cipher. They are vulnerable to cybersecurity attacks. Stretching keys can strengthen the algorithm to make it more secure.

Question 4

2

An unmanned aerial vehicle is equipped with a component to ensure position and movement sensors are aligned and relays information to a ground control. Which of the following computing devices does this best describe?

Embedded system
SoC
Microprocessor
Microcontroller

Answer 4

Embedded system

An embedded system is a combination of hardware and software that contains a dedicated function and uses a computer component to complete the function.

Question 5

2

A company leases access to resources from a service provider as agreed upon in a service level agreement. The company pays only for what is used on a monthly basis. Which of the following computing concepts is being used?

PaaS
On-premise
Cloud computing
Community cloud

Answer 5

Cloud computing

In cloud computing, a company uses a cloud service provider to deliver computing resources. A cloud-based server utilizes virtual technology to host a company’s applications offsite.

Question 6

2

A recent change to an API exposes an exploit in a web application. Developers working on the project discover that dead code in the application had been executed as a result of which practice?

Code reuse
Normalization code
Unreachable code
Code obfuscation

Answer 6

Code reuse

Code reuse is the copying of code from one location into another. Careless or mismanaged code reuse can introduce instances of dead code.

Question 7

2

A program office provides a mock production environment where users and test agencies can persistently test application code as it is being checked in after development. This practice ensures the product meets user acceptance testing and design goals. Which Agile product does this most likely represent?

Continuous deployment
Continuous validation
Continuous Integration
DevSecOps

Answer 7

Continuous validation

Continuous validation is the process in which a product is continually tested throughout the development lifecycle to ensure it is meeting the functional and security goals of a customer.

Question 8

2

Which of the following are common constraints of embedded systems?

Select all that apply

Network range
Cryptography capability
Reliability
Compute power

Answer 8

Network range
Cryptography capability
Compute power

Compute power is a common constraint of an embedded system. Embedded systems are relatively small and do not have the average computing capabilities as a standard computer.
Authentication is a common constraint for embedded systems. Because they lack compute capacity, embedded systems cannot match the authentication technologies of a standard network.
The lack of size and computing power also diminishes choices for network connectivity. Transmission Control Protocol/Internet Protocol (TCP/IP)-based networking is not up to standards with embedded systems using relatively low processing power.

Question 9

2

A Cloud Service Provider (CSP) outsources the entire cyber security elements to a third party for the infrastructure in which an application resides due to lack of resources. The CSP maintains responsibility of the environment and attributes. What is this an example of?

SECaaS
MSSP
Pay as you go
Resource pooling

Answer 9

MSSP

A managed service provider (MSP)/Managed security service provider (MSSP) offers fully outsourced responsibility for information assurance to a third party.

Question 10

2

A logistics facility provides transportation services globally for many clients. Clients require their planning information to be kept in a secure environment not connected to a network until the needs have been fulfilled. Which of the following solutions would be the most ideal method of meeting this requirement for the company?

Air gap
Faraday cage
Container
Mantrap

Answer 10

Air gap

An air gap is a host that is not physically connected to any network. Air gaps are secure areas that protect resources against unauthorized users and spillage of information.

Question 11

2

A cardiovascular patient is sent home with a monitoring device that records and sends data to a healthcare provider when triggered by abnormal cardiac activity. Response time to the data is critical to patient health. Which embedded platform is the medical device using?

Real-time
Standalone
Distributed
Networked

Answer 11

Real-time

A real-time operating system (RTOS) is in an embedded system intended to serve real-time applications that process data as it comes in. It provides a quicker reaction to external events than a typical operating system.

Question 12

2

Which of the following cryptographic algorithm standards is best suited for Internet of Things (IoT) devices?

Elliptic curve
Asymmetric
Lightweight
Cipher suite

Answer 12

Lightweight

Lightweight cryptography is an encryption method that provides a small footprint and/or low computational complexity for resource-constrained systems such as an Internet of Things (IoT) device.

Question 13

2

Analyze the active defense solution statements and determine which best describes the purpose of a honeyfile.

The attempts to reuse can be traced if the threat actor successfully exfiltrates it.
It is helpful in analyzing attack strategies and may provide early warnings of attacks.
Configurations are in place to route suspect traffic to a different network.
A decoy is set as a distraction to emulate a false topology and security zones.

Answer 13

The attempts to reuse can be traced if the threat actor successfully exfiltrates it.

A honeyfile is convincingly useful but actually fake data. This data can be made trackable, so that when a threat actor successfully exfiltrates it, the attempts to reuse or exploit it can be traced.

Question 14

2

A database export allows personally identifiable information (PII) to display in report format and on screen. This poses a potential data leakage concern. In order to protect this PII, what de-identification method should the programmer consider implementing?

Hashing
Data masking
Salting
Tokenization

Answer 14

Data masking

Data masking is a secure coding technique used to hide sensitive or private data from disclosure. All or part of the data fields are altered by substituting character strings with a random character.

Question 15

2

An application user is contacted after an attempt to login to a company application to verify activity. Which form of two-factor authentication is this?

Phone call
SMS
Push notification
Voice recognition

Answer 15

Phone call

A phone call is a form of two-factor authentication (2FA). An automated service dials the registered number on file to confirm authentication of a user.

Question 16

2

A vendor ensures that each Internet of Things (IoT) device produced uses random, unique cryptographic keys in accordance with the established certificate and key management practices found in The National Institute of Standards and Technology (NIST) publications. Which of the following constraints is the vendor preventing?

Reuse
Salting
Escrow
Stretching

Answer 16

Reuse

The practice of reusing a cryptographic key can make a system vulnerable to cyber attacks. The longer a key is in use, the easier it is for an attacker to compromise it. Randomly generated, unique keys provide better security.

Question 17

2

A developer implements a single sign-on (SSO) login standard using Security Assertion Markup Language (SAML) for logging users into an application to eliminate the need for username/password credentials. This implementation is part of which of the following?

SSL/TLS
API consideration
URL filtering
HTTPS

Answer 17

API consideration

API considerations are programming code that enables data transmission between one software product to another. It also contains the terms of this data exchange.

Question 18

2

A systems administrator plans to protect a data center with various security controls and safety mechanisms. Which solution does the administrator plan based on a “triangle” principle?

Noise detection
Industrial camouflage
Motion detection
Fire suppression

Answer 18

Fire suppression

The fire triangle works on the principle that fire requires heat, oxygen, and fuel to ignite and burn. Removing any one of those elements provides fire suppression.

Question 19

2

A company runs certain applications within isolated cells according to employee job functions to minimize access to resources on the operating system. This type of virtualization is which of the following?

VPC
Container
Hypervisor
Intranet

Answer 19

Container

Containers decouple services and applications from a host operating system. Containers run within isolated cells and do not have their own kernel. They allow for continuous integration and continuous delivery.

Question 20

2

In which environment can multiple developers check out software code and include change management processes?

Production
Test
Development
Staging

Answer 20

Development

A development environment is where developers create a product. Developers check out code for editing or updating. Version control and change management occur in the development environment to track development.

Question 21

2

A test team performs an in-depth review of completed code and analyzes its compatibility with the environment it will be deployed to. Which of the following environments is the test occurring in?

Development
Test
Staging
Production

Answer 21

Staging

A staging environment mimics that of a production environment. It is used for dynamic analysis of an application in a complete but separate production-like environment.

Question 22

2

After software testing activities have been completed, a system administrator moves the .war file to an environment that allows end users to access the application. Which environment is the completed software being deployed to?

Test
Production
Staging
Development

Answer 22

Production

A production environment is where the final product is placed. All testing and development are complete at this point.

Question 23

2

An application requires continuity of operations within a 24 hour period due to the command and control capabilities it maintains. The failover site must be physically separated from the program office and be available within the required timeframe with live data. Which of the following redundancy solutions best meets the failover requirement?

Recovery time objective
Geographical dispersal
Failover clusters
Meantime between failure

Answer 23

Geographical dispersal

Geographical dispersal is a failover consideration that replicates data in hot and warm sites physically distanced from one another in the event of a catastrophe.

Question 24

2

An application processes and transmits sensitive data containing personally identifiable information (PII). The development team uses secure coding techniques such as encryption, obfuscation, and code signing. Which of the following is the development team concerned with?

Public data
Data exposure
Data execution
Data exfiltration

Answer 24

Data exposure

Sensitive data should be protected to prevent data exposure. Secure coding techniques such as encryption, code obfuscation, and signing can prevent data from being exposed and modified.

Question 25

2

A Department of Defense (DoD) application is migrating to the cloud using Amazon Web Services (AWS) as the cloud service provider. As part of the service level agreement (SLA) and DOD mandate, the application must remain within the United States of America. AWS offers the application East, Boston and West, Oregon data centers for operations and failover. Which of the following is AWS providing in accordance with the SLA and DoD mandate?

Geographical considerations
Continuity of operations
Vendor diversity
Regulatory framework

Answer 25

Geographical considerations

Amazon Web Services (AWS) is taking into account geographical considerations. The agreement mandates the system will stay within the United States.

Question 26

2

Devices deployed in a network and that send data to the local area network (LAN) level and process it with an Internet of things (IoT) sensor are which of the following?

Fog computing
On-premise computing
Cloud computing
Edge computing

Answer 26

Fog computing

Fog computing provides decentralized local access by deploying fog nodes throughout the network. Fog computing analyzes data on the network edge to avoid the need to transfer unnecessary data back to the LAN.

Question 27

2

A security administrator notices port scanning from an unknown entity on the company infrastructure. The administrator sets up a router to provide erroneous information to be provided in return to protect the system from breach or attack. What is the router providing in response to the scan?

DNS sinkhole
Honeyfile
HIDS
Fake telemetry

Answer 27

Fake telemetry

Fake telemetry is false, but realistic, data used to trick an attacker into believing it is legitimate information.

Question 28

2

A consumer uses a Samsung SmartThings coordinator to turn on lights in the home and start the dishwasher. Which communications protocol is the hub using?

Baseband
Bluetooth
Narrowband
Zigbee

Answer 28

Zigbee

Zigbee is a two-way wireless radio frequency communication between a sensor and a control system. It is an Institute of Electrical and Electronics Engineers (IEEE) 802.15.4-based specification for communication protocols and is used for home automation.

Question 29

2

A lack of which of the following measures of disorder can leave a cryptosystem vulnerable and unable to encrypt data securely?

Integrity
Longevity
Nonce
Entropy

Answer 29

Entropy

Entropy is a measure of cryptographic unpredictability. Using high entropy sources of data provides more security than using low sources. A lack of good entropy can leave a system vulnerable.

Question 30

2

A team lead oversees onboarding new system administrators in an IT company. Part of the process is explaining the complex IT infrastructure. Which of the following configuration management strategies would BEST help the team lead explain the infrastructure?

Diagrams
Master Image
Baseline configuration
Change management

Answer 30

Diagrams

The use of diagrams provides a visual representation of complex relationships between network topologies, workflows, internet protocols, and architecture within a system. Diagrams must be updated as system components change. Baseline configurations are documented and agreed-upon sets of specifications for information systems.