Domain 3, Quiz 2

Question 1

Which of the following is considered non-human-readable data?

a. Printed financial reports
b. Bar graph depicting quarterly profits
c. Encrypted email message
d. Organizational policy in PDF format

Answer 1

Encrypted email message

Encrypted email message is the correct answer because it is transformed into a format unreadable without decryption.

Question 2

An organization wants to ensure that its data cannot be accessed outside the United States due to regulatory requirements. Which method would be most appropriate?

a. Geographic restrictions
b. Hashing
c. Tokenization
d. Encryption

Answer 2

Geographic restrictions

Geographic restrictions are correct because they enforce limitations based on the user’s geographic location.

Question 3

In the context of data classifications, which type of data would likely include personal emails?

a. Restricted
b. Private
c. Public
d. Critical

Answer 3

Private

Private is the correct answer because it refers to personal data and is not meant for unauthorized viewing.

Question 4

Which term describes data actively being processed or used by applications?

a. Data segmentation
b. Data in use
c. Data at rest
d. Data in transit

Answer 4

Data in use

Data in use is the correct answer because it refers to data currently being processed or utilized.

Question 5

An organization is considering a backup solution where the backup data is immediately usable and can take over instantly in case of a primary system failure. Which site consideration is this?

a. Hot
b. Geographic dispersion
c. Cold
d. Warm

Answer 5

Hot

Hot is the correct answer because a hot site is ready for immediate activation with up-to-date data.

Question 6

A company is considering a backup strategy that involves creating point-in-time representations of data that can be used for faster recovery. What are they considering?

a. Snapshots
b. Journaling
c. Replication
d. Frequency

Answer 6

Snapshots

Snapshots are the correct answer because they capture the state of data at a specific point in time.

Question 7

Which of the following is crucial for ensuring an organization has the necessary resources to handle future growth and demands?

a. Backups
b. Power
c. Capacity planning
d. High availability

Answer 7

Capacity planning

Capacity planning is the correct answer because it involves assessing future resource needs based on growth forecasts and other factors.

Question 8

A company is moving its infrastructure to the cloud but wants to use AWS, Google Cloud, and Azure services for different operations. What approach is the company using?

a. Platform diversity
b. Multi-cloud systems
c. Load balancing
d. Geographic dispersion

Answer 8

Multi-cloud systems

Multi-cloud systems is the correct answer because it refers to using multiple cloud providers.

Question 9

What data classification would be most appropriate for a company’s press releases that get shared openly?

a. Confidential
b. Public
c. Sensitive
d. Restricted

Answer 9

Public

Public is the correct answer because it pertains to data intended for open dissemination.

Question 10

For a company wanting to ensure its application remains accessible even when several servers fail simultaneously, what concept should it focus on?

a. Tabletop exercises
b. Capacity planning
c. Continuity of operations
d. High availability

Answer 10

High availability

High availability is the correct answer because it is specifically about ensuring systems remain accessible despite failures.

Question 11

Which strategy involves segmenting a network into smaller parts to improve performance and security?

a. Obfuscation
b. Tokenization
c. Segmentation
d. Encryption

Answer 11

Segmentation

Segmentation is the correct answer because it divides a network into separate parts or segments.

Question 12

A company runs a sit-down test to determine how its staff responds to a hypothetical security breach by running a drill of the concept. What type of testing is the company employing?

a. Tabletop exercises
b. Failover
c. Parallel processing
d. Penetration Test

Answer 12

Tabletop exercises

Tabletop exercises are the correct answer because they involve discussions based on fictional scenarios to prepare for real-world events.

Question 13

In which data state is information most vulnerable to unauthorized interception while being transferred between systems?

a. Data in transit
b. Data at rest
c. Data in use
d. Data sovereignty

Answer 13

Data in transit

Data in transit is the correct answer because it refers to data moving between systems or networks, making it susceptible to interception.

Question 14

A company wants to hide the true nature of its data, making it hard for unauthorized individuals to understand, without changing the original data or using any keys. Which method would be most appropriate?

a. Hashing
b. Encryption
c. Tokenization
d. Obfuscation

Answer 14

Obfuscation

Obfuscation is the correct answer because it involves making the data or code more difficult to understand without altering its structure. For example, Base64 does not add to confidentiality.

Question 15

What is the primary goal of using Uninterruptible Power Supply (UPS) systems in data centers?

a. Load balancing
b. Providing short-term power during outages
c. Monitoring equipment health
d. Cooling the equipment

Answer 15

Providing short-term power during outages

Providing short-term power during outages is the correct answer because UPS systems deliver power for a limited duration during power interruptions.