Practice Exam 11 Flashcards
(25 cards)
Which of the answers listed below refer to the concept of data isolation? (Select 2 answers)
Answer: DLP and EFS
Concept (Quick Explanation)
Data Isolation involves separating and protecting data to prevent unauthorized access or leakage.
Key Points
DLP (Data Loss Prevention): Monitors and controls sensitive data to prevent leakage or unauthorized sharing.
EFS (Encrypting File System): Encrypts files to protect data at rest, isolating it from unauthorized users.
Both help protect data confidentiality and integrity by controlling access and exposure.
Why the Answer is Correct
Both DLP and EFS enforce data isolation by restricting access and protecting data from unauthorized use or exposure.
Why It Matters
Data isolation is essential for safeguarding sensitive information, ensuring compliance, and reducing insider threats — all crucial in cybersecurity.
A type of firewall used for protecting a single computer is commonly referred to as: (Select 2 answers)
Answer: Host-based firewall and Personal firewall
Concept (Quick Explanation)
Firewalls that protect individual computers by controlling incoming and outgoing network traffic on that specific device.
Key Points
Host-based firewall: Installed and runs on a single host (computer/server).
Personal firewall: Designed specifically for end-user devices like laptops or desktops.
Both filter traffic to block unauthorized access and allow legitimate communication.
Provide localized protection distinct from network-level firewalls.
Why the Answer is Correct
Both terms refer to firewalls that operate on individual machines, not on network devices, making them the correct answers.
Why It Matters
Understanding the difference between host-based and network firewalls is critical for implementing layered security on devices and networks.
Which of the following provides active network security breach response on an individual computer system?
Answer: HIPS (Host-Based Intrusion Prevention System)
Concept (Quick Explanation)
HIPS is security software installed on an individual computer that actively monitors, detects, and prevents malicious activity or policy violations in real time.
Key Points
Operates on the host (individual system) level.
Combines intrusion detection and prevention capabilities.
Can block attacks like malware execution, unauthorized changes, or suspicious behavior.
Provides active protection by stopping threats before they cause harm.
Why the Answer is Correct
HIPS provides active breach response on the individual computer, not just network-wide monitoring, fitting the question’s requirement exactly.
Why It Matters
HIPS strengthens endpoint security by preventing attacks locally, reducing the risk of system compromise and spreading malware.
The process of securing networking devices should include the practice of disabling unused physical and logical ports.
Answer: True
Concept (Quick Explanation)
Disabling unused physical and logical ports on network devices reduces the attack surface by preventing unauthorized access points.
Key Points
Unused ports can be exploited by attackers to gain access.
Logical ports include protocols and services that might be unnecessary.
Helps enforce the principle of least privilege on network hardware.
Part of hardening network devices (routers, switches, firewalls).
Why the Answer is Correct
Disabling unused ports removes potential entry points for attackers, making this a fundamental security best practice.
Why It Matters
Securing network devices by closing unused ports reduces vulnerabilities and helps protect the overall network from intrusion.
The importance of changing default usernames and passwords can be illustrated on the example of certain network devices (such as routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.
Answer: True
Concept (Quick Explanation)
Default credentials on devices like routers are widely known and publicly available, making them easy targets for attackers.
Key Points
Many devices ship with default admin usernames and passwords.
Attackers can easily find these credentials online.
Leaving defaults unchanged allows unauthorized access and control.
Changing them is a basic but critical security step.
Why the Answer is Correct
Because default credentials are publicly known, not changing them leaves devices vulnerable to compromise.
Why It Matters
Changing default credentials helps prevent unauthorized access, securing devices and the entire network against common attacks.
A type of document outlining the shared responsibilities between a CSP and its customers for securing and managing data and resources is known as: (Select best answer)
Answer: Cloud responsibility matrix
Concept (Quick Explanation)
A Cloud Responsibility Matrix defines who (CSP or customer) is responsible for various security and management tasks in a cloud environment.
Key Points
Clarifies division of security duties between Cloud Service Provider (CSP) and customer.
Includes responsibilities like data protection, access control, patching, and compliance.
Helps avoid gaps or overlaps in security coverage.
Essential for understanding shared responsibility in cloud security.
Why the Answer is Correct
The Cloud Responsibility Matrix specifically outlines these shared roles, ensuring both parties know their obligations.
Why It Matters
Clear responsibility assignment prevents security gaps and helps both CSPs and customers maintain a secure cloud environment.
The term “Hybrid cloud” refers to a mixed computing environment that can include different cloud service models like public and private clouds, as well as on-premises infrastructure.
Answer: True
Concept (Quick Explanation)
A Hybrid Cloud combines multiple cloud environments—typically public clouds, private clouds, and on-premises infrastructure—into one integrated system.
Key Points
Mix of public cloud, private cloud, and on-premises resources.
Enables workload flexibility and optimized resource use.
Allows data and applications to move between environments.
Supports scalability, security, and compliance needs.
Why the Answer is Correct
Because hybrid cloud by definition involves combining different cloud and on-premises setups, the statement is true.
Why It Matters
Hybrid clouds offer businesses flexibility, cost efficiency, and better control over sensitive data and workloads.
Which of the terms listed below refers to a method for managing infrastructure resources through scripts and templates?
Answer: IaC (Infrastructure as Code)
Concept (Quick Explanation)
IaC is the practice of managing and provisioning infrastructure resources (servers, networks, storage) through automated scripts and templates instead of manual configuration.
Key Points
Uses code to define and deploy infrastructure.
Enables automation, consistency, and repeatability in setups.
Reduces human errors in configuration.
Common tools: Terraform, Ansible, CloudFormation.
Why the Answer is Correct
IaC specifically refers to managing infrastructure using code/scripts, matching the description perfectly.
Why It Matters
IaC speeds up deployment, improves infrastructure reliability, and supports DevOps and cloud automation practices.
A serverless architecture allows developers to create apps and services without having to manage the required infrastructure resources (such as servers, databases, and storage systems), which are handled by:
Answer: CSP (Cloud Service Provider)
Concept (Quick Explanation)
Serverless architecture lets developers build apps without managing infrastructure; the Cloud Service Provider (CSP) handles all backend resources like servers and databases.
Key Points
Developers focus on code, not infrastructure.
CSP automatically manages scaling, maintenance, and provisioning.
Often used with Functions-as-a-Service (FaaS).
Reduces operational overhead and speeds development.
Why the Answer is Correct
Because in serverless models, the CSP takes care of infrastructure management, freeing developers from those responsibilities.
Why It Matters
Serverless enables faster app deployment, reduces costs, and allows teams to focus on innovation instead of infrastructure.
In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.
Answer: True
Concept (Quick Explanation)
Microservices are independent, self-contained code components that each handle a specific function and work together to build a complete application.
Key Points
Each microservice focuses on a single business capability.
Can be developed, deployed, and scaled independently.
Communicate via APIs.
Improves modularity, flexibility, and fault isolation.
Why the Answer is Correct
Because microservices are designed to be independent, self-contained units that collectively form an application, the statement is true.
Why It Matters
Microservices enable agile development, easier maintenance, and scalable applications.
Which of the following provides isolation from external computer networks?
Answer: Air gap
Concept (Quick Explanation)
An Air Gap is a security measure where a computer or network is physically isolated from all external networks, including the internet.
Key Points
No direct or indirect connection to external systems.
Prevents remote access, hacking, and malware spread.
Used in highly sensitive environments (e.g., military, critical infrastructure).
Requires physical access for data transfer.
Why the Answer is Correct
Because an air gap literally isolates a system physically, it provides strong protection from external network threats.
Why It Matters
Air gaps significantly reduce the risk of cyberattacks and data breaches by eliminating network attack vectors.
Which of the answers listed below refers to a means for logical network segmentation?
Answer: VLAN (Virtual Local Area Network)
Concept (Quick Explanation)
A VLAN is a way to segment a physical network into multiple logical networks to isolate traffic and improve security and performance.
Key Points
Groups devices as if on the same LAN regardless of physical location.
Enhances network management and security.
Limits broadcast traffic within each VLAN.
Requires VLAN-capable switches and configuration.
Why the Answer is Correct
Because VLANs create logical (not physical) separation of networks, it fits the description of logical network segmentation.
Why It Matters
VLANs improve network security, reduce congestion, and enable flexible network design.
Which of the following answers refers to software technology designed to simplify network infrastructure management?
Answer: SDN (Software-Defined Networking)
Concept (Quick Explanation)
SDN is a technology that decouples the network control plane from the data plane, enabling centralized, software-based network management.
Key Points
Centralized control via software applications.
Simplifies network configuration and management.
Increases network flexibility and automation.
Enables dynamic adjustment of network resources.
Why the Answer is Correct
SDN specifically refers to using software to control and manage network infrastructure, making management simpler and more efficient.
Why It Matters
SDN improves agility, reduces manual errors, and supports modern, scalable network architectures.
Which of the answers listed below refers to the process of packaging an application and its dependencies into a single, self-contained unit, which can run across different computing environments?
Answer: Containerization
Concept (Quick Explanation)
Containerization packages an application and all its dependencies into a lightweight, portable container that runs consistently across different environments.
Key Points
Containers isolate apps from the underlying system.
Ensures consistent behavior from development to production.
More lightweight than virtual machines.
Widely used with Docker and Kubernetes.
Why the Answer is Correct
Because containerization bundles an app plus its dependencies into one self-contained unit that runs anywhere, it matches the definition perfectly.
Why It Matters
It enables easier deployment, scalability, and consistent performance across diverse computing environments.
Which of the following answers refers to a solution that allows multiple OSs to work simultaneously on the same hardware?
Answer: Virtualization
Concept (Quick Explanation)
Virtualization is the technology that allows multiple operating systems (OSs) to run simultaneously on the same physical hardware by creating virtual machines (VMs).
Key Points
Uses a hypervisor to manage multiple VMs.
Enables resource sharing and isolation.
Improves hardware utilization and flexibility.
Supports testing, development, and server consolidation.
Why the Answer is Correct
Because virtualization creates virtual instances of OSs running on one physical machine, it directly fits the description.
Why It Matters
Virtualization reduces costs, simplifies management, and enhances scalability and disaster recovery.
Which of the answers listed below refers to a network of interconnected devices equipped with sensors (such as wearable tech or home automation devices) that can interact with each other to perform various tasks and functions?
Answer: IoT (Internet of Things)
Concept (Quick Explanation)
IoT is a network of interconnected physical devices equipped with sensors and software, enabling them to collect, exchange, and act on data.
Key Points
Includes devices like wearables, smart home gadgets, and industrial sensors.
Enables automation and remote control.
Often connected via the internet or local networks.
Raises security and privacy concerns due to increased attack surface.
Why the Answer is Correct
Because IoT specifically describes interconnected devices with sensors interacting to perform tasks, it matches the question perfectly.
Why It Matters
IoT drives smart environments but requires strong security to prevent exploitation of connected devices.
Which of the following refers to a broad term that encompasses various control and automation systems used in industrial settings to control and monitor physical processes and machinery?
Answer: ICS (Industrial Control Systems)
Concept (Quick Explanation)
ICS refers to control and automation systems used in industrial environments to monitor and control physical processes and machinery.
Key Points
Includes SCADA, DCS, and PLC systems.
Used in manufacturing, energy, water treatment, and more.
Critical for operational technology (OT).
Security is vital due to impact on physical infrastructure.
Why the Answer is Correct
ICS is the umbrella term for systems that control industrial processes, matching the description in the question.
Why It Matters
Compromise of ICS can disrupt essential services and cause physical damage, making cybersecurity crucial.
Which of the answers listed below refers to a specific type of ICS?
Answer: SCADA (Supervisory Control and Data Acquisition)
Concept (Quick Explanation)
SCADA is a type of ICS used for real-time monitoring and control of industrial processes over large geographic areas.
Key Points
Collects data from remote sensors and devices.
Enables centralized control and monitoring.
Common in utilities like water, electricity, and gas.
Often involves human-machine interfaces (HMIs).
Why the Answer is Correct
SCADA is a specific subset of ICS focused on supervisory control and data acquisition, fitting the question exactly.
Why It Matters
SCADA systems are critical for infrastructure operation; security breaches can cause wide-scale disruptions.
Which of the following answers refers to an OS type characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems?
Answer: RTOS (Real-Time Operating System)
Concept (Quick Explanation)
RTOS is an operating system designed to process data and execute tasks with minimal and predictable delay, essential for time-critical applications.
Key Points
Ensures deterministic response times.
Used in systems like missile guidance, automotive brakes, medical devices.
Prioritizes task scheduling to meet strict deadlines.
Different from general-purpose OS which may have variable delays.
Why the Answer is Correct
Because RTOS is specifically designed for low-latency, time-sensitive task execution as described in the question.
Why It Matters
Failures or delays in RTOS can cause catastrophic results in critical systems where timing is crucial.
Which of the answers listed below refer(s) to embedded systems? (Select all that apply)
Answer: Often designed to operate in real-time or with low latency, Typically equipped with constrained computing resources and storage, Designed to perform a single task or a few closely related tasks within a larger system, and Often integrated with hardware components like sensors and actuators
Concept (Quick Explanation)
Embedded systems are specialized computing systems built to perform specific tasks, often with real-time or low-latency requirements.
Key Points
Designed for dedicated functions within larger systems.
Limited computing power and storage.
Often run in real-time or near real-time environments.
Integrated closely with hardware like sensors and actuators.
Why the Answer is Correct
All listed features accurately describe embedded systems’ typical design and operation.
Why It Matters
Embedded systems control critical functions in devices ranging from cars to medical equipment; their reliability and security are vital.
Which of the following terms can be used to describe a system designed to aim for minimized downtime and uninterrupted operation?
Answer: HA (High Availability)
Concept (Quick Explanation)
HA refers to systems designed to minimize downtime and ensure continuous, reliable operation.
Key Points
Focuses on fault tolerance and redundancy.
Often uses clustering, failover, and backup components.
Aims for maximum uptime (measured as a percentage, e.g., 99.99%).
Critical for business continuity and mission-critical applications.
Why the Answer is Correct
HA directly describes systems engineered to reduce downtime and provide uninterrupted service, matching the question.
Why It Matters
High availability ensures essential services stay online, preventing financial loss and damage to reputation.
Which of the answers listed below refers to a device failure mode in which maintaining service availability is prioritized over security?
Answer: Fail-open
Concept (Quick Explanation)
Fail-open is a failure mode where, if a device or system fails, it remains open or accessible to maintain service availability, even if it means reduced security.
Key Points
Prioritizes keeping service up and running.
Security controls may be bypassed or weakened during failure.
Common in systems where uptime is critical (e.g., fire alarms, some network devices).
Opposite of fail-closed, which prioritizes security over availability.
Why the Answer is Correct
Fail-open explicitly means “fail while staying open” to maintain availability, matching the question’s description.
Why It Matters
Understanding fail-open helps balance security and availability risks, crucial in designing resilient systems.
Which failure mode prioritizes security over availability, ensuring that no potentially malicious traffic can get through the device?
Answer: Fail=close
Concept (Quick Explanation)
Fail-closed is a failure mode where, if a device fails, it blocks all traffic to maintain security, even if it causes downtime.
Key Points
Prioritizes security over availability.
Device stops all operations during failure (e.g., firewall blocks traffic).
Prevents potentially malicious access.
Opposite of fail-open, which prioritizes availability.
Why the Answer is Correct
Fail-closed means the system “closes” or denies access on failure, ensuring no untrusted traffic passes, matching the question.
Why It Matters
Helps protect sensitive systems by preventing unauthorized access during failures, though it may cause service interruptions.
Which of the following answers refer to passive network monitoring techniques? (Select 2 answers)
Answer: Port mirroring and Network tap
Concept (Quick Explanation)
Passive network monitoring captures and analyzes network traffic without interfering or altering the data flow.
Key Points
Port mirroring: Duplicates traffic from one port to another for monitoring.
Network tap: Hardware device that copies traffic for analysis without affecting the network.
Both methods are non-intrusive and do not impact network performance.
Used for troubleshooting, performance analysis, and security monitoring.
Why the Answer is Correct
Port mirroring and network taps only observe traffic passively—they don’t interfere or block traffic, fitting the definition of passive monitoring.
Why It Matters
Passive monitoring helps detect issues and threats without risking disruption or alerting attackers.
