Sec+ Objective 3 Test Questions

Question 1

A city is building an ambulance service network for emergency medical dispatching. Which of the following should have the highest priority?

❍ A. Integration costs
❍ B. Patch availability
❍ C. System availability
❍ D. Power usage

Answer 1

C. System availability

Requests to emergency services are often critical in nature, and it’s important for a dispatching system to always be available when a call is made. (3.1)

Question 2

Which of the following considerations are MOST commonly associated with a hybrid cloud model?

❍ A. Microservice outages
❍ B. IoT support
❍ C. Network protection mismatches
❍ D. Containerization backups

Answer 2

C. Network protection mismatches

A hybrid cloud includes more than one private or public cloud. This adds additional complexity to the overall infrastructure, and it’s common to inadvertently apply different authentication options and user permissions across multiple cloud providers. (3.1)

Question 3

A company is installing a new application in a public cloud. Which of the following determines the assignment of data security in this cloud infrastructure?

❍ A. Playbook
❍ B. Audit committee
❍ C. Responsibility matrix
❍ D. Right-to-audit clause

Answer 3

C. Responsibility matrix

A cloud responsibility matrix is usually published by the provider to document the responsibilities for all cloud-based services. For example, the customer responsibilities for an IaaS (Infrastructure as a Service) implementation will be different than SaaS (Software as a Service). (3.1)

Question 4

A company would like to securely deploy applications without the overhead of installing a virtual machine for each system. Which of the following would be the BEST way to deploy these applications?

❍ A. Containerization
❍ B. IoT
❍ C. Proxy
❍ D. RTOS

Answer 4

A. Containerization

Application containerization uses a single virtual machine to use as a foundation for separate application “containers.” These containers are implemented as isolated instances, and an application in one container is not inherently accessible from other containers on the system. (3.1)

Question 5

What is containerization?

Answer 5

Having multiple applications running simultaneously all on one single piece of hardware and one single OS, as opposed to virtualization, where a separate OS is spun up on one VM to run one application.

Question 6

Which of the following would be the BEST option for application testing in an environment completely separated from the production network?

❍ A. Virtualization
❍ B. VLANs
❍ C. Cloud computing
❍ D. Air gap

Answer 6

D. Air gap

An air gapped network removes all connectivity between components and ensures there would be no possible communication path between the test network and the production network. (3.1)

Question 7

A company owns a time clock appliance, but the time clock doesn’t provide any access to the operating system and it doesn’t provide a method to upgrade the firmware. Which of the following describes this appliance?

❍ A. End-of-life
❍ B. ICS
❍ C. SDN
❍ D. Embedded system

Answer 7

D. Embedded system

An embedded system often does not provide access to the OS and may not provide a method of upgrading the system firmware. (3.1)

Question 8

A technology company is manufacturing a military-grade radar tracking system designed to identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?

❍ A. RTOS
❍ B. IoT
❍ C. ICS
❍ D. SDN

Answer 8

A. RTOS

This tracking system requires an RTOS (Real-Time Operating System) to instantly react to input without any significant delays or queuing in the operating system. Operating systems used by the military, automobile manufacturers, and industrial equipment companies often use RTOS to process certain transactions without any significant delays. (3.1)

Question 9

What is RTOS?

Answer 9

Real-Time Operating System. An operating system with a deterministic processing schedule. Can take a single process on it and suddenly grab all of the resources of the system and have that process take priority. Found in cars and military equipment. Extremely sensitive to security issues, but difficult to break in.

Question 10

Which of the following BEST describes a responsibility matrix?

❍ A. A visual summary of cloud provider accountability
❍ B. Identification of tasks at each step of a project plan
❍ C. A list of cybersecurity requirements based on the identified risks
❍ D. Ongoing group discussions regarding cybersecurity

Answer 10

A. A visual summary of cloud provider accountability

A cloud provider commonly creates a responsibility matrix to document the service coverage between the cloud provider and the customer. For example, a cloud responsibility matrix may show the cloud provider responsible for network controls and the customer responsible for all stored data. (3.1)

Question 11

A company runs two separate applications in their data center. The security administrator has been tasked with preventing all communication between these applications. Which of the following would be the BEST way to implement this security requirement?

❍ A. Firewall
❍ B. SDN
❍ C. Air gap
❍ D. VLANs

Answer 11

C. Air gap

An air gap is a physical separation between networks. Air gapped networks are commonly used to separate networks that must never communicate to each other. (3.1)

Question 12

A client using an API to access an application function is an example of what?

A) Hashing
B) Secure enclave
C) Microservices
D) False negative

Answer 12

C) Microservices

Microservices: Instead of having one big application running all of the functions of the application simultaneously, you can have different aspects of the application run on and be supplied by different services still accessible from one client through an API gateway. The API gateway is the glue that makes all the services run when they’re needed. Security for each microservice can be provided individually, instead of security for one big application. (3.1)

Question 13

An administrator is configuring the security rules in a firewall. Which of the following SDN plane would be most associated with this task?

A) Data
B) Active
C) Control
D) Infrastructure
E) Management

Answer 13

E) Management

Management plane: Also called the Application Layer. Where we as Network admins physically configure and manage all of these network devices. (3.1)

SDN: Software Defined Networking. Networking architecture is defined by how the networking devices operate on their planes of operation, and organized accordingly.
The three planes of operation for software defined networking are the data, control, and management planes.

Question 14

What is the primary characteristic of an on-premises architecture model for hosting servers and data?

A) Reliance on third-party cloud providers
B) Geographic distribution of resources
C) Hosting servers and data within physical facilities
D) Use of serverless computing

Answer 14

C) Hosting servers and data within physical facilities

Benefits of On-Premises Security: Everything is local and on you to secure, giving you the freedom and control to protect things exactly how you want it, but it costs more to maintain (being a Tech Director). (3.1)

Question 15

A security technician is responsible for designing the network infrastructure of a critical government agency. They need to ensure that certain sensitive systems are physically isolated from the rest of the network to prevent unauthorized access. Which network design technique should the security technician implement to achieve physical isolation of sensitive systems?

A) Logical segmentation
B) SDN
C) Virtualization
D) Air-gapped

Answer 15

D) Air-gapped

Air Gap: Means the devices are physically separate. If an attacker gained access to switch A, they would have no way to access switch B. (3.1)

Question 16

Several steps can be taken to harden SCADA and ICS systems. Which of the following is not such a step?

A) As much as possible rely on proprietary protocols to protect the network.
B) Establish clear policies and conduct training around the policies.
C) Test to identify and evaluate possible attack scenarios.
D) Remove or disable unnecessary services.
E) Identify all connections to SCADA networks.

Answer 16

A) As much as possible rely on proprietary protocols to protect the network.

SCADA: Supervisory Control and Data Acquisition System. Also known as ICS, Industrial Control Systems. Basically large scale industrial networking. Various building controls talking to one another through the network. Managed usually at one computer. (3.1)

Question 18

A network administrator would like each user to authenticate with their corporate username and password when connecting to the company’s wireless network. Which of the following should the network administrator configure on the wireless access points?

❍ A. WPA3
❍ B. 802.1X
❍ C. PSK
❍ D. MFA

Answer 18

B. 802.1X

802.1X uses a centralized authentication server, and this allows all users to use their corporate credentials during the login process. (3.2)

Question 19

Which of the following risk management strategies would include the purchase and installation of an NGFW?

❍ A. Transfer
❍ B. Mitigate
❍ C. Accept
❍ D. Avoid

Answer 19

B. Mitigate

Mitigation is a strategy that decreases the threat level. This is commonly done through the use of additional security systems and monitoring, such as an NGFW (Next Generation Firewall). (3.2)

Question 20

An organization needs to provide a remote access solution for a newly deployed cloud-based application. This application is designed to be used by mobile field service technicians. Which of the following would be the best option for this requirement?

❍ A. RTOS
❍ B. CRL
❍ C. Zero-trust
❍ D. SASE

Answer 20

D. SASE

A SASE (Secure Access Service Edge) solution is a next-generation VPN technology designed to optimize the process of secure communication to cloud services. (3.2)

Question 21

What is SASE?

Answer 21

Secure Access Service Edge. Basically the VPN for cloud services. The next generation VPN that allows us to communicate to web-based applications. Allows different clients (corporate offices, home users, and mobile users) to access cloud services as if it were communicating through a VPN.

Question 22

A technician at an MSP has been asked to manage devices on third-party private network. The technician needs command line access to internal routers, switches, and firewalls. Which of the following would provide the necessary access?

❍ A. HSM
❍ B. Jump server
❍ C. NAC
❍ D. Air gap

Answer 22

B. Jump server

A jump server is a highly secured device commonly used to access secure areas of another network. The technician would first connect to the jump server using SSH or a VPN tunnel, and then “jump” from the jump server to other devices on the inside of the protected network. This would allow technicians at an MSP (Managed Service Provider) to securely access devices on their customer’s private networks. (3.2)

Question 23

What is a jump server?

Answer 23

A server that’s on the inside of a private protected network that provides access to allowed clients on the outside trying to access that network.

Question 24

A security administrator has been asked to build a network link to secure all communication between two remote locations. Which of the following would be the best choice for this task?

❍ A. SCAP
❍ B. Screened subnet
❍ C. IPsec
❍ D. Network access control

Answer 24

C. IPsec

IPsec (Internet Protocol Security) is commonly used to create a VPN (Virtual Private Network) protected tunnel between devices or locations. (3.2)

Question 25

What is IPSec?

Answer 25

Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets.

Question 26

A security engineer is planning the installation of a new IPS. The network must remain operational if the IPS is turned off or disabled. Which of the following would describe this configuration?

❍ A. Containerization
❍ B. Load balancing
❍ C. Fail open
❍ D. Tunneling

Answer 26

C. Fail open

An IPS (Intrusion Prevention System) designed to fail open will maintain network connectivity during an outage or failure of the IPS. Even if the IPS was not actively preventing an intrusion, the network would still be up and running. (3.2)

Question 27

A company is installing a security appliance to protect the organization’s web-based applications from attacks such as SQL injections and unexpected input. Which of the following would BEST describe this appliance?

❍ A. WAF
❍ B. VPN concentrator
❍ C. UTM
❍ D. SASE

Answer 27

A. WAF

A WAF (Web Application Firewall) is designed as a firewall for web-based applications. WAFs are commonly used to protect against application attacks such as injections, cross-site scripting, and invalid input types. (3.2)

Question 28

What is a WAF?

Answer 28

Web Application Firewall. A firewall that applies rules to HTTP/HTTPS conversations. It allows or denies based on expected input, so, for example, it’s mainly looking specifically for things like SQL injections and similar attacks.

Question 29

Which of the following would be the main reasons why a system administrator would use a TPM when configuring full disk encryption? (Select TWO)

❍ A. Allows the encryption of multiple volumes
❍ B. Uses burned-in cryptographic keys
❍ C. Stores certificates in a hardware security module
❍ D. Maintains a copy of the CRL
❍ E. Includes built-in protections against brute-force attacks

Answer 29

B. Uses burned-in cryptographic keys
and
E. Includes built-in protections against brute-force attacks

A TPM (Trusted Platform Module) is part of a computer’s motherboard, and it’s specifically designed to assist and protect with cryptographic functions. Full disk encryption (FDE) can use the burned-in TPM keys to verify the local device hasn’t changed, and there are security features in the TPM to prevent brute-force or dictionary attacks against the full disk encryption login credentials. (3.2)

Question 30

What is TPM?

Answer 30

Trusted Platform Module. Cryptography hardware on a device. Contains a cryptographic processor, a random number generator, key generators, and both persistent memory with unique keys burned in during manufacturing, and versatile memory for storing all the keys you make with the hardware.

Question 31

A company is deploying a series of internal applications to different cloud providers. Which of the following connection types should be deployed for this configuration?

❍ A. Air-gapped
❍ B. 802.1X
❍ C. Site-to-site IPsec VPN
❍ D. Jump server
❍ E. SD-WAN

Answer 31

E. SD-WAN

An SD-WAN (Software Defined Networking in a Wide Area Network) network allows users to efficiently communicate directly to cloud-based applications. (3.2)

Question 32

What is SD-WAN

Answer 32

Software Defined Wide Area Network: A WAN built for the cloud. Instead of telling a WAN to connect to a centralized data center, we can tell it to access the data directly inside the cloud. No more accessing Data Centers, you can go directly to the cloud.

Question 33

A security administrator would like to monitor all outbound Internet connections for malicious software. Which of the following would provide this functionality?

❍ A. Jump server
❍ B. IPsec tunnel
❍ C. Forward proxy
❍ D. Load balancer

Answer 33

C. Forward proxy

A proxy server can be used to monitor incoming and outgoing network communication. Proxy servers can be used to identify malicious software, filter content, or increase performance through file caching. (3.2)

Question 34

What is a proxy server?

Answer 34

A type of security control that sits between one part of a network and another (or the internet), allowing or preventing certain traffic to traverse the network. Useful for caching information.

Question 35

During an initial network connection, a supplicant communicates to an authenticator, which then sends an authentication request to an Active Directory database. Which of the following would BEST describe this authentication technology?

❍ A. Federation
❍ B. UTM
❍ C. 802.1X
❍ D. PKI

Answer 35

C. 802.1X

IEEE 802.1X is a standard for port-based network access control (NAC). When 802.1X is enabled, devices connecting to the network do not gain access until they provide the correct authentication credentials. This 802.1X standard refers to the client as the supplicant, the switch is commonly configured as the authenticator, and the back-end authentication server is often a centralized user database. (3.2)

Question 36

You have been tasked to configure the VPN to preserve bandwidth. Which configuration would you choose?

A) Point-to-Point Tunneling
B) Secure Socket Tunneling
C) Full tunnel
D) Split tunnel

Answer 36

D) Split tunnel

In a split tunnel configuration, only traffic destined for the corporate network is sent through the Virtual Private Network (VPN) tunnel. All other traffic, such as internet browsing, goes directly to the internet without passing through the VPN tunnel. This configuration preserves bandwidth as it doesn’t route unnecessary traffic through the corporate VPN. The full tunnel configuration has all traffic sent to the VPN so it does not minimize traffic. Neither Point-to-Point Tunneling nor Secure Socket Tunneling are tunnel configurations, they are both protocols. (3.2)

Question 37

An MSP needs a secure method of connecting to the web servers of a remote client. Which of the following would be the BEST choice for this task?

A) Proxy server
B) SIEM
C) Jump server
D) IPS
E) HSM

Answer 37

C) Jump server

Jump Server: A server that’s on the inside of a private protected network that provides access to allowed clients on the outside trying to access that network. (3.2)

Question 38

A security administrator has identified all possible points of unauthorized entry on a newly built web server. Which of the following would describe this list?

A) Responsibility matrix
B) Platform diversity
C) Journaling
D) Input validation
E) Attack surface

Answer 38

E) Attack surface

Attack Surface: The combination of potential openings into your network. How does your network look? Are you aware of all of the ways into your network? (3.2)

Question 39

When power is removed from an inline IPS, all network traffic stops. Which of the following would describe this functionality?

A) High availability
B) Parallel processing
C) Load balancing
D) Cold site
E) Failed closed

Answer 39

E) Failed closed

Fail-Close: When a system fails, data stops flowing. (3.2)

Question 40

A security technician is responsible for implementing threat detection mechanisms in an ICS used for managing a city’s water treatment plant. Which threat detection mechanism is essential for monitoring and alerting on suspicious activities in an ICS environment such as a water treatment plant?

A) Email filtering
B) Antivirus software
C) IDS
D) MDM

Answer 40

C) IDS

IDS: Intrusion Detection System. Watches network traffic and only alerts if it finds traffic it doesn’t recognize. (3.2)

Question 41

Security protocols in a cloud data center are under review to guarantee the protection of the safety of the data center staff. Which of the following best illustrates the appropriate setup for these security controls?

A) External gate way access points should fail closed
B) Data access logs should fail open
C) Fire safety mechanisms should fail open
D) User authentication systems should fail closed

Answer 41

C) Fire safety mechanisms should fail open

Fail-Open: When a system fails, data continues to flow.
Fail-Close: When a system fails, data stops flowing. (3.2)

Question 42

Which of the answers listed below refers to a suite of protocols and technologies providing encryption, authentication, and data integrity for network traffic?

A) TLS
B) SSH
C) IPsec
D) VPN

Answer 42

C) IPsec

IPSec: Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets. (3.2)

Question 43

Which part of IPsec provides authentication, integrity, and confidentiality?

A) SPD
B) PFS
C) AH
D) ESP

Answer 43

D) ESP

IPSec: Internet Protocol Security. Provides authentication (AH, authentication header) and encryption (ESP, encapsulation security payload) for all layer 3 (IP) packets. (3.2)

Question 44

A system that uses public network (such as the Internet) as a means for creating private encrypted connections between remote locations is referred to as:

A) WWAN
B) VPN
C) PAN
D) VLAN

Answer 44

B) VPN

VPN: Virtual Private Network. Encrypted (private) data traversing a public network. Data meets and flows in and out of a VPN concentrator. (3.2)

Question 45

A company creates a standard set of government reports each calendar quarter. Which of the following would describe this type of data?

❍ A. Data in use
❍ B. Obfuscated
❍ C. Trade secrets
❍ D. Regulated

Answer 45

D. Regulated

Reports and information created for governmental use are regulated by laws regarding the disclosure of certain types of data. (3.3)

Question 46

A Linux administrator is downloading an updated version of her Linux distribution. The download site shows a link to the ISO and a SHA256 hash value. Which of these would describe the use of this hash value?

❍ A. Verifies that the file was not corrupted during the file transfer
❍ B. Provides a key for decrypting the ISO after download
❍ C. Authenticates the site as an official ISO distribution site
❍ D. Confirms that the file does not contain any malware

Answer 46

A. Verifies that the file was not corrupted during the file transfer

Once the file is downloaded, the administrator can calculate the file’s SHA256 hash and confirm that it matches the value on the website. (3.3)

Question 47

A company’s security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

❍ A. USB security key
❍ B. Biometric scanner
❍ C. PIN
❍ D. SMS

Answer 47

B. Biometric scanner

A biometric scanner would require a person to be physically present to verify the authentication. (3.3)

Question 48

A development team has installed a new application and database to a cloud service. After running a vulnerability scanner on the application instance, a security administrator finds the database is available for anyone to query without providing any authentication. Which of these vulnerabilities is MOST associated with this issue?

❍ A. Legacy software
❍ B. Open permissions
❍ C. Race condition
❍ D. Malicious update

Answer 48

B. Open permissions

Just like local systems, proper permissions and security controls are required when applications are installed to a cloud-based system. If permissions are not properly configured, the application data may be accessible by anyone on the Internet. (3.3)

Question 49

An organization’s content management system currently labels files and documents as “Public” and “Restricted.” On a recent update, a new classification type of “Private” was added. Which of the following would be the MOST likely reason for this addition?

❍ A. Minimized attack surface
❍ B. Simplified categorization
❍ C. Expanded privacy compliance
❍ D. Decreased search time

Answer 49

C. Expanded privacy compliance

The labeling of data as private is often associated with compliance and confidentiality concerns. (3.3)

Question 50

A security administrator is creating a policy to prevent the disclosure of credit card numbers in a customer support application. Users of the application would only be able to view the last four digits of a credit card number. Which of the following would provide this functionality?

❍ A. Hashing
❍ B. Tokenization
❍ C. Masking
❍ D. Salting

Answer 50

C. Masking

Data masking hides data from being viewed. The full credit card numbers are stored in a database, but only a limited view of this data is available when accessing the information from the application. (3.3)

Question 51

Which of the following can be used for credit card transactions from a mobile device without sending the actual credit card number across the network?

❍ A. Tokenization
❍ B. Hashing
❍ C. Steganography
❍ D. Masking

Answer 51

A. Tokenization

Tokenization replaces sensitive data with a non-sensitive placeholder. Tokenization is commonly used for NFC (Near-Field Communication) payment systems, and sends a single-use token across the network instead of the actual credit card information. (3.3)

Question 52

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

❍ A. Masking
❍ B. DLP
❍ C. Tokenization
❍ D. NGFW

Answer 52

C. Tokenization

Tokenization is a technique that replaces user data with a non-sensitive placeholder, or token. Tokenization is commonly used on mobile devices during a purchase to use a credit card without transmitting the physical credit card number across the network. (3.3)

Question 53

A company must comply with legal requirements for storing customer data in the same country as the customer’s mailing address. Which of the following would describe this requirement?

❍ A. Geographic dispersion
❍ B. Least privilege
❍ C. Data sovereignty
❍ D. Exfiltration

Answer 53

C. Data sovereignty

Data sovereignty laws can mandate how data is handled and stored. Data residing in a country is usually subject to the laws of that country, and compliance regulations may not allow the data to be moved outside of the country. (3.3)

Question 54

Which of the following describes the process of hiding data from others by embedding the data inside of a different media type?

❍ A. Hashing
❍ B. Obfuscation
❍ C. Encryption
❍ D. Masking

Answer 54

B. Obfuscation

Obfuscation is the process of taking something normally understandable and making it very difficult to understand or to be seen. One common obfuscation method used by steganography is to embed a document within an image file. (3.3)

Question 55

Which of the following is the process for replacing sensitive data with a non-sensitive and functional placeholder?

❍ A. Steganography
❍ B. Tokenization
❍ C. Retention
❍ D. Masking

Answer 55

B. Tokenization

Tokenization replaces sensitive data with a token, and this token can be used as a functional placeholder for the original data. Tokenization is commonly used with credit card processing and mobile devices. (3.3)

Question 56

A security administrator has installed a network-based DLP solution to determine if file transfers contain PII. Which of the following describes the data during the file transfer?

❍ A. In-use
❍ B. In-transit
❍ C. Highly available
❍ D. At-rest

Answer 56

B. In-transit

Data in-transit describes information actively moving across the network. As the information passes through switches and routers, it is considered to be in-transit. (3.3)

Question 57

A developer has created an application to store password information in a database. Which of the following BEST describes a way of protecting these credentials by adding random data to the password?

❍ A. Hashing
❍ B. Data masking
❍ C. Salting
❍ D. Asymmetric encryption

Answer 57

C. Salting

Passwords are often stored as hashes, but the hashes themselves are often subject to brute force or rainbow table attacks. It’s common to add some additional random data (a salt) to a password before the hashing process. This ensures that each password is truly random when stored, and it makes it more difficult for an attacker to discover all of the stored passwords. (3.3)

Question 58

Which technology would be utilized in this scenario?
Credit card numbers are being replaced with temporary values.

A) Salting
B) Tokenization
C) OCSP
D) False negative

Answer 58

B) Tokenization

Tokenization: Takes sensitive information such as a credit card number used in a purchase, and replaces it with a token number that is completely different when crossing the network. Only a one time use. Nothing is encrypted, but all the numbers are changed on the token. (3.3)

Question 59

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

❍ A. Platform diversity
❍ B. Continuity of operations
❍ C. Cold site recovery
❍ D. Tabletop exercise

Answer 59

B. Continuity of operations

It’s always useful to have an alternative set of processes to handle any type of outage or issue. Continuity of operations planning ensures that the business will continue to operate when these issues occur. (3.4)

Question 60

A company would like to minimize database corruption if power is lost to a server. Which of the following would be the BEST strategy to follow?

❍ A. Encryption
❍ B. Off-site backups
❍ C. Journaling
❍ D. Replication

Answer 60

C. Journaling

Journaling writes data to a temporary journal before writing the information to the database. If power is lost, the system can recover the last transaction from the journal when power is restored. (3.4)

Question 61

What is journaling?

Answer 61

If you’re making a backup, and the power goes out right in the middle of writing the backup, the data is probably corrupted. To avoid this, you can write a journal entry stored on the drive before the backup is initiated. Then, once it’s written, go ahead and make the backup. If the data gets corrupted, you have something to fall back on. Corruptions can be corrected if a hard drive gets corrupted data, but then looks at the journal for all of the corrections.

Question 62

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

❍ A. Capacity planning
❍ B. Business impact analysis
❍ C. Continuity of operations
❍ D. Tabletop exercise

Answer 62

D. Tabletop exercise

A tabletop exercise allows a disaster recovery team to evaluate and plan disaster recovery processes without performing a full-scale drill. (3.4)

Question 63

A company is using older operating systems for their web servers and are concerned of their stability during periods of high use. Which of the following should the company use to maximize the uptime and availability of this service?

❍ A. Cold site
❍ B. UPS
❍ C. Redundant routers
❍ D. Load balancer

Answer 63

D. Load balancer

A load balancer maintains a pool of servers and can distribute the load across those devices. If a device fails, the other servers will continue to operate and provide the necessary services. (3.4)

Question 64

A transportation company headquarters is located in an area with frequent power surges and outages. The security administrator is concerned about the potential for downtime and hardware failures. Which of the following would provide the most protection against these issues? Select TWO.

❍ A. UPS
❍ B. Parallel processing
❍ C. Snapshots
❍ D. Multi-cloud system
❍ E. Load balancing
❍ F. Generator

Answer 64

A. UPS
and
F. Generator

A UPS (Uninterruptible Power Supply) can provide backup power for a limited time when the main power source is unavailable, and a generator can maintain uptime as long as a fuel source is available. (3.4)

Question 65

An incident response team would like to validate their disaster recovery plans without making any changes to the infrastructure. Which of the following would be the best course of action?

❍ A. Tabletop exercise
❍ B. Hot site fail-over
❍ C. Simulation
❍ D. Penetration test

Answer 65

A. Tabletop exercise

A tabletop exercise is a walk-through exercise where the disaster recovery process can be discussed in a conference room without making any changes to the existing systems. (3.4)

Question 66

Which of these would be used to provide HA for a web-based database application?

❍ A. SIEM
❍ B. UPS
❍ C. DLP
❍ D. VPN concentrator

Answer 66

B. UPS

HA (High Availability) means the service should always be on and available. The only device on this list providing HA is the UPS (Uninterruptible Power Supply). If power is lost, the UPS will provide electricity using battery power or a gas-powered generator. (3.4)

Question 67

A transportation company maintains a scheduling application and a database in a virtualized cloud-based environment. Which of the following would be the BEST way to backup these services?

❍ A. Journaling
❍ B. Snapshot
❍ C. RTOS
❍ D. Containerization

Answer 67

B. Snapshot

Virtual machines (VMs) have a snapshot feature to capture both a full backup of the virtual system and incremental changes that occur over time. It’s common to take a snapshot of a VM for backup purposes or before making any significant changes to the VM. If the changes need to be rolled back, a previous snapshot can be selected and instantly applied to the VM. (3.4)

Question 68

A company is releasing a new product, and part of the release includes the installation of load balancers to the public web site. Which of the following would best describe this process?

❍ A. Platform diversity
❍ B. Capacity planning
❍ C. Multi-cloud systems
❍ D. Permission restrictions

Answer 68

B. Capacity planning

Capacity planning describes the process of matching the supply of a resource to the demand. In this example, the company is planning for an increased interest in their products and are increasing the overall capacity of their web server resources. (3.4)

Question 69

A large e-commerce platform wants to ensure uninterrupted service even during peak shopping seasons. Which approach should the security professional recommend to achieve high availability?

A) Load balancing
B) Hot site
C) Geographic spreading
D) Continuity of operations

Answer 69

A) Load balancing

Load Balancing: Load is distributed across multiple servers, but the servers are unaware of each other. Only the load balancer knows about all the servers. Servers can run different OSs. (3.4)

Question 70

A method used for improved redundancy is to put in place a server cluster. There a two kinds of server clusters symmetric and asymmetric clusters. Which of the following is true about asymmetrical clusters?

A) The standby server performs useful work in addition to supporting a failed server.
B) The standby server performs no useful work other than to be ready if it is needed.
C) The standby server launches a copy of the virtual machine the failed server.
D) Virtualization dramatically increases the number of server clusters that are needed for server redundancy.

Answer 70

B) The standby server performs no useful work other than to be ready if it is needed.

Server Clustering: Having multiple servers configured to all work together as one big server. Can be added or removed in real-time as needed. All run the same OS. All use the same shared storage. (3.4)