Testout 2

Your page rank:

Total word count: 3804
Pages: 14

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

Which of the following are disadvantages to server virtualization?

A compromise of the host system might affect multiple servers.

Which of the following are disadvantages to server virtualization?

A failure in one hardware component could affect multiple servers.

You have configured a NDIS to monitor network traffic. Which of the following describes an attack that is not detected by the NIDS device?

False Negative

You have configured a NDIS to monitor network traffic. Which of the following describes a harmless traffic that has been identified as a potential attack attack by the NIDS device?

False Positive

Which of the following is not a valid response to a risk discovered during a risk analysis


What is the average number of times that a specific risk is likely to be realized?

Annualized Rate of Occurence

Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?

Residual Risk

When analyzing assets, which analysis method assigns financial values to assets?


Which of the following statements is true in regards to risk analysis?

Annualized Rate of Occurrence identifies how often in a single year the successful threat attack will occur. Don’t implement a countermeasure if the cost is greater than the loss.

When would choosing to do nothing about an identified risk be acceptable?

When the cost of protecting the asset s greater than the potential loss.

Which of the following is not an example of a service level agreement?

Security policy design.

Which of the following is defined as a contract which prescribes the technical support or business parametres that a provider will bestow onto its client?

Service level agreement

If an organization shows sufficient due car, which burden is eliminated in the event of a security breach?


HIPAA is a set of federal regulations that define security guidelines that enforce the protection of what


What is a service level agreement?

A guarantee of a specific level of service.

A Service Level Agreement defines the relationships between, and the contractual responsibilities of, providers and recipients of services. Which of the following characteristics are most important when designing an SLA?

Detailed provider responsibilities for all continuity and disaster recovery mechanisms. Clear and detailed descriptions of penalties if the level of service is not provided.

Which of the following policies specifically protects PII?


Which of the following is a policy that defines appropriate and inappropriate activities and usage for company resources, assets, and communications?

Acceptable Use Policy.

Which of the following defines an acceptable use agreement?

An agreement which identifies the employee’s rights to use company property such as Internet access and computer equipment for personal use.

Which of the following describes a false positive when using an IPS device?

Legitimate traffic being flagged as malicious.

What is the primary purpose of forcing employees to take mandatory one-week minimum vacations every year?

To check for evidence of fraud

You have conducted a risk analysis to protect a key company asset. You identify the following values:
Asset Value = 400
Exposure Factor = 75
Annualized Rate of Occurrence =.25
What is the Annualized Loss Expectancy?


When conducting a risk assessment, how is the Annualized Rate of Occurrence (ARO) calculated?

Through historical data provided by insurance companies and crime statistics.

When developing the totality of security policy documentation, what type of policy document will contain instructions or information on remaining in compliance with regulations and industry standard?


What is the primary means by which supervisors can determine whether or not employees are complying with the organizations security policy?


You plan to implement a new security device on your network. Which of the following outlines the process you should follow before implementing that device?

Change management.

Purchasing insurance is what type of response to risk?


Which of the following is NOT an advantage when using an internal auditor to examine security systems and relevant documentation.

Findings in the audit and subsequent summations are viewed as objectives.

You want to store your computer-generated audit longs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Create a hash of each log

What does hashing of log files provide?

Proof that the files have not been altered

After an intrusion has occurred and the intruder has been removed from the system which of the following is the best next step or action to take?

Back up all logs and audits regarding the incident.

If maintaining confidentiality is of the utmost importance to your organization, what is the best when an intruder is detected on your network?

Disconnect the intruder

Which of the following is an important aspect of evidence gathering?

Backing pu all log files and audit trails

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you preform first?

Document what’s on the screen

Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?


The immediate preservation of evidence is paramount when conducing a forensic analysis. Which of the following actions is most likely to destroy critical evidence?

Rebooting the system

When duplicating a drive for forensic investigative purposes, which of the following copying methods is mot appropriate?

Bit-Level Cloning

How can criminal investigator ensure the integrity of a removable media device found while collecting evidence?

Create a checksum using a hashing algorithm

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?

Make a bit-level copy of the disk.

Which of the following best defines Single Loss Expectancy?

The total monetary loss associated with a single occurence of a threat.

During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence?

Disconnect the access point from the network

You have discovered a computer that is connected to your network that is used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. What should you do next?

Perform a memory dump.

You have recently discovered that a network attack has compromised your database server. In the process, customer credit cards numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?

Contact your customers and let them know about the security breach.

Arrange the computer components listed on the left in order of decreasing volatility on the right.

CPU Registers and Caches > System RAM > Paging File > Hard Disk > File System Backup on an external USB drive

What common design feature amoung Instant Messaging clients make them more insecure than other means of communicating over the internet?`

Peer-to-Peer Networking

What type of attack is most likely to succeed against communications between Instant Messaging clients?


Instant Messaging does not provide which of the following?


When a new IT employee is hired by your organization, you need to clearly inform her of the log retention policy. This policy includes details about all but which of the following?

What limitation of legal punishment or fines is supported by the organization.

When informing an employee that they are being terminated, which is the most important activity?

Disabling their network access.

What is the most common failure of a security policy in an environment?

Lack of user awareness.

What is the most effective means of improving or enforcing Security in any environment?

User Awareness Training.

You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them through a local liquidator. Computers were previously not used for storing sensitive information. What should you do prior to getting rid of the computers?

Sanitize the hard drives.

Which of the following activities assigns a security level to different types of data?

Information classification.

You have a set of DVD-RW disks that have been used to archive files for your latest development project. You need to dispose of the discs. Which of the following methods should you use to best prevent extracting of data from the disks?


Which type of media preparation is sufficient for media that will be reused in a different security context within your organization?


A code of ethics provides all but which of the following?

Clearly defines courses of action to take when a complex issue is encountered.

Which of the following are typically associated with human resource security policies? (Select two)

Termination, Background Checks

Which of the following best describes the concept of due care or due diligence?

Reasonable precautions, based on industry best practices, are utilized and documented.

What is the best countermeasure to social engineering?


How can an organization help prevent social engineering attacks? (Select Two)

Educate employees on the risks and countermeasures. Publish and enforce clearly-written security policies.

Which of the following is not part of security awareness training?

Employee agreement documents.

Over the last month you have noticed a significant increase in the occurrence of inappropriate activities preformed by employees. What is the best first response to take in order to improve or maintain the security level of the environment?

Improve and hold new awareness sessions

AS you are helping a user with a computer problem you notice that she has written her passwords on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required:
Minimum password length=10
Minimum password age=4
Maximum password age=30
Password history=6
Require complex passwords that include numbers and symbols
Account lockout clipping level=3

Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?

Implement end-user training

You have installed anti-virus software at your business. Withing a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it.
What should you add to your security measures to prevent this from happening again?

User awareness training

In business continuity planning, what is the primary focus of the scope?

Business processes

What is the primary goal of continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources.

You walk by the server room and notice a fire has started. What should you do first?

Make sure everyone has cleared the area

Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?

Class C

Which of the following fire extinguisher suppressant types is best used for electrical fires what might result when working with computer components?

Carbon Dioxide (CO2)

Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two)

Halon, CO2

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this seems to be happening when the elevator is running.
What should you do?

Install shielded cables near the elevator

What is the recommended humidity levels of server rooms?


Components within your server room are failing at a rapid pace. you discover that the humidity in the server room is at 60% and the temperature is at 80 degrees.
What should you do to help reduce these problems?

Add a separate A/C unit to the server room.

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network.
Which of the following should you implement?

Positive pressure system.

Which of the following statements about ESD is not correct?

ESD is more likely to occur when the relative humidity is above 50%

Which of the following is the least effective power loss protection for computer systems?

Surge protector

What is the primary security feature that can be designed into a network’s infrastructure to protect and support availability?


Which form of alternate site is the cheapest but may not allow an organization to recover before reaching their maximum tolerable downtime?

Reciprocal agreement

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?


Which of the following drive configurations is fault tolerant?


You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose?

Hot site.

Daily backups are done at the ABD company location and only weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using?

Warm site

To prevent server downtime, which of the following components should be installed redundantly in a server system?

Power supply

Besides protecting a computer from under voltages, a typical UPS also preforms which two actions?

Conditions the power signal Protects from over voltages.

You manage a web site for your company. The web site uses three servers configured in a cluster. Incoming requests are distributed automagically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply.
Considering the availability of your website, which component represents a single point of failure?

Website storage.

You manage the website for your company. The Web1 server hosts the website. The server has the following configuration:
Dual Core processor
Dual Power Supplies
RAID 5 volume
One RAID controller
Two 1000 MBps network adapters.
Which component is a single point of failure for the website?

Disk controller

Which of the following disk configurations might sustain losing two disks?

Raid 1+0 Raid 0+1

You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID5?


What is an advantage of RAID5 over RAID1?

RAID5 improves performance over RAID1

You have a computer with three hard disks.
A RAID0 volume uses space on disks 1 and 2.
A RAID1 volume uses space on disks 2 and 3.
Disk 2 fails. Which of the following is true?

Data on the RAID1 volume is accessible, however RAID0 data is not.

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses RAID1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP.
You want to provide redundancy such that failure in one hardware component does not cause the website to become unavailable. Which should you add to your configuration to accomplish this?

Connect one server though a different ISP to the internet.

Even if you perform regular backups, what must be done to ensure that you are protected against data loss?

Regularly test restoration procedures

Why should backup media be stored office?

To prevent the same disaster from affecting both the network and the backup media.

A system failure has occurred. Which of the following restoration processes would result in the fastest restoration of all the data to its most current sate?

Restore the full backup and the last differential backup

Which of the following are backuped during an incremental backup?

Only files that have changed since the last full or incremental backup

Which of the following are backuped during a differential backup?

Only files that have changed since the last FULL backup

To increase your ability to recover from a disaster, where should you store backup tapes?

In a safety deposit box at a bank.

Which backup strategy backs up all files from a computer’s file system regardless of whether the file’s archive bit is set or not and marks them as having been backuped?


Which backup strategy backs up only files which have the archive bit set, but does not mark them as being backed up?


Your organization uses the following tape rotation strategy for its backup tapes:
The first set up tapes is used for daily backups.
At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape.
At the end of each month, one of the weekly backup tapes is promoted to be the monthly backup tape.
What kind of backup tape rotation strategy is being used?


The disaster recovery plan calls for having tape backups stored at a different location is inside a safety deposit box located at the local bank. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups?

Perform a full backup once a week with a differential backup as the other days of the week.

Which does an incremental backup do during the backup?

Backs up all files with the archive bit set; resets the archive bit.

What does a differential backup do during the backup?

Backs up all files with archive bit set, does not reset the archive bit.

Your network uses the following backup strategy:
Full backups every Sunday night
Incremental backups every Monday through Saturday night.
Thursday morning the storage system fails. How many restore operations would you need to recover to recover all of the data?


Your network uses the following backup strategy:
Full backups every Sunday night
Differential backups every Monday through Saturday night.
Thursday morning the storage system fails. How many restore operations would you need to recover to recover all of the data?


Your network performs a full backup every night. Each Sunday, the previous night’s backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?


When should a hardware device be replaced in order to minimized downtime?

Just before its MTBF is reached.

You have a Web Serer that hosts the public web site for your company. You want to make sure that the web sites will continue to be available. Even if a NIC, hard drive, or other problem prevents the server from responding.
Which solution should you implement?

Load balancing.

You manage a server that runs your company website. The web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for website content. Which solution should you implement?

Load balancing

If your mission critical services have a maximum tolerable downtime (MTD), or a recovery time objective (RTO), of 36 hours, what would be the optimum form of recovery site you would chose?


Which of the following is a recovery site that may have electricity connected, but there are no servers installed or high-speed data lines present?

Cold site.

A user copies files from her desktop computer to a USB flash drive and puts the drive into her pocket. Which of the following security goals is most at risk?


Smart phones with cameras and internet capabilities pose a risk to which security goal?


By definition, which security concept ensures that only authorized parties can access data?


Your computer system is a participant in an asymmetric cryptography system. you’ve crafted a message to be sent to another user. Before transmission, you hash the message, then encrypt the hash using your private key. you then attach this encrypted hash to your message as a digital signature before sending it to the other user.
In this example, what protection does the hashing activity provide?


When recovery is being performed due to disaster, which services stabilized first?

Mission critical

You are a database administrator and the first responder for database attacks. you have decided to test one part of your current Business Continuity Plan (BCP) with two other database professionals.
What type of BCP test is this considered?

Tabletop excercise

Your organization is entered into an Interoperability Agreement (IA) with another organization with another organization a year ago. As part of this agreement, a federated trust was established between your domain and the partnered domain.
The partnership has been in the ongoing operations phase for almost 9 months now. As a security administrators, which tasks should you complete during this phase? (Select Two)

Conduct Periodic Vulnerability Assessments. Verify compliance with the IA docs.

Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow users in their domain to access resources in your domain, and vice versa.
As a security administrator, which TWO tasks should you complete during this phrase.

Identified how the data will be shared. Identify how data ownership will be determined.

You are a network administrator over two windows-based sites. You have almost 2000 employees with workstations and 64 servers that need to be more secure. You have decided to implement a Data Loss Prevention (DLP) solution to detect and stop breaches of sensitive data.
You decide to implement e-mail and instant messaging communication controls so that messages that violate your organizations security policy are blocked at the workstation before being transmitted on the network.
Which DLP connection should you implement?

Endpoint DLP

What is the most important element related to evidence in addition to evidence itself?

Chain of custody document.

The chain of custody is used for what purposes?

Listing people coming into contact with evidence.

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of Custody.

Share This

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more


A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message