1. You have a Windows computer running Oracle VM VirtualBox, which is running Kali Linux, CentOS, and...
Question:
1. You have a Windows computer running Oracle VM VirtualBox, which is running Kali Linux, CentOS, and Ubuntu. What type of virtualization are you using?
A. VM sprawl
B. Type II hypervisor
C. VM escape attack
D. Type I hypervisor
2. You have a computer running the VMware ESXi hypervisor, which is running Kali Linux, CentOS, and Ubuntu. What type of virtualization are you using?
A. Type I hypervisor
B. VM escape attack
C. VM sprawl
D. Type II hypervisor
3. This is technology used to view all the network traffic.
A. Infrastructure as code (IaC)
B. Software-defined visibility (SDV)
C. Microservices
D. Software-defined networking (SDN)
4. Your organization has created online access to hardware that is used to teach computer networks to computer science students in public high schools. Only teachers and students in the public high schools can access the hardware via the Internet using a web browser. What type of cloud model is this?
A. IaaS
B. PaaS
C. IaC
D. SaaS
5. This is a cloud that is shared by multiple organizations with a shared concern. What type of cloud model is this?
A. public cloud
B. community cloud
C. private cloud
D. hybrid cloud
6. _____ connect to an operating system on a remote server over a network. Data is stored on a server, rather than on a local computer.
A. Thin clients
B. Transit gateways
C. Containers
D. Software-defined networking (SDN)
7. _____ is a type of CSP that manages a customer’s IT operations.
A. Cloud service provider (CSP)
B. Virtual Private Cloud (VPC)
C. Managed service provider (MSP)
D. Managed security service provider (MSSP)
8. What is the software that runs the VMs?
A. Guest
B. Hypervisor
C. Host
D. IaaS
9. What shows the physical arrangement and location of computer equipment?
A. baseline configuration
B. diagrams
C. standard naming conventions
D. Internet protocol (IP) schema
10. Recently, the Board of Water Supply installed wireless residential water meters across town. A homeowner intercepted the wireless water meter’s signals at their home and changed the water usage number to 10 times less than what it really is. What do we call this?
A. data loss prevention (DLP)
B. honeypot
C. fake telemetry
D. DNS sinkhole
11. Which of the following is data in a storage device?
A. data-at-rest
B. data-in-transit
C. data loss prevention (DLP)
D. data-in-use
12. What is not an important practice in configuration management (CM)?
A. data sovereignty
B. baseline configuration
C. standard naming conventions
D. Internet protocol (IP) schema
13. When you get your credit card bill, and it only shows the last four digits of your credit card number, what is this called?
A. data masking
B. information rights management (IRM)
C. data loss prevention (DLP)
D. data sovereignty
14. What is an alternate location for operations, which includes the hardware and software, but not the data, needed to be operational within about a day?
A. Honeynets
B. Hot site
C. Warm site
D. Cold site
15. _____ is the policies and technologies that are used to prevent the unauthorized transfer of data outside an organization.
A. data masking
B. data loss prevention (DLP)
C. data sovereignty
D. information rights management (IRM)
16. What is NOT a constraint of embedded systems?
A. most users know about their vulnerabilities
B. have limited signal range
C. usually no MFA
D. difficult or impossible to patch
17. _____ is a low-cost, small, single-board computer. Originally designed for teaching computer science in schools and in developing countries, it is now often used in robotics and weather monitoring.
A. Arduino
B. Raspberry Pi
C. Field-programmable gate array (FPGA)
D. SCADA
18. Which of the following should always be separated from the Internet?
A. SoC
B. IoT
C. SCADA systems
D. Raspberry Pi
19. This is an integrated circuit (IC) that can be configured by a customer after manufacturing.
A. Field-programmable gate array (FPGA)
B. SCADA
C. Arduino
D. Raspberry Pi
20. What kind of sensor is useful for detecting a fire?
A. Motion detector
B. Temperature detector
C. Noise detector
D. Proximity reader
21. What is a device that prevents juice jacking?
A. USB data blocker
B. Bollard
C. Cipher locks
D. Drone
22. The NSA has a facility in the countryside, surrounded by a large field. What do we call this?
A. Air gap
B. Bollards
C. Industrial camouflage
D. Faraday cage
23. At the entrance to a hotel, there are bollards disguised as big planters made of cement and reinforced steel holding lots of pretty plants. What do we call this?
A. Industrial camouflage
B. Faraday cage
C. Fencing
D. Air gap
24. There is a tailgating incident at your organization. What is the BEST way to prevent this from happening again?
A. Lighting
B. Signs
C. Motion detectors
D. Security portal
25. The nuclear power plant where Homer works is run by a SCADA system. What is the BEST way to protect the SCADA system from the malware that Homer unknowingly downloads on his computer at work?
A. set up a vault
B. set up hot and cold aisles
C. set up an air gap
D. set up degaussing services
26. What can be used inside or outside a building to improve safety of employees?
A. Bollards
B. Signs
C. Faraday cages
D. Industrial camouflage
27. For this type of RAID, the exclusive or (XOR) operation is used to reconstruct data after one disk failure.
A. RAID 1: mirroring
B. RAID 1+0: striping with a mirror
C. RAID 0: striping
D. RAID 5: striping with distributed parity
28. This is when we undo recent changes to a configuration that caused errors or weakened security. We take the computer back to a previous configuration without changing the data.
A. revert to known state
B. persistence
C. rollback to last known good configuration
D. live boot media
29. This is a network that provides access to storage devices. It has block-level access to data storage.
A. hard disk drives (HDDs)
B. network-attached storage (NAS)
C. storage area network (SAN)
D. tape drives
30. _____ is the fact that data is subject to the laws of the country where it is stored.
A. Data sovereignty
B. Off-site backups
C. Network interface card (NIC) teaming
D. Uninterruptible power supply (UPS)
31. Some systems can function for an extended period of time with little downtime. Which of the following BEST describes this?
A. storage area network (SAN)
B. high availability (HA)
C. fault tolerance
D. redundant array of inexpensive disks (RAID)
32. _____ uses multiple disk drives for data storage to improve redundancy and performance. Which of the following BEST describes this?
A. RAID
B. High availability (HA)
C. Fault tolerance
D. Snapshot backup
33. This is the use of duplicated equipment to improve the availability of a system.
A. Redundancy
B. Confidentiality
C. Accounting
D. Integrity
34. Which type of backup has the slowest restore time?
A. Full backup
B. Differential backup
C. Archive bit
D. Incremental backup
35. A database backup schedule consists of weekly full backups performed on Saturday at 12:00 a.m. and daily incremental backups also performed at 12:00 a.m. If the database is restored on Tuesday afternoon, which of the following is the number of individual backups that would need to be applied to complete the database recovery?
A. 1
B. 3
C. 2
D. 4
36. Which type of backup has the fastest backup time?
A. Full backup
B. Differential backup
C. Incremental backup
D. Archive bit
37. This is a device that creates electricity for long-term power outages.
A. network interface card (NIC) teaming
B. uninterruptible power supply (UPS)
C. generator
D. managed power distribution units (PDUs)
38. What factor of authentication is based on your handwriting analysis, typing technique, or gestures on a touch screen?
A. Something you are
B. Something you have
C. Somewhere you are
D. Something you do
39. Sometimes authentication systems send _____ to an authentication application for MFA.
A. push notifications
B. static codes
C. fingerprints
D. smart cards
40. The _____ is the frequency that results are correct.
A. CER (Crossover Error Rate)
B. FAR (False Acceptance Rate)
C. efficacy rate
D. FRR (False Rejection Rate)
41. When you are logging into your bank account, it asks for your username, password, and a 4-digit PIN number. What type of authentication is being used?
A. something you have
B. something you are
C. single-factor
D. multi-factor
42. Your organization gives you a small electronic device that displays a number that keeps changing. This number is used as a one-time rolling password that you use to log into the network, along with your username and password. What kind of device do you have?
A. photo ID
B. smart card
C. static code
D. token key
43. After users log into a system, they can access files and applications on their account, but they cannot access the files and applications of other users. What is taking place?
A. identification
B. authentication
C. authorization
D. accounting
44. Sometimes authentication systems use _____ to send tokens for MFA.
A. smart cards
B. PIN
C. SMS
D. iris scanners
45. What is a way to add more randomness to executable code, so that the same application on different computers has different code?
A. Version control
B. SDK
C. OWASP
D. Software diversity
46. We need to do this when we check an application to see if there are any deviations from the baseline.
A. Deprovisioning
B. Integrity measurement
C. Staging
D. Provisioning
47. Your candy company wants to buy several servers to handle the increased traffic in candy sales approaching Halloween and other holidays. These servers will be idle between the holidays. What do we call this ability to handle growth as demand rises?
A. version control
B. elasticity
C. OWASP
D. scalability
48. Your organization wants to make sure that developers and operations personnel work together to develop and maintain some software. What do we call this way of creating code?
A. Secure DevOps
B. SIEM
C. Version control
D. QA team
49. What helps to deploy systems securely and keep systems in a secure state?
A. Automated courses of action
B. QA team
C. SIEM
D. Version control
50. This is the unauthorized transfer of data outside an organization.
A. Data exposure
B. Data exfiltration
C. Data breach
D. SDK
Microeconomics An Intuitive Approach with Calculus
ISBN: 978-0538453257
1st edition
Authors: Thomas Nechyba