SY0-401 (v.4) 10

Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition. Which of the following will address this requirement?

Set up mantraps to avoid tailgating of approved users.

Place a guard at the entrance to approve access.

Install a fingerprint scanner at the entrance.

Implement proximity readers to scan users’ badges.

A security administrator wants to deploy a physical security control to limit an individual’s access into a sensitive area. Which of the following should be implemented?

Guards

CCTV

Bollards

Spike strip

After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?

Fencing

Proximity readers

Video surveillance

Bollards

A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern?

Create conduct policies prohibiting sharing credentials.

Enforce a policy shortening the credential expiration timeframe.

Implement biometric readers on laptops and restricted areas.

Install security cameras in areas containing sensitive systems.

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Installing anti-malware

Implementing an IDS

Taking a baseline configuration

Disabling unnecessary services

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?

$500

$5,000

$25,000

$50,000

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

$1,500

$3,750

$15,000

$75,000

An advantage of virtualizing servers, databases, and office applications is:

Centralized management.

Providing greater resources to users.

Stronger access control.

Decentralized management.

Key elements of a business impact analysis should include which of the following tasks?

Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.

Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates.

Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management.

Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?

$7,000

$10,000

$17,500

$35,000

In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives?

Business Impact Analysis

IT Contingency Plan

Disaster Recovery Plan

Continuity of Operations

Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO).

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?

Succession plan

Disaster recovery plan

Continuity of operation plan

Business impact analysis

A network administrator has recently updated their network devices to ensure redundancy is in place so that:

Switches can redistribute routes across the network.

Environmental monitoring can be performed.

Single points of failure are removed.

Hot and cold aisles are functioning.

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO).

To allow load balancing for cloud support

To eliminate a single point of failure

To allow for business continuity if one provider goes out of business

To allow for a hot site in case of disaster

To improve intranet communication speeds

To eliminate a single point of failure

Which of the following utilities can be used in Linux to view a list of users’ failed authentication attempts?

Badlog

Faillog

Wronglog

Killlog

Which of the following risks could IT management be mitigating by removing an all-in-one device?

Continuity of operations

Input validation

Single point of failure

Single sign on

Which of the following risk concepts requires an organization to determine the number of failures per year?

SLE

ALE

MTBF

Quantitative analysis

Upper management decides which risk to mitigate based on cost. This is an example of:

Qualitative risk assessment

Business impact analysis

Risk management framework

Quantitative risk assessment

Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

Succession plan

Business impact document

Continuity of operations plan

Risk assessment plan

VA security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?

Systems should be restored within six hours and no later than two days after the incident.

Systems should be restored within two days and should remain operational for at least six hours.

Systems should be restored within six hours with a minimum of two days worth of data.

Ystems should be restored within two days with a minimum of six hours worth of data.

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete’s BEST option?

Use hardware already at an offsite location and configure it to be quickly utilized.

Move the servers and data to another part of the company’s main campus from the server room.

Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

Structured walkthrough

Full Interruption test

Checklist test

Tabletop exercise

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

Methods and templates to respond to press requests, institutional and regulatory reporting requirements.

Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.

Developed recovery strategies, test plans, post-test evaluation and update processes.

Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.

Methods to review and report on system logs, incident response, and incident handling.

After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?

Succession planning

Disaster recovery plan

Information security plan

Business impact analysis

Which of the following concepts defines the requirement for data availability?

Authentication to RADIUS

Non-repudiation of email messages

Disaster recovery planning

Encryption of email messages

Which of the following is the MOST specific plan for various problems that can arise within a system?

Business Continuity Plan

Disaster Recovery Plan

Continuity of Operation Plan

IT Contingency Plan

Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration?

A disk-based image of every computer as they are being replaced.

A plan that skips every other replaced computer to limit the area of affected users.

An offsite contingency server farm that can act as a warm site should any issues appear.

A back-out strategy planned out anticipating any unforeseen problems that may arise.

Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?

Business continuity planning

Continuity of operations

Business impact analysis

Succession planning

Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?

Succession planning

Disaster recovery

Separation of duty

Removing single loss expectancy

Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?

Fault tolerance

Succession planning

Business continuity testing

Recovery point objectives

A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?

High availability

Load balancing

Backout contingency plan

Clustering

A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?

Authentication

Integrity

Confidentiality

Availability

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?

Warm site implementation for the datacenter

Geographically disparate site redundant datacenter

Localized clustering of the datacenter

Cold site implementation for the datacenter

Unlock and Upgrade

Remove all limits from your Quizzes

SY0-401 (v.4) 10

More Quizzes