SY0-401 (v.4) 11
A company replaces a number of devices with a mobile appliance, combining several functions. Which of the following descriptions fits this new implementation? (Select TWO).
Cloud computing
Load balancing
Virtualization
Single point of failure
All-in-one device
A small business needs to incorporate fault tolerance into their infrastructure to increase data availability. Which of the following options would be the BEST solution at a minimal cost?
Clustering
Mirrored server
RAID
Tape backup
Which of the following may significantly reduce data loss if multiple drives fail at the same time?
Virtualization
RAID
Load balancing
Server clustering
Which of the following provides data the best fault tolerance at the LOWEST cost?
Load balancing
Clustering
Server virtualization
RAID 6
Which of the following provides the LEAST availability?
RAID 0
RAID 1
RAID 3
RAID 5
Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program?
RAID
Clustering
Redundancy
Virtualization
Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?
Warm site
Load balancing
Clustering
RAID
Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?
Clustering
RAID
Backup Redundancy
Cold site
Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?
Clustering
RAID
Load balancing
Virtualization
Which of the following technologies uses multiple devices to share work?
Switching
Load balancing
RAID
VPN concentrator
Which of the following provides the BEST application availability and is easily expanded as demand grows?
Server virtualization
Load balancing
Active-Passive Cluster
RAID 6
Which of the following can be utilized in order to provide temporary IT support during a disaster, where the organization sets aside funds for contingencies, but does not necessarily have a dedicated site to restore those services?
Hot site
Warm site
Cold site
Mobile site
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?
Confidentiality
Availability
Succession planning
Integrity
Which of the following disaster recovery strategies has the highest cost and shortest recovery time?
Warm site
Hot site
Cold site
Co-location site
A company wants to ensure that its hot site is prepared and functioning. Which of the following would be the BEST process to verify the backup datacenter is prepared for such a scenario?
Site visit to the backup data center
Disaster recovery plan review
Disaster recovery exercise
Restore from backup
The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly restored, in case of a catastrophic failure of the primary datacenter’s HVAC. Which of the following can be implemented?
Cold site
Load balancing
Warm site
Hot site
Which of the following is the BEST concept to maintain required but non-critical server availability?
SaaS site
Cold site
Hot site
Warm site
After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Joe’s desktop remain encrypted when moved to external media or other network based storage?
Whole disk encryption
Removable disk encryption
Database record level encryption
File level encryption
Customers’ credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?
Application firewalls
Manual updates
Firmware version control
Encrypted TCP wrappers
Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?
Hashing
Screen locks
Device password
Encryption
An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store?
Use encryption for the credential fields and hash the credit card field
Encrypt the username and hash the password
Hash the credential fields and use encryption for the credit card field
Hash both the credential fields and the credit card field
A system administrator has been instructed by the head of security to protect their data at-rest. Which of the following would provide the strongest protection?
Prohibiting removable media
Incorporating a full-disk encryption system
Biometric controls on data center entry points
A host-based intrusion detection system
Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information?
Employ encryption on all outbound emails containing confidential information.
Employ exact data matching and prevent inbound emails with Data Loss Prevention.
Employ hashing on all outbound emails containing confidential information.
Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.
After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data. Which of the following controls support this goal?
Contingency planning
Encryption and stronger access control
Hashing and non-repudiation
Redundancy and fault tolerance
A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect’s emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered. Which of the following is occurring?
The user is encrypting the data in the outgoing messages.
The user is using steganography.
The user is spamming to obfuscate the activity.
The user is using hashing to embed data in the emails.
A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?
Social engineering
Steganography
Hashing
Digital signatures
Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?
Hashing
Stream ciphers
Steganography
Block ciphers
A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as:
Symmetric cryptography.
Private key cryptography.
Salting.
Rainbow tables.
Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?
Hashing
Key escrow
Non-repudiation
Steganography
The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware?
TwoFish
SHA-512
Fuzzy hashes
HMAC
An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-topeer network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the following steps is MOST important?
A full scan must be run on the network after the DAT file is installed.
The signatures must have a hash value equal to what is displayed on the vendor site.
The definition file must be updated within seven days.
All users must be logged off of the network prior to the installation of the definition file.
Which of the following would a security administrator use to verify the integrity of a file?
Time stamp
MAC times
File descriptor
Hash
Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days’ hashes. Which of the following security concepts is Sara using?
Confidentiality
Compliance
Integrity
Availability
Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint?
SHA1
MD2
MD4
MD5
Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?
Steganography
Hashing
Encryption
Digital Signatures
{"name":"SY0-401 (v.4) 11", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"A company replaces a number of devices with a mobile appliance, combining several functions. Which of the following descriptions fits this new implementation? (Select TWO)., A small business needs to incorporate fault tolerance into their infrastructure to increase data availability. Which of the following options would be the BEST solution at a minimal cost?, Which of the following may significantly reduce data loss if multiple drives fail at the same time?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}