Security Plus - 2 - 202603
Authored by Dip Rawal
Computers
Professional Development
Used 3+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
90 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?
A. Segmentation
B. Isolation
C. Patching
D. Encryption
Answer explanation
Segmentation involves dividing a network into separate parts to control access. By using segmentation, the organization can store customer data in a secure area, preventing access from users on the main corporate network.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is the most common data loss path for an air-gapped network?
A. Bastion host
B. Unsecured Bluetooth
C. Unpatched OS
D. Removable devices
Answer explanation
Removable devices are the most common data loss path for air-gapped networks, as they can easily introduce malware or data leaks when connected to other systems, bypassing the isolation intended by air-gapping.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?
A. Impersonation
B. Disinformation
C. Watering-hole
D. Smishing
Answer explanation
This attack is known as a watering-hole attack, where malware is spread through a compromised website frequented by the target group, in this case, an industry blog visited by an employee.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?
A. Deploying a SASE solution to remote employees
B. Building a load-balanced VPN solution with redundant internet
C. Purchasing a low-cost SD-WAN solution for VPN trac
D. Using a cloud provider to create additional VPN concentrators
Answer explanation
A SASE solution integrates networking and security, reducing VPN traffic by enabling direct, secure access to cloud resources while monitoring remote employee internet traffic, thus addressing the organization's scaling issues.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is the best reason to complete an audit in a banking environment?
A. Regulatory requirement
B. Organizational change
C. Self-assessment requirement
D. Service-level requirement
Answer explanation
The best reason to complete an audit in a banking environment is due to regulatory requirements. Compliance with regulations ensures the bank operates within legal standards and maintains trust with customers and stakeholders.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?
A. Integrity
B. Availability
C. Condentiality
D. Non-repudiation
Answer explanation
The principle of least privilege ensures that only authorized personnel access sensitive HR files, protecting their confidentiality. This minimizes the risk of unauthorized disclosure of personal information.
7.
MULTIPLE SELECT QUESTION
30 sec • 1 pt
Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Choose two.)
E. The device's encryption level cannot meet organizational standards.
F. The device is unable to receive authorized updates.
A. The device has been moved from a production environment to a test environment.
B. The device is congured to use cleartext passwords.
C. The device is moved to an isolated segment on the enterprise network.
Answer explanation
Decommissioning is necessary when a device's encryption level fails to meet standards (E) and when it cannot receive authorized updates (F), as both pose significant security risks.
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
