Created by - Mary Smith
ComptiA Security+ Certification Exam Questions and answer - Part 22
Questions 1. An attacker discovers a new vulnerability in an enterprise application. The attacker takes advantage of the vulnerability by developing new malware. After installing the malware,the attacker is provided with access to the infected machine. Which of the following is being described?A) Zero-day exploitB) Remote code executionC) Session hijackingD) Command injection2. An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again,adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?A) Integer overflow attackB) Smurf attackC) Replay attackD) Buffer overflow attackE) Cross-site scripting attack3. An attacker wearing a building maintenance uniform approached a company's receptionist asking for access to a secure area. The receptionist asks for identification,a building access badge and checks the company's list approved maintenance personnel prior to granting physical access to the secure are. The controls used by the receptionist are in place to prevent which of the following types of attacks?A) TailgatingB) Shoulder surfingC) ImpersonationD) Hoax4. An attack that is using interference as its main attack to impede network traffic is which of the following?A) Introducing too much data to a targets memory allocationB) Utilizing a previously unknown security flaw against the targetC) Using a similar wireless configuration of a nearby networkD) Inundating a target system with SYN requests5. An audit found that an organization needs to implement job rotation to be compliant with regulatory requirements. To prevent unauthorized access to systems after an individual changes roles or departments,which of the following should the organization implement?A) Permission auditing and reviewB) Exit interviewsC) OffboardingD) Multifactor authentication Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: CExplanation: 3. Right Answer: CExplanation: 4. Right Answer: CExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
APICS Certified Supply Chain Professional CSCPPractice Questions 2023 - Part 33
Questions 1. Which of the following actions would be most appropriate for an enterprise that has successfully integrated internal supply chain management systems and functions?A) Focusing on reducing setup timesB) Implementing a firewall to limit access to supply and demand dataC) Working with key suppliers to reduce costs and lead timesD) Working with trading partners to reduce channel redundancies2. A corporation must consider which of the following factors when selecting its enterprise resources planning system?A) Uniqueness of operationsB) Corporate profitabilityC) MRP and MRP II processingD) Industry benchmarks3. The demand side of a traditional warehouse management system primarily is concerned with:A) receiving incoming goods.B) assigning storage locations.C) assembling outbound orders.D) forecasting product demand.4. Bar codes and radio frequency identification systems are key technologies in supply chain systems because they perform which of the following functions?A) Tracking truck locations on cross-country deliveriesB) Facilitating timely and accurate data acquisitionC) Providing paperless invoicing of goodsD) Producing schedule broadcasts for suppliers5. When implementing e-commerce in the supply chain, a company's toughest challenge most likely will be:A) getting all vendors to computerize.B) translating data into universal standards.C) convincing the information technology department of the value.D) explaining the reason for change to customers. Right Answer and Explanation: 1. Right Answer: CExplanation: 2. Right Answer: AExplanation: 3. Right Answer: CExplanation: 4. Right Answer: BExplanation: 5. Right Answer: BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Automating Data Center Solutions PracticeTest Questions 2023 - Part 3
Questions 1. Which two components are attributes of an ACI MIT managed object? (Choose two.)(Select 2answers)A) UNIB) MOC) RND) DN2. How should the Kubernetes manifests be modified to allow Kubernetes environment integration with Cisco ACI?A) The manifests must include ACI EPG referenceB) No change is needed to perform this actionC) The metadata section must contain the Cisco APIC management IPD) The manifest does not have to be changed, but the Kubernetes object is not discovered by Cisco ACI if this is not defined in the manifest3. What is a key characteristic of an ACI policy model?A) Logical and concrete domains are separated.B) All configuration is carried out against concrete entitiesC) It allows communications with newly connected devicesD) 4. What is the network bootstrap program used by Cisco NX-OS iPXE?A) Mini-OSB) iPXE-POAPC) NETBOOTD) NX-OS iPXE5. How is an ACI class name composed?A) :MethodB) ClassName:MethodC) Package:ClassNameD) Right Answer and Explanation: 1. Right Answer: C,DExplanation: 2. Right Answer: BExplanation: 3. Right Answer: AExplanation: 4. Right Answer: CExplanation: 5. Right Answer: CExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS ANS-C00 Certified Advanced Networking Practice Questions 2023 - Part 13
Questions 1. Your company is planning on setting up a VPN connection between a VPC hosted in AWS(Amazon Web Service) and their on premise data center. There is a need to ensure the VPN connection is highly available and at the same time to ensure cost is kept to a minimum. What would you do to ensure these requirements are kept?A) Create an additional Direct connect connectionB) Create 2 VPN connections for high availabilityC) Create an additional VPC peering connectionD) VPN connections are already high available2. You have a database that is running on a large instance type. From a monitoring perspective it seems that the packets are getting lost and the instance is not delivering requests as desired. Initially a test was done to check the capacity of the server. At that time, the database server was able to take on the load. What could be the issue at this point in time?A) The right AMI was not chosen for the underlying instanceB) The instance was using accumulated network credits during the testing phaseC) The instance is not using a VPN tunnel for communicationD) There are internal database errors which are causing the timeouts.3. Your company has the requirement to host a set of High performance computing nodes. These nodes will be used to process images and videos. Which of the following should be considered during the implementation process? Choose 2 answers from the options given below. Please select:A) Consider using C5 instancesB) Consider using C5 instancesC) Consider placing the instances in a placement group.D) Consider using Linux based AMls Your answer is partially correct.4. The company was setup application on EC2 Instance in a private subnet. In this case, it is used to handle videos. The deposit has been introduced enhanced networking. An instance is now to get videos from S3 bucket handling. LAM Role Instance has been determined to get to S3. But when the EC2 Instance try to use the S3 bucket, a 403 error is returned. What should be done in order to resolve the error?A) To ensure that the VPC endpoint is created and connected to the subnetB) Make sure that CIDR range 53 of the bucket added NaCl t subneC) NoneD) Ensure that the VPC endpoint is created and connected to the EC2 InstanceE) Make sure that CIDR range S3 bucket for added security groups EC2 Instance5. You have a lambda function, which is designed to probe the events EC2 Instance. After the probe is complete, the lambda function needs to send requests to an SQS queue. How can this be achieved? Choose two answers.(Select 2answers)A) To ensure that the lambda function information is added to the VPC configurationB) Make sure that IPv6 is enabled subnet hosting Lambda functionC) For example, the NAT creates a VPCD) To ensure that the assembly is placed on the VPC Lambda function Right Answer and Explanation: 1. Right Answer: DExplanation: 2. Right Answer: DExplanation: 3. Right Answer: AExplanation: 4. Right Answer: AExplanation: 5. Right Answer: C,DExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Cloud Practitioner Certification - Part 30
Questions 1. When is it beneficial for a company to use a Spot Instance?A) A. When there is flexibility in when an application needs to run. B) B. When there are mission-critical workloads.C) C. When dedicated capacity is needed.D) D. When an instance should not be stopped.2. A company is considering moving its on-premises data center to AWS. What factors should be included in doing a Total Cost of Ownership (TCO) analysis? (Choose two.)(Select 2answers)A) A. Amazon EC2 instance availability B) B. Power consumption of the data centerC) C. Labor costs to replace old serversD) D. Application developer timeE) E. Database engine capacity3. How does AWS charge for AWS Lambda?A) A. Users bid on the maximum price they are willing to pay per hour. B) B. Users choose a 1-, 3- or 5-year upfront payment term.C) C. Users pay for the required permanent storage on a file system or in a database.D) D. Users pay based on the number of requests and consumed compute resources.4. What function do security groups serve related to Amazon Elastic Compute Cloud (Amazon EC2) instance security?A) A. Act as a virtual firewall for the Amazon EC2 instance. B) B. Secure AWS user accounts with AWS Identity and Access Management (IAM) policies.C) C. Provide DDoS protection with AWS Shield.D) D. Use Amazon CloudFront to protect the Amazon EC2 instance.5. Which disaster recovery scenario offers the lowest probability of down time?A) A. Backup and restore B) B. Pilot lightC) C. Warm standbyD) D. Multi-site active-active Right Answer and Explanation: 1. Right Answer: AExplanation: The key to understanding spot instances is to look at the way that cloud service providers such as Amazon Web Services (AWS) operate. Cloud service providers invest in hardware resources and then release those resources (often on a per-hour basis) to subscribers. One of the problems with this business model, however, is that at any given time, there are likely to be compute resources that are not being utilized. These resources represent hardware capacity that AWS has paid for but are sitting idle, and not making AWS any money at the moment. Rather than allowing these computing resources to go to waste, AWS offers them at a substantially discounted rate, with the understanding that if someone needs those resources for running a normal EC2 instance, that instance will take priority over spot instances that are using the hardware resources at a discounted rate. In fact, spot instances will be stopped if the resources are needed elsewhere.https://awsinsider.net/articles/2017/09/25/aws-spot-instances-primer.aspx2. Right Answer: B,CExplanation: 3. Right Answer: DExplanation: AWS Lambda is charging its users by the number of requests for their functions and by the duration, which is the time the code needs to execute. When code starts running in response to an event, AWS Lambda counts a request. It will charge the total number of requests across all of the functions used. Duration is calculated by the time when your code started executing until it returns or until it is terminated, rounded up near to 100ms. The AWS Lambda pricing depends on the amount of memory that the user used to allocate to the function.https://dashbird.io/blog/aws-lambda-pricing-model-explained/4. Right Answer: AExplanation: AWS Security Groups act like a firewall for your Amazon EC2 instances controlling both inbound and outbound traffic. When you launch an instance on Amazon EC2, you need to assign it to a particular security group. After that, you can set up ports and protocols, which remain open for users and computers over the internet. AWS Security Groups are very flexible. You can use the default security group and still customize it according to your liking (although we don't recommend this practice because groups should be named according to their purpose.) Or you can create a security group that you want for your specific applications. To do this, you can write the corresponding code or use the Amazon EC2 console to make the process easier.https://www.threatstack.com/blog/aws-security-groups-what-they-are-and-how-to-get-the-most-outof-them5. Right Answer: DExplanation: Backup and Restore: a simple, straightforward, cost-effective method that backs up and restores data as needed. Keep in mind that because none of your data is on standby, this method, while cheap, can be quite time-consuming.Pilot Light: This method keeps critical applications and data at the ready so that it can be quickly retrieved if needed. Warm Standby: This method keeps a duplicate version of your business' core elements running on standby at all times, which makes for a little downtime and an almost seamless transition.Multi-Site Solution: Also known as a Hot Standby, this method fully replicates your company's data/ applications between two or more active locations and splits your traffic/usage between them. If a disaster strikes, everything is simply rerouted to the unaffected area, which means you'll suffer almost zero downtime. However, by running two separate environments simultaneously, you will obviously incur much higher costs.https://cloudranger.com/best-practices-aws-disaster-recovery-planning/ .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Security - Specialty - Part 33
Questions 1. A web application runs in a VPC on EC2 instances behind an ELB Application Load Balancer. The application stores data in an RDS MySQL DB instance. A Linux bastion host is used to apply schema updates to the database ' administrators connect to the host via SSH from a corporate workstation. The following security groups are applied to the infrastructure-sgLB ' associated with the ELBsgWeb ' associated with the EC2 instances.sgDB ' associated with the databasesgBastion ' associated with the bastion host Which security group configuration will allow the application to be secure and functional?A) sgLB :allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb :allow port 80 and 443 traffic from 0.0.0.0/0 sgDB :allow port 3306 traffic from sgWeb and sgBastion sgBastion: allow port 22 traffic from the corporate IP address range (Incorrect)B) sgLB :allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb :allow port 80 and 443 traffic from sgLB sgDB :allow port 3306 traffic from sgWeb and sgBastion sgBastion: allow port 22 traffic from the corporate IP address rangeC) sgLB :allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb :allow port 80 and 443 traffic from sgLB sgDB :allow port 3306 traffic from sgWeb and sgBastion sgBastion: allow port 22 traffic from the VPC IP address rangeD) sgLB :allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb :allow port 80 and 443 traffic from sgLB sgDB :allow port 3306 traffic from sgWeb and sgLB sgBastion: allow port 22 traffic from the VPC IP address range2. A company wishes to enable Single Sign On (SSO) so its employees can login to the management console using their corporate directory identity. Which steps below are required as part of the process? Select 2 answers from the options given below.(Select 2answers)A) Create a Lambda function to assign IAM roles to the temporary security tokens provided to the users.B) Create a Direct Connect connection between the corporate network and the AWS(Amazon Web Service) region with the company's infrastructure.C) Create IAM policies that can be mapped to group memberships in the corporate directory.D) Create an IAM role that establishes a trust relationship between IAM and the corporate directory identity provider (IdP)E) Create IAM users that can be mapped to the employees' corporate identities (Incorrect)3. A large organization is planning on AWS(Amazon Web Service) to host their resources. They have a number of autonomous departments that wish to use AWS. What could be the strategy to adopt for managing the accounts. Please select:A) Use multiple VPC?s in the account each VPC for each departmentB) Use multiple AWS(Amazon Web Service) accounts, each account for each departmentC) Use multiple lAM groups. each group for each departmentD) Use multiple lAM roles, each group for each department4. You have an S3 bucket hosted in AWS. This is used to host promotional videos uploaded by yourself. You need to provide access to users for a limited duration of time. How can this be achieved?A) Use IAM Roles with a timestamp to limit the accessB) Use IAM policies with a timestamp to limit the accessC) Use Pre signed URL?sD) Use versioning and enable a time starnp for each version5. An application running on EC2 instances in a VPC must access sensitive data in the data center. The access must be encrypted in transit and have consistent low latency. Which hybrid architecture will meet these requirements?A) A VPN between the VPC and the data center.B) Expose the data with a public HTTPS endpoint.C) A Direct Connect connection between the VPC and data center. (Incorrect)D) A VPN between the VPC and the data center over a Direct Connect connection Right Answer and Explanation: 1. Right Answer: BExplanation: The Load Balancer should accept traffic on ow port 80 and 443 traffic from 0.0.0.0/0 The backend EC2 Instances should accept traffic from the Load Balancer The database should allow traffic from the Web server And the Bastion host should only allow traffic from a specific corporate IP address range Option A is incorrect because the Web group should only allow traffic from the Load balancer Option B and C are incorrect because the bastion host should only traffic from a corporate IP address For more information on AWS(Amazon Web Service) Security Groups , please refer to below URL https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html2. Right Answer: B,DExplanation: Create a Direct Connect connection so that corporate users can access the AWS(Amazon Web Service) account. Option B is incorrect because IAM policies are not directly mapped to group memberships in the corporate directory. It is IAM roles which are mapped. Option C is incorrect because Lambda functions is an incorrect option to assign roles. Option D is incorrect because IAM users are not directly mapped to employees' corporate identities. For more information on Direct Connect , please refer to below URL https://aws.amazon.com/directconnect/ From the AWS(Amazon Web Service) Documentation , for federated access, you also need to ensure the right policy permissions are in place < href='https://s3.amazonaws.com/whizlabs-pub/AWS+Security+Specialty+Practice+Test+Images/Practice+Test+I/62.png' target='_blank'> For more information on SAML federation , please refer to below URL https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html3. Right Answer: AExplanation: 4. Right Answer: CExplanation: 5. Right Answer: DExplanation: Since this is required over a consistency low latency connection , you should use Direct Connect. For encryption , you can make use of a VPN Option A is invalid because exposing an HTTPS endpoint will not help all traffic to flow between a VPC and the data center. Option C is invalid because low latency is a key requirement Option D is invalid because only Direct Connect will not suffice For more information on the connection options please see the below link https://aws.amazon.com/answers/networking/aws-multiple-vpc-vpn-connection-sharing/ .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 113
Questions 1. Business Continuity Planning (BCP) is not defined as a preparation that facilitates:A) the rapid recovery of mission-critical business operationsB) the continuation of critical business functionsC) the monitoring of threat activity for adjustment of technical controlsD) the reduction of the impact of a disaster2. As described at security policy, the CSO implemented an e-mail package solution that allows for ensuring integrity of messages sent using SMIME. Which of the options below BEST describes how it implements the environment to suite policy�´s requirement?A) Implementing PGP and allowing for recipient to receive the private key used to sign e-mail message.B) Implementing RSA standard for messages envelope and instructing users to sign all messages using their private key from their PKI digital certificate.C) Implementing RSA standard for messages envelope and instructing users to sign all messages using their public key from their PKI digital certificate.D) Implementing MIME solutions and providing a footer within each message sent, referencing to policy constraints related to e-mail usage.3. How often should a Business Continuity Plan be reviewed?A) At least once a monthB) At least every six monthsC) At least once a yearD) At least Quarterly4. Which of the following attack involves slicing small amount of money from a computerize transaction or account?A) EavesdroppingB) Traffic AnalysisC) SalamiD) Masquerading5. Which of the following attack best describe 'Computer is the target of a crime' and 'Computer is the tool of a crime'?A) Denial of Service (DoS) and Installing Key loggersB) War Driving and War ChalkingC) Piggybacking and Race ConditionD) Traffic analysis and Eavesdropping Right Answer and Explanation: 1. Right Answer: CExplanation: The following answers are incorrect:All of the other choices are facilitated by a BCP:the continuation of critical business functionsthe rapid recovery of mission-critical business operationsthe reduction of the impact of a disaster2. Right Answer: BExplanation: RSA e-mail standers stands for SMIME envelope. Using tm's private key to sign messages, users will ensure recipients of message integrity by using sender�´s public key for hash decryption and content comparison.Exam candidates should be aware of e-mail solutions and technologies that addresses confidentiality, integrity and non-repudiation.The following answers are incorrect:Implementing PGP and allowing for recipient to receive the private key used to sign e-mail message.Implementing RSA standard for messages envelope and instructing users to sign all messages using their public key from the PKI digital certificate.Implementing MIME solutions and providing a footer within each message sent, referencing to policy constraints related to e-mail usage.The following reference(s) were/was used to create this question:CISA Review Manual 2010 - Chapter 5 - 5.4.5-Encryption - Digital Envelope3. Right Answer: CExplanation: As stated in SP 800-34 Rev. 1:To be effective, the plan must be maintained in a ready state that accurately reflects system requirements, procedures, organizational structure, and policies.During the Operation/Maintenance phase of the SDLC, information systems undergo frequent changes because of shifting business needs, technology upgrades, or new internal or external policies.As a general rule, the plan should be reviewed for accuracy and completeness at an organization-defined frequency (at least once a year for the purpose of the exam) or whenever significant changes occur to any element of the plan. Certain elements, such as contact lists, will require more frequent reviews.Remember, there could be two good answers as specified above. Either once a year or whenever significant changes occur to the plan. You will of course get only one of the two presented within your exam.Reference(s) used for this question:NIST SP 800-34 Revision 14. Right Answer: CExplanation: Salami slicing or Salami attack refers to a series of many small actions, often performed by clandestine means, that as an accumulated whole produces a much larger action or result that would be difficult or unlawful to perform all at once. The term is typically used pejoratively. Although salami slicing is often used to carry out illegal activities, it is only a strategy for gaining an advantage over time by accumulating it in small increments, so it can be used in perfectly legal ways as well.An example of salami slicing, also known as penny shaving, is the fraudulent practice of stealing money repeatedly in extremely small quantities, usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. It would be done by always rounding down, and putting the fractions of a cent into another account. The idea is to make the change small enough that any single transaction will go undetected.In information security, a salami attack is a series of minor attacks that together results in a larger attack. Computers are ideally suited to automating this type of attack.The following answers are incorrect:Eavesdropping - is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. This is commonly thought to be unethical and there is an old adage that 'eavesdroppers seldom hear anything good of themselves...eavesdroppers always try to listen to matters that concern them.'Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.Masquerading - A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack.Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process.The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cybercrime opportunities if they've gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.The following reference(s) were/was used to create this question: http://searchfinancialsecurity.techtarget.com/definition/eavesdropping http://en.wikipedia.org/wiki/Salami_slicing http://en.wikipedia.org/wiki/Eavesdropping http://en.wikipedia.org/wiki/Traffic_analysis http://www.techopedia.com/definition/4020/masquerade-attack5. Right Answer: AExplanation: In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. As clarification, DDoS (Distributed Denial of Service) attacks are sent by two or more persons, or bots. (See botnet) DoS (Denial of Service) attacks are sent by one person or system.Keystroke logging, often referred to as key logging or keyboard capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. It also has very legitimate uses in studies of human-computer interaction. There are numerous key logging methods, ranging from hardware and software-based approaches to acoustic analysis.There are four types of a computer crimes:1. Computer is the target of a crime '' Perpetrator uses another computer to launch an attack. In this attack the target is a specific identified computer. Ex. Denial of Service (DoS), hacking2. Computer is the Subject of a crime '' In this attack perpetrator uses computer to commit crime and the target is another computer. In this attack, target may or may not be defined. Perpetrator launches attack with no specific target in mind. Ex. Distributed DoS, Malware3. Computer is the tool of a crime '' Perpetrator uses computer to commit crime but the target is not a computer. Target is the data or information stored on a computer. Ex. Fraud, unauthorized access, phishing, installing key logger4. Computer Symbolizes Crime '' Perpetrator lures the user of a computer to get confidential information. Target is user of computer. Ex. Social engineering methods like Phishing, Fake website, Scam Mails, etcThe following answers are incorrect:Eavesdropping - is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. This is commonly thought to be unethical and there is an old adage that 'eavesdroppers seldom hear anything good of themselves...eavesdroppers always try to listen to matters that concern them.'Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.Masquerading - A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack.Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process.The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cybercrime opportunities if they've gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.The following reference(s) were/was used to create this question:CISA review Manual 2014. Page number 321http://en.wikipedia.org/wiki/Denial-of-service_attackhttp://en.wikipedia.org/wiki/Eavesdroppinghttp://en.wikipedia.org/wiki/Traffic_analysishttp://www.techopedia.com/definition/4020/masquerade-attack .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 369
Questions 1. In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?A) Daily data backup to tape and storage at a remote siteB) Real-time replication to a remote siteC) Hard disk mirroring to a local serverD) Real-time data backup to the local storage area network (SAN)2. Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)?A) Virtual tape librariesB) Disk-based snapshotsC) Continuous data backupD) Disk-to-tape backup3. What is the BEST backup strategy for a large database with data supporting online sales?A) Weekly full backup with daily incremental backupB) Daily full backupC) Clustered serversD) Mirrored hard disks4. During an audit, an IS auditor notes that an organization's business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include:A) the level of information security required when business recovery procedures are invoked.B) information security roles and responsibilities in the crisis management structure.C) information security resource requirements.D) change management procedures for information security that could affect business continuity arrangements.5. Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly?A) Backup time would steadily increaseB) Backup operational cost would significantly increaseC) Storage operational cost would significantly increaseD) Server recovery work may not meet the recovery time objective (RTO) Right Answer and Explanation: 1. Right Answer: BExplanation: With real-time replication to a remote site, data are updated simultaneously in two separate locations; therefore, a disaster in one site would not damage the information located in the remote site. This assumes that both sites were not affected by the disaster. Daily tape backup recovery could lose up to a day's work of data. Choices C and D take place in the same data center and could possibly be affected by the same disaster.2. Right Answer: CExplanation: The recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption. In this scenario the organization needs a short RPO. Virtual tape libraries, disk- based snapshots and disk-to-tape backup would require time to complete the backup, while continuous data backup happens online (in real time).3. Right Answer: AExplanation: Weekly full backup and daily incremental backup is the best backup strategy; it ensures the ability to recover the database and yet reduces the daily backup time requirements. A full backup normally requires a couple of hours, and therefore it can be impractical to conduct a full back up every day. Clustered servers provide a redundant processing capability, but are not a backup.Mirrored hard disks will not help in case of disaster.4. Right Answer: AExplanation: Business should consider whether information security levels required during recovery should be the same, lower or higher than when business is operating normally. In particular, any special rules for access to confidential data during a crisis need to be identified. The other choices do not directly address the information confidentiality issue.5. Right Answer: DExplanation: In case of a crash, recovering a server with an extensive amount of data could require a significant amount of time. If the recovery cannot meet the recovery time objective (RTO), there will be a discrepancy in IT strategies. It's important to ensure that server restoration can meet the RTO. Incremental backup would only take the backup of the daily differential, thus a steady increase in backup time is not always true. The backup and storage costs issues are not as significant as not meeting the RTO. .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISM—Certified Information Security Manager - Part 229
Questions 1. Which of the following is MOST important to evaluate after completing a risk action plan?A) Threat profileB) Inherent riskC) Residual riskD) Vulnerability landscape2. Which of the following would BEST enable an organization to effectively monitor the implementation of standardized configurations?A) Implement a separate change tracking system to record changes to configurations.B) Perform periodic audits to detect non-compliant configurations.C) Develop policies requiring use of the established benchmarks.D) Implement automated scanning against the stablished benchmarks.3. The PRIMARY benefit of integrating information security risk into enterprise risk management is to:A) ensure timely risk mitigation.B) justify the information security budget.C) obtain senior management's commitment.D) provide a holistic view of risk.4. Which of the following should be the information security manager'sNEXT step following senior management approval of the information security strategy?A) Develop a security policy.B) Develop a budget.C) Perform a gap analysis.D) Form a steering committee.5. Management is questioning the need for several items in the information security budget proposal.Which of the following would have been MOST helpful prior to budget submission?A) Benchmarking information security efforts of industry competitorsB) Obtaining better pricing from information security service vendorsC) Presenting a report of current threats to the organizationD) Educating management on information security best practices Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: DExplanation: 3. Right Answer: DExplanation: 4. Right Answer: AExplanation: 5. Right Answer: CExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Search
Popular categories
Latest blogs
CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Write a public review