Created by - Mary Smith
AWS Certified Cloud Practitioner Certification - Part 37
Questions 1. Which mechanism allows developers to access AWS services from application code?A) A. AWS Software Development Kit B) B. AWS Management ConsoleC) C. AWS CodePipelineD) D. AWS Config2. Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours?A) A. On-Demand Instances B) B. Reserved InstancesC) C. Spot InstancesD) D. Dedicated Instances3. Which of the following services is a MySQL-compatible database that automatically grows storage as needed?A) A. Amazon Elastic Compute Cloud (Amazon EC2) B) B. Amazon Relational Database Service (Amazon RDS) for MySQLC) C. Amazon LightsailD) D. Amazon Aurora4. Which Amazon Virtual Private Cloud (Amazon VPC) feature enables users to connect two VPCs together?A) A. Amazon VPC endpoints B) B. Amazon Elastic Compute Cloud (Amazon EC2) ClassicLinkC) C. Amazon VPC peeringD) D. AWS Direct Connect5. Which service's PRIMARY purpose is software version control?A) A. Amazon CodeStar B) B. AWS Command Line Interface (AWS CLI)C) C. Amazon CognitoD) D. AWS CodeCommit Right Answer and Explanation: 1. Right Answer: AExplanation: https://aws.amazon.com/tools/2. Right Answer: AExplanation: With On-Demand instances, you pay for compute capacity by the hour or the second depending on which instances you run. No longer-term commitments or upfront payments are needed. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified per hourly rates for the instance you use.https://aws.amazon.com/ec2/pricing/3. Right Answer: DExplanation: Amazon Aurora is a relational database service that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. The MySQLcompatible edition of Aurora delivers up to 5X the throughput of standard MySQL running on the same hardware, and enables existing MySQL applications and tools to run without requiring modification. Amazon Aurora will automatically grow the size of your database volume as your database storage needs grow. Your volume will grow in increments of 10 GB up to a maximum of 64 TB. You don't need to provision excess storage for your database to handle future growth.https://aws.amazon.com/rds/aurora/mysql-features/4. Right Answer: CExplanation: A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your own VPCs, or with a VPC in another AWS account. The VPCs can be in different regions (also known as an interregion VPC peering connection). https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html5. Right Answer: DExplanation: AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud.https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Security - Specialty - Part 40
Questions 1. A company requires that data stored in AWS(Amazon Web Service) be encrypted at rest. Which of the following approaches achieve this requirement? Select 2 answers from the options given below.(Select 2answers)A) When storing data in S3, enable server-side encryption.B) When storing data in Amazon EBS, use only EBS - optimized Amazon EC2 instances.C) When storing data in Amazon S3, use object versioning and MFA Delete.D) When storing data in Amazon EC2 Instance Store, encrypt the volume by using KMS. (Incorrect)E) When storing data in EBS, encrypt the volume by using AWS(Amazon Web Service) KMS.2. A company has a set of resources defined in AWS. It is mandated that all API calls to the resources be monitored. Also all API calls must be stored for lookup purposes. Any log data greater than 6 months must be archived. Which of the following meets these requirements? Choose 2 answers from the options given below. Each answer forms part of the solution.(Select 2answers)A) Enable CloudTrail logging in all accounts into S3 bucketsB) Enable CloudTrail logging in all accounts into Amazon GlacierC) Ensure a lifecycle policy is defined on the S3 bucket to move the data to EBS volumes after 6 months.D) Ensure a lifecycle policy is defined on the S3 bucket to move the data to Amazon Glacier after 6 months.3. You have a bucket and a VPC defined in AWS. You need to ensure that the bucket can only be accessed by the VPC endpoint. How can you accomplish this? Please select:A) Modify the route tables to allow access for the VPC endpointB) Modify the bucket Policy for the bucket to allow access for the VPC endpointC) Modify the security groups for the VPC to allow access to the S3 bucketD) Modify the lAM Policy for the bucket to allow access for the VPC endpoint4. Company policy requires that all insecure server protocols, such as FTP, Telnet, HTTP, etc be disabled on all servers. The security team would like to regularly check all servers to ensure compliance with this requirement by using a scheduled CloudWatch event to trigger a review of the current infrastructure. What process will check compliance of the company's EC2 instances?A) Query the Trusted Advisor API for all best practice security checks and check for 'action recommened status.B) Enable a GuardDuty threat detection analysis targeting the port configuration on every EC2 instance. (Incorrect)C) Trigger an AWS(Amazon Web Service) Config Rules evaluation of the restricted-common-ports rule against every EC2 instance.D) Run an Amazon Inspector assessment using the Runtime Behavior Analysis rules package against every EC2 instance.5. Your company makes use of S3 buckets for storing data. There is a company policy that all services should have logging enabled. How can you ensure that logging is always enabled for created 53 buckets in the AWS(Amazon Web Service) Account?A) Use AWS(Amazon Web Service) Cloud watch metrics to check whether logging is enabled for bucketsB) Use AWS(Amazon Web Service) Cloud watch logs to check whether logging is enabled for bucketsC) Use AWS(Amazon Web Service) Inspector to inspect all S3 buckets and enable logging for those where it is not enabledD) Use AWS(Amazon Web Service) Configure Rules to check whether logging is enabled for buckets Right Answer and Explanation: 1. Right Answer: A,EExplanation: The AWS(Amazon Web Service) Documentation mentions the following To create an encrypted Amazon EBS volume, select the appropriate box in the Amazon EBS section of the Amazon EC2 console. You can use a custom customer master key (CMK) by choosing one from the list that appears below the encryption box. If you do not specify a custom CMK, Amazon EBS uses the AWS-managed CMK for Amazon EBS in your account. If there is no AWS-managed CMK for Amazon EBS in your account, Amazon EBS creates one. Data protection refers to protecting data while in-transit (as it travels to and from Amazon S3) and at rest (while it is stored on disks in Amazon S3 data centers). You can protect data in transit by using SSL or by using client-side encryption. You have the below options of protecting data at rest in Amazon S3. Use Server-Side Encryption ' You request Amazon S3 to encrypt your object before saving it on disks in its data centers and decrypt it when you download the objects. Use Client-Side Encryption ' You can encrypt data client-side and upload the encrypted data to Amazon S3. In this case, you manage the encryption process, the encryption keys, and related tools. Option A is invalid because using EBS'optimized Amazon EC2 instances alone will not guarantee protection of instances at rest. Option C is invalid because this will not encrypt data at rest for S3 objects. Option D is invalid because you don't store data in Instance store For more information on EBS encryption, please visit the below URL https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html For more information on S3 encryption, please visit the below URL https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html2. Right Answer: A,DExplanation: Cloudtrail publishes the trail of API logs to an S3 bucket Option B is invalid because you cannot put the logs into Glacier from CloudTrail Option C is invalid because lifecycle policies cannot be used to move data to EBS volumes For more information on Cloudtrail logging, please visit the below URL https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html You can then use Lifecycle policies to transfer data to Amazon Glacier after 6 months For more information on S3 lifecycle policies, please visit the below URL https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html3. Right Answer: BExplanation: 4. Right Answer: CExplanation: Option B is incorrect because querying Trusted Advisor API's are not possible Option C is incorrect because GuardDuty should be used to detect threats and not check the compliance of security protocols. Option D is incorrect because Amazon Inspector can be used to check for vulnerabilities only One of the Inbuilt AWS(Amazon Web Service) Config Rules is built specifically for this purpose For more information on AWS(Amazon Web Service) Config managed rules , please refer to below URL https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html5. Right Answer: DExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 120
Questions 1. Within IPSEC which of the following defines security parameters which should be applied between communicating parties such as encryption algorithms, key initialization vector, life span of keys, etc?A) Security Parameter Index (SPI)B) Security Association (SA)C) Encapsulation Security Payload (ESP)D) Authentication Header (AH)2. Which of the following statement correctly describes the difference between IPSec and SSH protocols?A) IPSec works at the transport layer where as SSH works at the network layer of an OSI ModelB) IPSec works at the network layer where as SSH works at the application layer of an OSI ModelC) IPSec works at the network layer and SSH works at the transport layer of an OSI ModelD) IPSec works at the transport layer and SSH works at the network layer of an OSI Model3. Which of the following protocol is developed jointly by VISA and Master Card to secure payment transactions among all parties involved in credit card transactions on behalf of cardholders and merchants?A) S/MIMEB) SSHC) SETD) S/HTTP4. An auditor needs to be aware of technical controls which are used to protect computer from malware. Which of the following technical control interrupts DoS andROM BIOS call and look for malware like action?A) ScannersB) Active MonitorsC) ImmunizerD) Behavior blocker5. Which are the two primary types of scanner used for protecting against Malware?Malware mask/signatures and Heuristic ScannerActive and passive Scanner -Behavioral Blockers and immunizer ScannerNone of the above -A) Malware mask/signatures and Heuristic ScannerB) Active and passive ScannerC) Behavioral Blockers and immunizer ScannerD) None of the above Right Answer and Explanation: 1. Right Answer: BExplanation: Security Association (SA)s defines which security parameters should be applied between communication parties as encryption algorithms, key initialization vector, life span of keys, etc.For your exam you should know the information below about the IPSec protocol:The IP network layer packet security protocol establishes VPNs via transport and tunnel mode encryption methods.For the transport method, the data portion of each packet is encrypted, encryption within IPSEC is referred to as the encapsulation security payload (ESP), it isESP that provides confidentiality over the process.In the tunnel mode, the ESP payload and its header's are encrypted. To achieve non-repudiation, an additional authentication header (AH) is applied.In establishing IPSec sessions in either mode, Security Associations (SAs) are established. SAs defines which security parameters should be applied between communicating parties as encryption algorithms, key initialization vector, life span of keys, etc. Within either ESP or AH header, respectively. An SAs is established when a 32-bit security parameter index (SPI) field is defined within the sending host. The SPI is unique identifier that enables the sending host to reference the security parameter to apply, as specified, on the receiving host.IPSec can be made more secure by using asymmetric encryption through the use of Internet Security Association and Key Management Protocol/Oakley(ISAKMP/Oakley), which allows automated key management, use of public keys, negotiation, establishment, modification and deletion of SAs and attributes. For authentication, the sender uses digital certificates. The connection is made secure by supporting the generation, authentication, distribution of the SAs and the cryptographic keys.The following were incorrect answers:Security Parameter Index (SPI) '' A Security Parameter Index (SPI) is an unique identifier that enables the sending host to reference the security parameters to apply.Encapsulation Security Payload (ESP) '' Encapsulation Security Payload (ESP) is used support authentication of sender and encryption of data.Authentication Header(AH) '' Authentication Header allows authentication of a sender of a data.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 3532. Right Answer: BExplanation: For CISA exam you should know below information about SSH and IPSec protocolSSH -A client server program that opens a secure, encrypted command-line shell session from the Internet for remote logon. Similar to a VPN, SSH uses strong cryptography to protect data, including password, binary files and administrative commands, transmitted between system on a network. SSH is typically implemented between two parties by validating each other's credential via digital certificates. SSH is useful in securing Telnet and FTP services, and is implemented at the application layer, as opposed to operating at network layer (IPSec Implementation)IPSec -The IP network layer packet security protocol establishes VPNsvia transport and tunnel mode encryption methods. For the transport method, the data portion of each packet referred to as the encapsulation security payload(ESP) is encrypted, achieving confidentiality over a process. In the tunnel mode, the ESP payload and its header's are encrypted. To achieve non-repudiation, an additional authentication header (AH) is applied. In establishing IPSec sessions in either mode, Security Association (SAs) are established. SAs defines which security parameters should be applied between communication parties as encryption algorithms, key initialization vector, life span of keys, etc. Within either ESP or AH header, respectively. An SAsis established when a 32-bit security parameter index (SPI) field is defined within the sending host. The SPI is unique identifier that enables the sending host to reference the security parameter to apply, as specified, on the receiving host. IPSec can be made more secure by using asymmetric encryption through the use of Internet Security Association and KeyManagement Protocol/Oakley (ISAKMP/Oakley), which allows the key management, use of public keys, negotiation, establishment, modification and deletion ofSAs and attributes. For authentication, the sender uses digital certificates. The connection is made secure by supporting the generation, authentication, distribution of the SAs and those of the cryptographic keys.The following were incorrect answers:The other options presented are invalid as IPSec works at network layer where as SSH works at application layer of an OSI Model.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 352 and 3533. Right Answer: CExplanation: Secure Electronic Transaction(SET) is a protocol developed jointly by VISA and Master Card to secure payment transaction among all parties involved in credit card transactions among all parties involved in credit card transactions on behalf of cardholders and merchants. As an open system specification, SET is an application-oriented protocol that uses trusted third party's encryption and digital-signature process, via PKI infrastructure of trusted third party institutions, to address confidentiality of information, integrity of data, cardholders authentication, merchant authentication and interoperability.The following were incorrect answers:S/MIME - Secure Multipurpose Internet Mail Extension (S/MIME) is a standard secure email protocol that authenticates the identity of the sender and receiver, verifies message integrity, and ensures the privacy of message's content's, including attachments.SSH ''A client server program that opens a secure, encrypted command-line shell session from the Internet for remote logon. Similar to a VPN, SSH uses strong cryptography to protect data, including password, binary files and administrative commands, transmitted between system on a network. SSH is typically implemented between two parties by validating each other's credential via digital certificates. SSH is useful in securing Telnet and FTP services, and is implemented at the application layer, as opposed to operating at network layer (IPSec Implementation)Secure Hypertext Transfer Protocol (S/HTTP) -As an application layer protocol, S/HTTP transmits individual messages or pages securely between a web client and server by establishing SSL-type connection. Using the https:// designation in the URL, instead of the standard http://, directs the message to a secure port number rather than the default web port address. This protocol utilizes SSL secure features but does so as a message rather than the session-oriented protocol.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 352 and 3534. Right Answer: BExplanation: Active monitors interpret DoS and read-only memory (ROM) BIOS calls, looking for malware like actions. Active monitors can be problematic because they can not distinguish between a user request and a program or a malware request. As a result, users are asked to confirm actions, including formatting a disk or deleting a file or set of files.For CISA exam you should know below mentioned different kinds of malware ControlsA. Scanners Look for sequences of bit called signature that are typical malware programs.The two primary types of scanner are1. Malware mask or Signatures '' Anti-malware scanners check files, sectors and system memory for known and new (unknown to scanner) malware, on the basis of malware masks or signatures. Malware masks or signature are specific code strings that are recognized as belonging to malware. For polymorphic malware, the scanner sometimes has algorithms that check for all possible combinations of a signature that could exist in an infected file.2. Heuristic Scanner '' Analyzes the instructions in the code being scanned and decide on the basis of statistical probabilities whether it could contain malicious code. Heuristic scanning result could indicate that malware may be present, that is possibly infected. Heuristic scanner tend to generate a high level false positive errors (they indicate that malware may be present when, in fact, no malware is present). Scanners examines memory disk- boot sector, executables, data files, and command files for bit pattern that match a known malware. Scanners, therefore, need to be updated periodically to remain effective.B. Immunizers '' Defend against malware by appending sections of themselves to files '' sometime in the same way Malware append themselves. Immunizers continuously check a file for changes and report changes as possible malware behavior. Other types of Immunizers are focused to a specific malware and work by giving the malware the impression that the malware has already infected to the computer. This method is not always practical since it is not possible to immunize file against all known malware.C. Behavior Blocker- Focus on detecting potential abnormal behavior such as writing to the boot sector or the master boot record, or making changes to executable files. Blockers can potentially detect malware at an early stage. Most hardware based anti-malware mechanism are based on this concept.D. Integrity CRC checker- Compute a binary number on a known malware free program that is then stored in a database file. The number is called CyclicRedundancy Check (CRC). On subsequent scans, when that program is called to execute, it checks for changes to the file as compare to the database and report possible infection if changes have occurred. A match means no infection; a mismatch means change in the program has occurred. A change in the program could mean malware within it. These scanners are effective in detecting infection; however, they can do so only after infection has occurred. Also, a CRC checker can only detect subsequent changes to files, because they assume files are malware free in the first place. Therefore, they are ineffective against new files that are malware infected and that are not recorded in the database. Integrity checker take advantage of the fact that executable programs and boot sectors do not change often, if at all.The following were incorrect answers:Scanners -Look for sequences of bit called signature that are typical malware programs.Immunizers '' Defend against malware by appending sections of themselves to files '' sometime in the same way Malware append themselves. Immunizers continuously check a file for changes and report changes as possible malware behavior.Behavior Blocker- Focus on detecting potential abnormal behavior such as writing to the boot sector or the master boot record, or making changes to executable files. Blockers can potentially detect malware at an early stage. Most hardware based anti-malware mechanism are based on this concept.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 354 and 3555. Right Answer: AExplanation: Scanners Look for sequences of bit called signature that are typical malware programs.The two primary types of scanner are1. Malware mask or Signatures '' Anti-malware scanners check files, sectors and system memory for known and new (unknown to scanner) malware, on the basis of malware masks or signatures. Malware masks or signature are specific code strings that are recognized as belonging to malware. For polymorphic malware, the scanner sometimes has algorithms that check for all possible combinations of a signature that could exist in an infected file.2. Heuristic Scanner '' Analyzes the instructions in the code being scanned and decide on the basis of statistical probabilities whether it could contain malicious code. Heuristic scanning result could indicate that malware may be present, that is possibly infected. Heuristic scanner tend to generate a high level false positive errors (they indicate that malware may be present when, in fact, no malware is present)Scanner examines memory disk- boot sector, executables, data files, and command files for bit pattern that match a known malware. Scanners, therefore, need to be updated periodically to remain effective.For CISA exam you should know below mentioned different kinds of malware ControlsA. Active Monitors - Active monitors interpret DOS and read-only memory (ROM) BIOS calls, looking for malware like actions. Active monitors can be problematic because they can not distinguish between a user request and a program or a malware request. As a result, users are asked to confirm actions, including formatting a disk or deleting a file or set of files.B. Immunizers '' Defend against malware by appending sections of themselves to files '' sometime in the same way Malware append themselves. Immunizers continuously check a file for changes and report changes as possible malware behavior. Other types of Immunizers are focused to a specific malware and work by giving the malware the impression that the malware has already infected to the computer. This method is not always practical since it is not possible to immunize file against all known malware.C. Behavior Blocker - Focus on detecting potential abnormal behavior such as writing to the boot sector or the master boot record, or making changes to executable files. Blockers can potentially detect malware at an early stage. Most hardware based anti-malware mechanism are based on this concept.D. Integrity CRC checker- Compute a binary number on a known malware free program that is then stored in a database file. The number is called CyclicRedundancy Check (CRC). On subsequent scans, when that program is called to execute, it checks for changes to the file as compare to the database and report possible infection if changes have occurred. A match means no infection; a mismatch means change in the program has occurred. A change in the program could mean malware within it. These scanners are effective in detecting infection; however, they can do so only after infection has occurred. Also, a CRC checker can only detect subsequent changes to files, because they assume files are malware free in the first place. Therefore, they are ineffective against new files that are malware infected and that are not recorded in the database. Integrity checker take advantage of the fact that executable programs and boot sectors do not change often, if at all.The following were incorrect answers:The other options presented are not a valid primary types of scanner.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 354 and 355 .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 376
Questions 1. Which of the following is the BEST data integrity check?A) Counting the transactions processed per dayB) Performing a sequence checkC) Tracing data back to the point of originD) Preparing and running test data2. An IS auditor seeks assurance that a new process for purging transactions does not have a detrimental impact on the integrity of a database. This could be achieved BEST by analyzing the:A) database structure.B) design of triggers.C) results of the process in a test environment.D) entity relationship diagram of the database.3. Organization A has a Software as a Service Agreement (SaaS) with Organization B. The software is vital to Organization A. Which of the following would provide the GREATEST assurance that the application can be recovered in the event of a disaster?A) Organization B is responsible for disaster recovery and held accountable for interruption of service.B) Organization A has a source code escrow agreement and hardware procurement provisions for disaster recovery purposes.C) Organization B has a disaster recovery plan included in its contract and allows oversight by Organization A.D) Organization A buys disaster insurance to recuperate losses in the event of a disaster.4. Which of the following should be of MOST concern to an IS auditor during the review of a quality management system?A) The quality management system includes training records for IT personnel.B) There are no records to document actions for minor business processes.C) Important quality checklists are maintained outside the quality management system.D) Indicators are not fully represented in the quality management system.5. An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor?A) Using a third-party provider to host and manage contentB) Lack of guidance on appropriate social media usage and monitoringC) Negative posts by customers affecting the organization's imageD) Reduced productivity of stuff using social media Right Answer and Explanation: 1. Right Answer: CExplanation: 2. Right Answer: DExplanation: 3. Right Answer: CExplanation: 4. Right Answer: BExplanation: 5. Right Answer: BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISM—Certified Information Security Manager - Part 236
Questions 1. A risk analysis for a new system is being performed.For which of the following is business knowledge MORE important than IT knowledge?A) Vulnerability analysisB) Balanced scorecardC) Cost-benefit analysisD) Impact analysis2. When supporting a large corporation's board of directors in the development of governance, which of the following is the PRIMARY function of the information security manager?A) Gaining commitment of senior managementB) Preparing the security budgetC) Providing advice and guidanceD) Developing a balanced scorecard3. Which of the following is MOST likely to drive an update to the information security strategy?A) A recent penetration test has uncovered a control weakness.B) A major business application has been upgraded.C) Management has decided to implement an emerging technology.D) A new chief technology officer has been hired.4. Which of the following will BEST help to ensure security is addressed when developing a custom application?A) Conducting security training for the development staffB) Integrating security requirements into the development processC) Requiring a security assessment before implementationD) Integrating a security audit throughout the development process5. Which of the following would provide the MOST comprehensive view of the effectiveness of the information security function within an organization?A) An incident reporting systemB) Examples of compliance with security processesC) A balanced scorecardD) An interview with senior managers Right Answer and Explanation: 1. Right Answer: BExplanation: 2. Right Answer: CExplanation: 3. Right Answer: CExplanation: 4. Right Answer: BExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Comptia A+ 1002 2023 Questions and answer - Part 54
Questions 1. A user reports unexpected icons appearing on the desktop. The technician identifies that the symptoms point to a malware infection. Which of the following procedures would be performed NEXT?A) A. Quarantine infected systemB) B. Schedule scans and run updatesC) C. Report the issue to the information security officerD) D. Disable System Restore (in Windows)E) E. Educate end user2. A technician is performing a clean install of Windows on a new hard drive from a factory DVD, but the computer does not recognize the optical disc. A -non-system disk or disk error is observed. Which of the following should the technician do FIRST?A) A. Update the motherboard firmwareB) B. Check the cablesC) C. Replace the optical driveD) D. Check the BIOS setting3. A user wants to be able to access email from all devices. Which of the following formats should be used to allow this synchronization?A) A. SMTPB) B. iCalC) C. POP3D) D. IMAP4. A technician is tasked with enabling TLS version 1.0, 1.1, and 1.2 on a client Internet Explorer browser.Which of the following Internet Options Tabs should the technician look to enable the aforementioned TLS settings?A) A. AdvancedB) B. SecurityC) C. PrivacyD) D. Connections5. Virtual machines provide users with the ability to do which of the following?A) A. Extend 32-bit machines to 64-bitsB) B. Share hardware resourcesC) C. Increase the network download speedD) D. Use less memory in the machine Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: DExplanation: 3. Right Answer: DExplanation: 4. Right Answer: AExplanation: 5. Right Answer: BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Comptia Linux + 2023 Questions and answer - Part 4
Questions 1. In order to discover the link layer address of the device that owns a specific IPv4 or IPv6 address, which mechanism is used?A) A. Both IPv4 and IPv6 use ARP.B) B. Both IPv4 and IPv6 use Neighbor Discovery.C) C. IPv4 uses ARP while IPv6 uses Neighbor Discovery.D) D. IPv4 uses Neighbor Discovery while IPv6 uses ARP.E) E. Both IPv4 and IPv6 can use either ARP or Neighbor Discovery depending on the network.2. Which of the following are valid IPv4 network masks? (Choose TWO correct answers.)(Select 2answers)A) A. 255.255.0.0B) B. 255.255.255.65C) C. 255.255.0.255D) D. 0.0.0.1E) E. 255.255.255.2483. How does the ping command work by default?A) A. It sends a UDP packet to port 0 of the remote host and waits to receive a UDP error response in return.B) B. It sends an ARP request to a remote host and waits to receive an ARP response in return.C) C. It sends a TCP SYN packet to a remote host and waits to receive an TCP ACK response in return.D) D. It sends a broadcast packet to all hosts on the net and waits to receive, among others, a response from the target system.E) E. It sends an ICMP Echo Request to a remote host and waits to receive an ICMP Echo Response in return.4. Which of the following statements is valid in the file /etc/nsswitch.conf?A) A. multi onB) B. 192.168.168.4 dns-serverC) C. hosts: files dnsD) D. include /etc/nsswitch.d/5. Which of the following IPv4 networks are reserved by IANA for private address assignment and private routing? (Choose THREE correct answers.)(Select 3answers)A) A. 127.0.0.0/8B) B. 10.0.0.0/8C) C. 169.255.0.0/16D) D. 172.16.0.0/12E) E. 192.168.0.0/16 Right Answer and Explanation: 1. Right Answer: CExplanation: 2. Right Answer: A,EExplanation: 3. Right Answer: EExplanation: 4. Right Answer: CExplanation: 5. Right Answer: B,D,EExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
ComptiA Security+ Certification Exam Questions and answer - Part 30
Questions 1. Ann,a security administrator,has been instructed to perform fuzz-based testing on the company's applications. Which of the following best describes what she will do?A) Enter random or invalid data into the application in an attempt to cause it to faultB) Work with the developers to eliminate horizontal privilege escalation opportunitiesC) Test the applications for the existence of built-in- back doors left by the developersD) Hash the application to verify it won't cause a false positive on the HIPS2. Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain. Which of the following tools would aid her to decipher the network traffic?A) Vulnerability ScannerB) NMAPC) NETSTATD) Packet Analyzer3. Ann,a security analyst,wants to implement a secure exchange of email. Which of the following is the BEST option for Ann to implement?A) PGPB) HTTPSC) WPAD) TLS4. Ann is the IS manager for several new systems in which the classifications of the systems' data are being decided. She is trying to determine the sensitivity level of the data being processed. Which of the following people should she consult to determine the data classification?A) StewardB) CustodianC) UserD) Owner5. An office manager found a folder that included documents with various types of data relating to corporate clients. The office manager notified the data included dates of birth,addresses,and phone numbers for the clients. The office manager then reported this finding to the security compliance officer. Which of the following portions of the policy would the security officer need to consult to determine if a breach has occurred?A) PublicB) PrivateC) PHID) PII Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: CExplanation: 3. Right Answer: AExplanation: 4. Right Answer: DExplanation: 5. Right Answer: DExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
APICS Certified Supply Chain Professional CSCPPractice Questions 2023 - Part 41
Questions 1. A company that sells engineered-to-order products is planning implementation of a supplier relationship management system (SRM) for direct materials. Which of the following factors is most likely to make the implementation difficult?A) Complexity of the purchasing processB) Cost of the application software upgradesC) Management of variable lead timesD) Resistance of material suppliers2. The United Nations Global Compact uses 10 guiding principles to:A) reduce uncertainty for multinational firms regarding legal, import/export, labor, and environmental standards across countries.B) set minimum levels of compliance across a broad range of transactional areas for businesses operating in multiple geographic regions.C) align the needs of businesses to increase profitability and the needs of individual countries to ensure their specific legal requirements are met.D) help ensure that markets, commerce, technology, and finance promote advancement of economies and societies everywhere.3. Which of the following sustainability tools is most appropriate for managing environmental compliance with regulatory requirements?A) ISO 14000B) Global Reporting Initiative (GRI)C) ISO 26000D) United Nations Global Compact4. A firm has discovered a product quality issue. What should be the first step in responding to this issue?A) Determine the root cause of the quality issue.B) Separate the non-conforming products.C) Trace the location of the faulty product in the supply chain.D) Replace faulty products when they are returned by the end user.5. Which of the following activities typically would be an appropriate application of the ISO 31000 Risk Management Principles and Guidelines?A) Calculating a risk index for each facilityB) Establishing external risk communications processesC) Projecting the ability of a facility to recover from an eventD) Preparing for risk management accreditation Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: DExplanation: 3. Right Answer: AExplanation: 4. Right Answer: CExplanation: 5. Right Answer: BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Search
Popular categories
Latest blogs
CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Write a public review