21. A security team considers the best way to handle the different security zones within their network. They prioritize protecting the restricted zone by separating from the rest of the network and ensuring it has much higher encryption standards. What does this scenario describe?

  • Cloud hardening
  • Patch updating
  • Penetration testing
  • Network segmentation

22. What is one key similarity between regular web servers and cloud servers?

  • In both, all data and application are stored together, regardless of their service category
  • They both use baseline images stored in the cloud to compare data.
  • They both require proper maintenance and security hardening. 
  • In both, all applications are stored together, regardless of their age.

23. To help improve the security of a business, its in-house security team is approved to simulate an attack that will identify vulnerabilities in business processes. What does this scenario describe?

  • A Distributed Denial of Service (DDoS) attack
  • Packet sniffing
  • Penetration testing
  • The Ping of Death

24. What is one key similarity between regular web servers and cloud servers?

  • In both, all data and application are stored together, regardless of their service category.
  • They both require security measures taken by the organization to stay safe.
  • In both, all applications are stored together, regardless of their age. 
  • They both use baseline images stored in the cloud to compare data.

25. Which of the following tasks are security hardening practices? Select all that apply.

  • Reducing access permissions across devices and networks
  • Installing patch updates
  • Disabling unused ports
  • Replacing the RAM on the computers

26. What is the term for all the potential system vulnerabilities that a threat actor could exploit?

  • Security architecture
  • Risk
  • Security challenge
  • Attack surface

27. Fill in the blank: Installing security cameras is an example of a _____ security hardening practice.

  • physical
  • software-based
  • network-focused
  • virtual

28. A company’s executive team approves a proposal by the security director. The proposal involves security professionals simulating an attack on the company’s systems in order to identify vulnerabilities. What does this scenario describe?

  • Penetration testing
  • The Ping of Death
  • Packet sniffing
  • A Distributed Denial of Service (DDoS) attack

Shuffle Q/A 3

29. Which of the following are OS hardening tasks? Select three answers.

  • Using secure encryption standards
  • Implementing multifactor authentication
  • Configuring a firewall
  • Running regularly scheduled backups

30. A security analyst reviews documentation about a firewall rule that includes a list of allowed and disallowed network ports. They compare it to the current firewall to ensure no changes have been made. What does this scenario describe?

  • Verifying user identity when accessing an OS
  • Upgrading the interface between computer hardware and the user
  • Checking baseline configuration
  • Responsibly managing applications
Previous
Next

Leave a Reply