C845 Practice Questions 2
Maintaining the hypervisor - answer Bert is considering the use of an infrastructure as a
service cloud computing partner to provide virtual servers.
Which one of the following would be a vendor responsibility in this scenario?
Maintaining the hypervisor
Managing operating system security settings
Maintaining the host firewall
Configuring server access control
Somewhere you are - answer Callback to a landline phone number is an example of
what type of factor?
Something you know
Somewhere you are
Something you have
Something you are
Likelihood - answerRenee is using encryption to safeguard sensitive business secrets
when in transit over the Internet.
What risk metric is she attempting to lower?
Likelihood
RTO
MTO
Impact
Worm - answerKim is the system administrator for a small business network that is
experiencing security problems.
She is in the office in the evening working on the problem, and nobody else is there.
As she is watching, she can see that systems on the other side of the office that were
previously behaving normally are now exhibiting signs of infection.
What type of malware is Kim likely dealing with?
Virus
Worm
Trojan horse
Logic bomb
A bus and a ring - answerWhat two logical network topologies can be physically
implemented as a star topology?
, A bus and a mesh
A ring and a mesh
A bus and a ring
It is not possible to implement other topologies as a star.
Account review - answerJim has worked in human relations, payroll, and customer
service roles in his company over the past few years. What type of process should his
company perform to ensure that he has appropriate rights?
Re-provisioning
Account review
Privilege creep
Account revocation
ICMP echo request - answerWhat type of inbound packet is characteristic of a ping
flood attack?
ICMP echo request
ICMP echo reply
ICMP destination unreachable
ICMP route changed
Social engineering - answerWhat penetration testing technique can best help assess
training and awareness issues?
Port scanning
Discovery
Social engineering
Vulnerability scanning
Encrypting the files - answerGAD Systems is concerned about the risk of hackers
stealing sensitive information stored on a file server. They choose to pursue a risk
mitigation strategy.
Which one of the following actions would support that strategy?
Encrypting the files
Deleting the files
Purchasing cyber-liability insurance
Taking no action
Nonrepudiation; digital signatures - answerSally's organization needs to be able to
prove that certain staff members sent emails, and she wants to adopt a technology that
will provide that capability without changing their existing email system.
What is the technical term for the capability Sally needs to implement as the owner of
the email system, and what tool could she use to do it?
Maintaining the hypervisor - answer Bert is considering the use of an infrastructure as a
service cloud computing partner to provide virtual servers.
Which one of the following would be a vendor responsibility in this scenario?
Maintaining the hypervisor
Managing operating system security settings
Maintaining the host firewall
Configuring server access control
Somewhere you are - answer Callback to a landline phone number is an example of
what type of factor?
Something you know
Somewhere you are
Something you have
Something you are
Likelihood - answerRenee is using encryption to safeguard sensitive business secrets
when in transit over the Internet.
What risk metric is she attempting to lower?
Likelihood
RTO
MTO
Impact
Worm - answerKim is the system administrator for a small business network that is
experiencing security problems.
She is in the office in the evening working on the problem, and nobody else is there.
As she is watching, she can see that systems on the other side of the office that were
previously behaving normally are now exhibiting signs of infection.
What type of malware is Kim likely dealing with?
Virus
Worm
Trojan horse
Logic bomb
A bus and a ring - answerWhat two logical network topologies can be physically
implemented as a star topology?
, A bus and a mesh
A ring and a mesh
A bus and a ring
It is not possible to implement other topologies as a star.
Account review - answerJim has worked in human relations, payroll, and customer
service roles in his company over the past few years. What type of process should his
company perform to ensure that he has appropriate rights?
Re-provisioning
Account review
Privilege creep
Account revocation
ICMP echo request - answerWhat type of inbound packet is characteristic of a ping
flood attack?
ICMP echo request
ICMP echo reply
ICMP destination unreachable
ICMP route changed
Social engineering - answerWhat penetration testing technique can best help assess
training and awareness issues?
Port scanning
Discovery
Social engineering
Vulnerability scanning
Encrypting the files - answerGAD Systems is concerned about the risk of hackers
stealing sensitive information stored on a file server. They choose to pursue a risk
mitigation strategy.
Which one of the following actions would support that strategy?
Encrypting the files
Deleting the files
Purchasing cyber-liability insurance
Taking no action
Nonrepudiation; digital signatures - answerSally's organization needs to be able to
prove that certain staff members sent emails, and she wants to adopt a technology that
will provide that capability without changing their existing email system.
What is the technical term for the capability Sally needs to implement as the owner of
the email system, and what tool could she use to do it?
