WGU-C795- Master's Course Cybersecurity Management II Tactical Answered

A combined mail server and calendaring server environment contains no secure sockets layer (SSL) certificate. Which security principle of the CIA triad is affected by the lack of an SSL certificate? A Confidentiality B Integrity C Authentication D Availability - ANSWER A A company does not have a disaster recovery plan (DRP) and suffers a multiday power outage. Which provisioning should the company perform to provide stable power for a long period of time? A Purchase generators B Purchase additional servers C Create a RAID array D Create a failover cluster - ANSWER A A company is moving its database backups from an off-site location to an alternate processing site warehouse using bulk transfers. Which type of database recovery is this company employing? A Electronic vaulting B Remote journaling C Remote mirroring D Mutual assistance - ANSWER A A company's business operations are disrupted due to a flash flood.Which consequences to business continuity should be addressed in the disaster recovery plan? A Evaluation of risk from possible flood damage B Identify essential personnel and decision makers C Provide flood-response training to the disaster recovery team D Provision additional backup power sources - ANSWER A What is defined as the ability to maintain an acceptable level of operational status during events such as hardware failures or denial-of-service (DoS) attacks? A Fault tolerance B System resilience C Trusted recovery D Quality of service - ANSWER B Which RAID array configuration is known as striping with parity and requires the use of three or more disks that spread the parity across all drives? A RAID 0 B RAID 1 C RAID 5 D RAID 10 - ANSWER C A web server is at near 100% utilization, and it is suggested that several web servers run the same site, sharing traffic from the internet. Which system resilience method would this be? A Network load balancing B Failover clustering C Electronic vaulting D Remote journaling - ANSWER A Which RAID array performs striping and uses mirroring for fault tolerance? A RAID 0 B RAID 1 C RAID 5 D RAID 10 - ANSWER D Which kind of disaster recovery site typically consists of self-contained trailers? A Mobile B Hot C Warm D Cold - ANSWER A How often should a business continuity plan (BCP) be reviewed? A At least annually or when changes occur B If and when the company gets audited C When a disaster occurs D Every five years or when a law changes - ANSWER A Which database disaster recovery strategy transfers copies of database transaction logs to another location? A Electronic vaulting B Remote journaling C Disk mirroring D Floating parity - ANSWER B A company develops a business continuity plan in addition to an emergency communication plan. What should be included in the company's emergency communication plan? (Choose 2) A Alternate means of contact B Backup people for each role C The best time to call each person D Employee's phone service providers - ANSWER AB Which type of backup solution should be incorporated in an organization that has high-capacity backup data requirements in the terabytes? A Disk-to-disk B Tape C Optical media D High-capacity CD-RW - ANSWER A Which data recovery strategy should be used to mitigate the risk of a natural disaster? A Perform a full local backup B Store tapes in a secure room C Hold backups on a shared drive D Back up data to a remote cloud provider - ANSWER D Which two data recovery components will back up a file and change the archive bit to 0? (Choose 2) A Full backup B Differential backup C Incremental backup D Copy backup - ANSWER AC Disaster recovery team members are requested to do more than just review the disaster recovery plan but not actually test the individual parts of the plan. Which type of test would suit this request? A Read-through B Structured walk-through C Parallel D Full-interruption - ANSWER B When should formal change management be used to manage updates to a disaster recovery plan? A When the IT infrastructure changes, all related disaster-recovery documentation should be changed to match the environment. B When personnel changes, all related disaster-recovery documentation should be changed to match the staffing. C When regulations change, all related disaster-recovery documentation should be changed to match the regulations. D When management changes, all related disaster-recovery documentation should be changed to match the structure. - ANSWER A A company presents team members with a disaster recovery scenario, asks members to develop an appropriate response, and then tests some of the technical responses without shutting down operations at the primary site. Which type of disaster recovery test is being performed? A Read-through B Structured walk-through C Simulation D Full-interruption - ANSWER C Which defense-in-depth practices allow an organization to locate an intruder on its internal network? A Whitelisting applications and blacklisting processes B Antivirus and intrusion prevention system (IPS) C Security information and event management (SIEM) and intrusion detection system (IDS) D Sandboxing applications and penetration testing - ANSWER C A company is concerned that disgruntled employees are sending sensitive data to its competitors. Which defense-in-depth practices assist a company in identifying an insider threat? A Data loss prevention (DLP) and audit logs B Antivirus and intrusion detection systems (IDS) C Data loss prevention (DLP) and intrusion detection systems (IDS) D Antivirus and audit logs - ANSWER A A company is hit with a number of ransomware attacks. These attacks are causing a significant amount of downtime and data loss since users with access to sensitive company documents are being targeted. These attacks have prompted management to invest in new technical controls to prevent ransomware. Which defense-in-depth practices should this company implement? A Password resets and a log review B Mandatory vacations and job rotation C Spam filtering and antimalware D Encryption and an internal firewall - ANSWER C A company's database administrator requires access to a database server to perform maintenance. The director of information technology will provide the database administrator access to the database server but will not provide the database administrator access to all the data within the server's database. Which defense-in-depth practice enhances the company's need-to-know data access strategy? A Using compartmented mode systems and least privilege B Using compartmented mode systems and two-person control C Using dedicated mode systems and least privilege D Using dedicated mode systems and two-person control - ANSWER A A company has signed a contract with a third-party vendor to use the vendor's inventory management system hosted in a cloud. For convenience, the vendor set up the application to use Lightweight Directory Access Protocol (LDAP) queries but did not enable secure LDAP queries or implement a secure sockets layer (SSL) on the application's web server. The vendor does not have the ability to secure the system, and company management insists on using the application. Which defense-in-depth practices should the company implement to minimize the likelihood of an account compromise due to insecure setup by the vendor? A Location-based access control and multifactor authentication B Intrusion prevention system (IPS) and honeypot systems C Antivirus and intrusion detection system (IDS) D Password hashing and authentication encryption - ANSWER A A company is terminating several employees with high levels of access. The company wants to protect itself from possible disgruntled employees who could become potential insider threats. Which defense-in-depth practices should be applied? A Account revocation and conducting a vulnerability assessment B Account revocation and conducting a full backup of critical data C A mandatory 90-day password change and conducting a full backup of critical data D A mandatory 90-day password change and conducting a vulnerability assessment - ANSWER A A hacker is sitting between a corporate user and the email server that the user is currently accessing. The hacker is trying to intercept and capture any data the user is sending through the email application. How should a system administrator protect the company's email server from this attack? A Encrypt network traffic with VPNs B Add antimalware to the email server C Implement a firewall D Whitelist the sites that are trusted - ANSWER A A company wants to prevent cybercriminals from gaining easy access into its email server. The company wants to know which user is accessing which resources and to prevent hackers from easily gaining access to the server. Which defense-in-depth strategy should be used? A Authenticate users and devices and log events within the network B Deploy VLANs for traffic separation and coarse-grained security C Place encryption throughout the network to ensure privacy D Use stateful firewall technology at the port level and log firewall activity - ANSWER A A chief information officer (CIO) recently read an article involving a similar company that was hit with ransomware due to ineffective patch-management practices. The CIO tasks a security professional with gathering metrics on the effectiveness of the company's patch-management program to avoid a similar incident. Which method enables the security professional to gather current, accurate metrics? A Review authenticated vulnerability scan reports B Review reports from Windows Update C Review patch history on nonproduction systems D Review patch tickets in the change control system - ANSWER A A company hires several contractors each year to augment its IT workforce. The contractors are granted access to the internal corporate network, but they are not provided laptops containing the corporate image. Instead, they are required to bring their own equipment. Which defense-in-depth practice should be required for contractor laptops to ensure that contractors do not connect infected laptops to the internal corporate network? A Enable command-line audit logging on contractor laptops B Configure devices to not autorun content C Configure antimalware scanning of removable devices D Ensure antimalware software and signatures are updated - ANSWER D It is suspected that someone is connecting to an organization's wireless access points (WAPs) and capturing data. Which boundary-defense method should be applied to reduce eavesdropping attacks? A Enable 802.1X to require network authentication B Disconnect unused LAN drops within the building C Install a network monitor on the WAP D Add a whitelist for all traffic coming from the ISP - ANSWER A A government agency is at risk of attack from malicious nation-state actors. Which defense should the agency put on the boundary of its network to stop attacks? A Deploy a honeypot B Employ an intrusion detection system C Use an internal security information and event manager D Employ an intrusion prevention system - ANSWER D A company needs to improve its ability to detect and investigate rogue WAPs. Which defense-in-depth practice should be used? A Configure a captive portal to request information B Configure MAC address filtering to control access C Install a wireless IDS to monitor irregular behavior D Install a stateful firewall to block network connections - ANSWER C A company is concerned about securing its corporate network, including its wireless network, to limit security risks. Which defense-in-depth practice represents an application of least privilege? A Implement mutual multifactor authentication B Configure Wi-Fi-Protected Access for encrypted communication C Disable wireless access to users who do not need it D Implement an intrusion detection system - ANSWER C Company employees keep taking their laptop computers off-site without securing the laptop's contents. Which defense-in-depth tactic should be used by employees to prevent data from being stolen? A Contact the security office when taking property off-site B Carry laptops close to themselves when going off-site C Use forced encryption via a group policy D Take laptops home only on weekends - ANSWER C A company is concerned about unauthorized programs being used on network devices. Which defense-in-depth strategy would help eliminate unauthorized software on network devices? A Develop an acceptable use policy and update all network device firmware B Use application controls tools and update AppLocker group policies C Limit administrative access to devices and create DHCP scope options D Upgrade to a 64-bit operating system and install an antimalware application - ANSWER B An attacker compromises the credentials that a system administrator uses for managing a user directory. The attacker uses these credentials to create a rogue administrator account. Which defense-in-depth practice would have helped a security administrator identify this compromise? A Enforce two-factor authentication on VPN portals for administrative accounts B Log and alert when changes to administrative group membership take place C Document administrative password complexity requirements in corporate policy D Require the use of dedicated administrative accounts - ANSWER B A security professional for a midsize company is tasked with helping the organization write new corporate security procedures. One of the policies includes the use of multifactor authentication. Which defense-in-depth practice should the security professional apply? A Create two unique accounts for each administrator and let the administrator set both passwords B Create two unique accounts for each administrator and assign the other administrators the second password C Create a unique administrator account for each person and configure a security token that provides a passcode every 60 seconds D Create a unique administrator account for each person and let the administrator select a PIN that only the administrator knows - ANSWER C An organization is creating a security policy that will be able to audit the use of administrative credentials. The company has decided to use multifactor authentication to allow for the accountability of administrative actions. Which multifactor authentication policy should be applied? A Force administrators to have two accounts, one for normal tasks and one for elevated privileges B Assign administrators individual accounts that require a password and a physical smart card C Have all administrators use a different administrative account on each server in the network D Change the default password on all service accounts and on all administrator accounts - ANSWER B An organization is deploying a number of internet-enabled warehouse cameras to assist with loss prevention. A plan is put in place to implement automated patching. Which defense-in-depth measure will ensure that the patch images are as expected? A All remotely installed software must be signed. B Communications must use HTTPS. C Device authentication must use digital certificates. D All passwords must be salted and hashed. - ANSWER A A company has user credentials compromised through a phishing attack. Which defense-in-depth practice will reduce the likelihood of misuse of the user's credentials? A Configure firewall rules B Deploy multifactor authentication C Deploy RADIUS authentication D Configure encryption protocols - ANSWER B A company is implementing a defense-in-depth approach that includes capturing audit logs. The audit logs need to be written in a manner that provides integrity. Which defense-in-depth strategy should be