Proliant Exam
Questions With Reviewed 100%
Correct Detailed Answers
Guaranteed Pass!!
1. Which coding automation concept relates to committing and testing
updates often? - ANSWER Continuous integration
2. A system administrator implements a process that provides two separate
paths from each server node to every disk in a redundant array of
inexpensive disks set up to remove a single point of failure. What concept
has the administrator implemented? - ANSWER multipathing
3. A logistics company requires a supervisory control and data acquisition
(SCADA) system to collect and analyze real-time tracking of equipment and
to monitor delays in shipping and receiving. The SCADA must provide
reports to management to facilitate data-driven decisions on transporting
equipment. What is the SCADA a part of? - ANSWER ICS
4. Which de-identification method does an administrator use when choosing
to replace the contents of a data field by redacting and substituting
character strings? - ANSWER data masking
5. IT discovers a flaw in a web application where it allows queries without
encryption. As a result, requests are being spoofed and directories
, containing private files are viewable. What is happening? - ANSWER
Extensible Markup Language (XML) injection
6. Can be used for data exchange. Without encryption, it is vulnerable to
spoofing, request forgery, and injection of arbitrary code. For example, an
XML External Entity (XXE) attack embeds a request for a local resource. -
ANSWER Extensible Markup Language (XML)
7. Used to read and write network directory databases. A threat actor could
exploit either unauthenticated access or a vulnerability in a client app to
submit arbitrary queries via injection. - ANSWER LDAP
8. In this injection attack, the threat actor modifies one or more of the four
basic Structured query language functions by adding code to some input
accepted by a database application. - ANSWER SQL
9. This injection is a vulnerability in the way the operating system allows one
process to attach to another. - ANSWER DLL
10.Which attack vector makes it possible for a threat actor to compromise a
whole platform with just one account? - ANSWER cloud
11.Which of the following practices would help mitigate the oversight of
applying coding techniques that will secure the code of an internal
application for a company? - ANSWER static code analysis
12.An Information Security Manager working for an ISP has discovered that an
attacker has poisoned the DNS server cache by spamming it with recursive
, queries. Predict what tools the manager might use to discover whether the
attacker has inserted any false records. (Select all that apply.) - ANSWER
nslookup/dig
dnsenum
13.An employee at a financial firm is responsible for ensuring that data is
stored in accordance with applicable laws and regulations. What role does
the employee have in terms of data governance? - ANSWER Data
steward
14.A new company implements a datacenter that will hold proprietary data
that is output from a daily workflow. As the company has not received any
funding, no risk controls are in place. How does the company approach risk
during operations? - ANSWER Acceptance: Risk acceptance means that
no countermeasures are put in place either because the level of risk does
not justify the cost or because there will be an unavoidable delay before
the countermeasures are deployed.
15.Means that the activity that is risk-bearing is stopped. The discontinuation
of a defective product is a form of risk avoidance. - ANSWER Risk
avoidance
16.The overall process of reducing exposure to the effects of risk factors. An
example is deploying a countermeasure that reduces exposure to a threat
or vulnerability. - ANSWER Risk mitigation
17.Means assigning risk to a third-party, such as an insurance company or a
contract with a supplier that defines liabilities - ANSWER Risk
transference
Questions With Reviewed 100%
Correct Detailed Answers
Guaranteed Pass!!
1. Which coding automation concept relates to committing and testing
updates often? - ANSWER Continuous integration
2. A system administrator implements a process that provides two separate
paths from each server node to every disk in a redundant array of
inexpensive disks set up to remove a single point of failure. What concept
has the administrator implemented? - ANSWER multipathing
3. A logistics company requires a supervisory control and data acquisition
(SCADA) system to collect and analyze real-time tracking of equipment and
to monitor delays in shipping and receiving. The SCADA must provide
reports to management to facilitate data-driven decisions on transporting
equipment. What is the SCADA a part of? - ANSWER ICS
4. Which de-identification method does an administrator use when choosing
to replace the contents of a data field by redacting and substituting
character strings? - ANSWER data masking
5. IT discovers a flaw in a web application where it allows queries without
encryption. As a result, requests are being spoofed and directories
, containing private files are viewable. What is happening? - ANSWER
Extensible Markup Language (XML) injection
6. Can be used for data exchange. Without encryption, it is vulnerable to
spoofing, request forgery, and injection of arbitrary code. For example, an
XML External Entity (XXE) attack embeds a request for a local resource. -
ANSWER Extensible Markup Language (XML)
7. Used to read and write network directory databases. A threat actor could
exploit either unauthenticated access or a vulnerability in a client app to
submit arbitrary queries via injection. - ANSWER LDAP
8. In this injection attack, the threat actor modifies one or more of the four
basic Structured query language functions by adding code to some input
accepted by a database application. - ANSWER SQL
9. This injection is a vulnerability in the way the operating system allows one
process to attach to another. - ANSWER DLL
10.Which attack vector makes it possible for a threat actor to compromise a
whole platform with just one account? - ANSWER cloud
11.Which of the following practices would help mitigate the oversight of
applying coding techniques that will secure the code of an internal
application for a company? - ANSWER static code analysis
12.An Information Security Manager working for an ISP has discovered that an
attacker has poisoned the DNS server cache by spamming it with recursive
, queries. Predict what tools the manager might use to discover whether the
attacker has inserted any false records. (Select all that apply.) - ANSWER
nslookup/dig
dnsenum
13.An employee at a financial firm is responsible for ensuring that data is
stored in accordance with applicable laws and regulations. What role does
the employee have in terms of data governance? - ANSWER Data
steward
14.A new company implements a datacenter that will hold proprietary data
that is output from a daily workflow. As the company has not received any
funding, no risk controls are in place. How does the company approach risk
during operations? - ANSWER Acceptance: Risk acceptance means that
no countermeasures are put in place either because the level of risk does
not justify the cost or because there will be an unavoidable delay before
the countermeasures are deployed.
15.Means that the activity that is risk-bearing is stopped. The discontinuation
of a defective product is a form of risk avoidance. - ANSWER Risk
avoidance
16.The overall process of reducing exposure to the effects of risk factors. An
example is deploying a countermeasure that reduces exposure to a threat
or vulnerability. - ANSWER Risk mitigation
17.Means assigning risk to a third-party, such as an insurance company or a
contract with a supplier that defines liabilities - ANSWER Risk
transference
