Chapter 10 Data Defense
Unlock all answers in this set
Unlock answersquestion
Which form of alternate site is the cheapest but may not allow an organization to recover before reaching their maximum tolerable downtime?
answer
Reciprocal agreement
question
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?
answer
Clustering
question
Which of the following drive configurations is fault tolerant?
answer
RAID 5
question
You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose?
answer
Hot site
question
Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using?
answer
Warm site
question
You manage a Web site for your company. The Web site uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which components represent a single point of failure?
answer
Website storage
question
You manage the website for your company. The web1 server hosts the website. This server has the following configuration: Dual core processor Dual power supplies RAID 5 volume One RAID controller Two 1000 Mbps network adapters Which component is a single point of failure for the website?
answer
Disk controller
question
You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?
answer
3
question
What is an advantage of RAID 5 over RAID 1?
answer
RAID 5 improves performance over RAID 1
question
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
answer
Connect one server through a different ISP to the Internet
question
When should a hardware device be replaced in order to minimize downtime?
answer
Just before its MTBF is reached
question
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available even if a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
answer
Load balancing
question
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present?
answer
Cold site
question
Which of the following terms describes the actual time required to successfully recover operations in the event of an incident?
answer
Recovery Time Objective (RTO)
question
Match the recovery term on the right with the appropriate definition on the left
answer
MTTF- Measures the average time to failure of a system or component MTD- Identifies the length of time an organization can survive with a specific service, asset, or process down MTTR- Identifies the average amount time to repair a failed component or to restore an operation MTFB- Identifies the average lifetime of a system or component
question
Even if you perform regular backups, what must be done to ensure that you protected against data loss?
answer
Regularly test restoration procedures
question
Why should backup media be stored offsite?
answer
To prevent the same disaster from affecting both the network and the backup media
question
A system failure has occurred. Which of the following restoration processes would result in the fastest restoration of all data to its most current state?
answer
Restore the full backup and the last differential backup
question
Which of the following are backed up during a differential backup?
answer
Only files that have changed since the last full backup.
question
To increase your ability to recover from a disaster, where should you store backup tapes?
answer
In a safety deposit box at a bank
question
Which backup strategy backs up all files from a computer's file system regardless of whether the file's archive bit is set or not marks them as having been backed up?
answer
Full
question
Which backup strategy backs up only files which have the archive bit set, but does not mark them as having been backed up?
answer
Differential
question
Your organization uses the following tape rotation strategy for its backup tapes: The first set of tapes is used for daily backups. At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape. At the end of the each month, one of the weekly backup tapes is promoted to be the monthly backup tape. What kind of backup tape rotation strategy is being used?
answer
Grandfather
question
The disaster recovery plan calls for having tape backups stored at a different location. The location is safe deposit box at the local bank. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups?
answer
Perform a full back up once a week with a differential back up the other days of the week.
question
What does an incremental backup do during the backup?
answer
Backs up all files with the archive bit set; resets the archive bit.
question
What does a differential backup do during the backup?
answer
Backs up all files with the archive bit set; does not reset the archive bit.
question
Your network uses the following backup strategy: o Full backups every Sunday night o Incremental backups Monday through Saturday nights Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
answer
4
question
Your network uses the following backup strategy: Full backups every Sunday night Differential backups Monday through Saturday nights Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
answer
2
question
Your network performs a full back up every night. Each Sunday, the previous night's backup tape is archived. Wednesday morning the storage system fails. How may restore operations will you need to perform to recover all of the data?
answer
1
question
You would like to implement BitLocker to encrypt data on a hard disk even if it moved to another system. You want the system to boot automatically without proving a startup key on an external USB device. What should you do?
answer
Enable TPM in the BIOS
question
You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system not boot if a change is detected in any of the boot files. What should you do?
answer
Implement BitLocker with a TPM
question
Which of the following are backed up during an incremental backup?
answer
Only files that have changed since the last full or incremental backup.
question
You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you choose?
answer
BitLocker
question
Which of the following security solutions would prevent a user from reading a file which she did not create?
answer
EFS
question
You've used Bitlocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TMP chip, so you've used an external USB flash drive to store the Bitlocker startup key. Which system components are encrypted in this scenario? select two
answer
Master boot record C:volume
question
You've used Bitlocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TMP chip, so you've used an external USB flash drive to store the Bitlocker startup key. You use EFS to encrypt the C:secret folder and its contents Which of the following is true in this scenario? select two
answer
Only the user who encrypted the C:secrets file will be able to open it by default If the C:secrets file is copied to an external USB flash drive, it will be saved in an unencrypted state
question
You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal?
answer
Confidentiality
question
You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure that others cannot see your credit card number on the Internet?
answer
SSL
question
IPSec is implemented through two separate protocols. What are these protocols called? (Select two.)
answer
AH ESP
question
Which of the following security measure encrypts the entire contents of a hard drive?
answer
DriveLock
question
Which of the following protocols can be used to securely manage a network device from a remote connection?
answer
SSH
question
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
answer
TLS SSL
question
What is the primary function of the IKE policy used with IPSec?
answer
Create a security association between communicating partners.
question
Which of the following protocols can TLS use for key exchange? (Select two.)
answer
RSA Diffie-Hellman
question
SFTP uses which mechanism to provide security for authentication and data transfer?
answer
SSH
question
Which of the following is a secure alternative to FTP that uses SSL for encryption?
answer
FTPS
question
Which protocol does HTTPS use to offer security in Web transactions?
answer
SSL
question
As network administrator you are asked to recommend a secure method of transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)
answer
SCP SFTP
question
Telnet is inherently insecure because its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet
answer
SSH
question
What is the default encryption algorithm used by SSH (Secure Shell) to protect data traffic between a client and the controlled server?
answer
IDEA
question
SSL (Secure Socket Layer) operates at which layer of the OSI model?
answer
Session
question
When using SSL authentication, what does the client verify first when checking a server's identity?
answer
The current date and time must fall within the server's certificate validity period.
question
Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?
answer
SaaS
question
Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?
answer
PaaS delivers everything a developer needs to build an application onto the cloud infrastructure.
question
Which of the following is not true regarding cloud computing?
answer
Cloud computer requires end-user knowledge of the physical location and configuration of the system that delivers the services.
question
Which of the following are true concerning the Virtual Desktop Infrastructure (VDI)? select two
answer
User desktop environments are centrally hosted on servers instead of on individual desktop systems. In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers.
question
Match each description on the eft with the appropriate cloud technology on the right
answer
Public cloud-Provides cloud services to just about anyone Private cloud- Provides cloud services to a single organization Community cloud- Allows cloud services to be shared by several organizations Hybrid cloud- Integrates one cloud service with other cloud services
question
Which of the following network layer protocols provides authentication and encryption services for IP based network traffic?
answer
IPSec