1.What will be the available drive space in a RAID 5 configured system with 3 250GB hard drives?
500 GB
2.Which RAID types would use a minimum of four hard drives? (Choose all that apply).
6
10
3.What are some common symptoms of RAID array failures? (Choose all that apply.)
OS not found
Failure to boot
Drive not recognized
4.True only when the NIDS is patched.
False
5.The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done?
Call an emergency change management meeting to ensure the solution will not have unforeseen negative affects.
6.For what purpose should the network traffic log be analyzed?
To check for suspicious traffic
7.Which statement regarding vulnerability appraisal is NOT true?
Vulnerability appraisal is always the easiest and quickest step.
8.Which of the following is NOT a risk associated with the use of private data?
Devices being infected with malware
9.Which of the following is a command-line alternative to Nmap?
Netcat
10.Which of the following is NOT a function of a vulnerability scanner?
Alerts users when a new patch cannot be found
11.Which statement regarding a honeypot is NOT true?
It cannot be part of a honeynet.
12.Which of these should NOT be classified as an asset?
Accounts payable
13.Which of the following tools is a Linux command-line protocol analyzer?
Tcpdump
14.Which of the following command-line tools tests a connection between two network devices?
Ping
15.Which of the following data sensitivity labels has the lowest level of data sensitivity?
Public
16.Which of the following is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm?
Vulnerability assessment
17.If a software application aborts and leaves the program open, which control structure is it using?
Fail-open
18.If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?
White box
19.Which of the following data sensitivity labels is the highest level of data sensitivity?
Confidential
20.Which of the following must be kept secure as mandated by HIPAA?
PHI
21.Which of the following sends “probes” to network devices and examines the responses to evaluate whether a specific device needs remediation?
Active scanner
22.Which of the following constructs scenarios of the types of threats that assets can face to learn who the attackers are, why they attack, and what types of attacks may occur?
Threat modeling
23.At what point in a vulnerability assessment would an attack tree be utilized?
Threat evaluation
24.Which of the following is NOT true about privacy?
Today, individuals can achieve any level of privacy that is desired.
25.Which of these is NOT a state of a port that can be returned by a port scanner?
Busy
26.Which of the following is NOT an issue raised regarding how private data is gathered and used?
By law, all encrypted data must contain a “backdoor” entry point.
27.Which of the following is NOT a category of fire suppression systems?
Wet chemical system
28.What is the maximum length of time that an organization can tolerate between data backups?
Recovery point objective (RPO)
29.Margaux has been asked to work on the report that will analyze the exercise results with the purpose of identifying strengths to be maintained and weaknesses to be addressed for improvement. What report will she be working on?
After-action report
30.Which level of RAID uses disk mirroring and is considered fault-tolerant?
Level 1
31.A(n) _____ is always running off its battery while the main power runs the battery charger.
on-line UPS
32.Which of these is NOT a characteristic of a disaster recovery plan (DRP)?
It is a private document used only by top-level administrators for planning.
33.What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure?
MTTR
34.An electrical fire like that which would be found in a computer data center is known as what type of fire?
Class C
35.Which of the following can a UPS NOT perform?
Prevent certain applications from launching that will consume too much power
36.Dilma has been tasked with creating a list of potential employees to serve in an upcoming tabletop exercise. Which employees will be on her list?
Individuals on a decision-making level
37.The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence.
custody
38.Which of the following is NOT required for a fire to occur?
A spark to start the process
39.What does an incremental backup do?
Copies all files changed since the last full or incremental backup
40.Which question is NOT a basic question to be asked regarding creating a data backup?
How long will it take to finish the backup?
41.What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?
Time offset
42.When an unauthorized event occurs, what is the first duty of the cyber-incident response team?
To secure the crime scene
43.Raul has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?
IT contingency planning
44.Which of these is an example of a nested RAID?
Level 0+1
45.What does the abbreviation RAID represent?
Redundant Array of Independent Drives
46.Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?
Hot site
Other Links:
Statistics Quiz
Networking Quiz
See other websites for quiz:
Check on QUIZLET
Check on CHEGG