Ensurepass

QUESTION 201

Company A has a remote work force that often includes independent contractors and out of state

full time employees.

Company A’s security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals:

– All communications between parties need to be encrypted in transport

– Users must all have the same application sets at the same version

– All data must remain at Company A’s site

– All users must not access the system between 12:00 and 1:00 as that is the maintenance window

– Easy to maintain, patch and change application environment

Which of the following solutions should the security engineer recommend to meet the MOST goals?


A. Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.

B. Install an SSL VPN to Company A’s datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.

C. Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.

D. Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server Gateway,use remote installation services to standardize application on user’s laptops.

 

Answer: B

 

 

QUESTION 202 DRAG DROP

Drag and Drop the following information types on to the appropriate CIA category

Availability; Confidentiality; Integrity

Answer:

Availability – load balancing, RAID-1, hot site, Dos Attacks Integrity –  Digital Signature, checksums , hashes

Confidentiality – Encryption, access control lists, steganography, Data classifications

 

 

QUESTION 203 CORRECT TEXT

Answer: You need to check the hash value of download software with md5 utility.

 

 

QUESTION 204 CORRECT TEXT

Answer: 192.18.1.0/24 any 192.168.20.0/24 3389 any

 

 

QUESTION 205 CORRECT TEXT

 

 

Answer: Follow the Steps as

1) Click on the server and find the SQL Server then Note the ip address of the server 2)click on the host machine and find the attacker then note the ip adddress of the host

3)check the host machine ip address in router ac source field and SQL Server ip in destination

field and check the deny and unchek the permit

 

 

QUESTION 206 CORRECT TEXT

 

Answer: Following steps need to do as 8 then 2

replace 6 with 3, 7,11 same segment

replace 2 with 1 , put 6 same segment

replace 9 with 10

replace 3 with 5

replace 1 with 4

 

 

QUESTION 207

A startup company offering software on demand has hired a security consultant to provide expertise on data security. The company’s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?


A. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.

B. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.

C. Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the client’s networks. PKI based remote desktop with hardware tokens is used by

 the client to connect to the application.

D. Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is

partitioned and assigned to each client. VLAN technology is used to segment each of the client’s networks. PKI based remote desktop access is used by the client to connect to the application.

 

Answer: C

 

 

QUESTION 208

A financial institution wants to reduce the costs associated with managing and troubleshooting employees’ desktops and applications, while keeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four

solutions submitted by the change management group. Which of the following BEST accomplishes this task?


A. Implement desktop virtualization and encrypt all sensitive data at rest and in transit.

B. Implement server virtualization and move the application from the desktop to the server.

C. Implement VDI and disable hardware and storage mapping from the thin client.

D. Move the critical applications to a private cloud and disable VPN and tunneling.

 

Answer: C

 

 

QUESTION 209

A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).


A. The email system may become unavailable due to overload.

B. Compliance may not be supported by all smartphones.

C. Equipment loss, theft, and data leakage.

D. Smartphone radios can interfere with health equipment.

E. Data usage cost could significantly increase.

F. Not all smartphones natively support encryption.

G. Smartphones may be used as rogue access points.

                

 

Answer: B,C,F

 

 

QUESTION 210

The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one year’s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?


A. The company data privacy policies

B. The company backup logs and archives

C. The company data retention policies and guidelines

D. The company data retention procedures

 

Answer: B

 

 

Comments are closed.