NEW QUESTION 1

Which of the following is the optimal temperature for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and Air Conditioning Engineers (ASHRAE)?

• A. 69.8-86.0degF (21-30degC)
• B. 64.4-80.6degF(18-27degC)
• C. 51.8-66.2degF(11-19degC)
• D. 44.6-60-8degF(7-16degC)

Answer: B

Explanation:
The guidelines from ASHRAE establish 64.4-80.6degF (18-27degC) as the optimal temperature for a data center.

NEW QUESTION 2
4 to 80.6 degrees Fahrenheit (or 18 to 27 degrees Celsius) as the optimal temperature range for data centers. None of these options is the recommendation from ASHRAE.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 3

A crucial decision any company must make is in regard to where it hosts the data systems it depends on. A debate exists as to whether it's best to lease space in a data center or build your own data center--and now with cloud computing, whether to purchase resources within a cloud.
What is the biggest advantage to leasing space in a data center versus procuring cloud services?

• A. Regulations
• B. Control
• C. Security
• D. Costs

Answer: B

Explanation:
When leasing space in a data center versus utilizing cloud services, a customer has a much greater control over its systems and services, from both the hardware/software perspective and the operational management perspective. Costs, regulations, and security are all prime considerations regardless of the hosting type selected. Although regulations will be the same in either hosting solution, in most instances, costs and security will be greater factors with leased space.

NEW QUESTION 4

Countermeasures for protecting cloud operations against internal threats include all of the following except:

• A. Mandatory vacation
• B. Least privilege
• C. Separation of duties
• D. Conflict of interest

Answer: D

Explanation:
Conflict of interest is a threat, not a control.

NEW QUESTION 5

For performance purposes, OS monitoring should include all of the following except:

• A. Disk space
• B. Disk I/O usage
• C. CPU usage
• D. Print spooling

Answer: D

Explanation:
Print spooling is not a metric for system performance; all the rest are.

NEW QUESTION 6

With an application hosted in a cloud environment, who could be the recipient of an eDiscovery order?

• A. Users
• B. Both the cloud provider and cloud customer
• C. The cloud customer
• D. The cloud provider

Answer: B

Explanation:
Either the cloud customer or the cloud provider could receive an eDiscovery order, and in almost all circumstances they would need to work together to ensure compliance.

NEW QUESTION 7

A variety of security systems can be integrated within a network--some that just monitor for threats and issue alerts, and others that take action based on signatures, behavior, and other types of rules to actively stop potential threats.
Which of the following types of technologies is best described here?

• A. IDS
• B. IPS
• C. Proxy
• D. Firewall

Answer: B

Explanation:
An intrusion prevention system (IPS) can inspect traffic and detect any suspicious traffic based on a variety of factors, but it can also actively block such traffic. Although an IDS can detect the same types of suspicious traffic as an IPS, it is only design to alert, not to block. A firewall is only concerned with IP addresses, ports, and protocols; it cannot be used for the signature-based detection of traffic. A proxy can limit or direct traffic based on more extensive factors than a network firewall can, but it's not capable of using the same signature detection rules as an IPS.

NEW QUESTION 8

You need to gain approval to begin moving your company's data and systems into a cloud environment. However, your CEO has mandated the ability to easily remove your IT assets from the cloud provider as a precondition.
Which of the following cloud concepts would this pertain to?

• A. Removability
• B. Extraction
• C. Portability
• D. Reversibility

Answer: D

Explanation:
Reversibility is the cloud concept involving the ability for a cloud customer to remove all of its data and IT assets from a cloud provider. Also, processes and agreements would be in place with the cloud provider that ensure all removals have been completed fully within the agreed upon timeframe. Portability refers to the ability to easily move between different cloud providers and not be locked into a specific one. Removability and extraction are both provided as terms similar to reversibility, but neither is the official term or concept.

NEW QUESTION 9

To protect data on user devices in a BYOD environment, the organization should consider requiring all the following, except:

• A. Multifactor authentication
• B. DLP agents
• C. Two-person integrity
• D. Local encryption

Answer: C

Explanation:
Although all the other options are ways to harden a mobile device, two-person integrity is a concept that has nothing to do with the topic, and, if implemented, would require everyone in your organization to walk around in pairs while using their mobile devices.

NEW QUESTION 10

What concept does the D represent within the STRIDE threat model?

• A. Denial of service
• B. Distributed
• C. Data breach
• D. Data loss

Answer: A

Explanation:
Any application can be a possible target of denial of service (DoS) attacks. From the application side, the developers should minimize how many operations are performed for unauthenticated users. This will keep the application running as quickly as possible and using the least amount of system resources to help minimize the impact of any such attacks. None of the other options provided is the correct term.

NEW QUESTION 11

What changes are necessary to application code in order to implement DNSSEC?

• A. Adding encryption modules
• B. Implementing certificate validations
• C. Additional DNS lookups
• D. No changes are needed.

Answer: D

Explanation:
To implement DNSSEC, no additional changes are needed to applications or their code because the integrity checks are all performed at the system level.

NEW QUESTION 12

How is an object stored within an object storage system?

• A. Key value
• B. Database
• C. LDAP
• D. Tree structure

Answer: A

Explanation:
Object storage uses a flat structure with key values to store and access objects.

NEW QUESTION 13

Which of the following best describes the Organizational Normative Framework (ONF)?

• A. A set of application security, and best practices, catalogued and leveraged by the organization
• B. A container for components of an application’s security, best practices catalogued and leveraged by the organization
• C. A framework of containers for some of the components of application security, best practices, catalogued and leveraged by the organization
• D. A framework of containers for all components of application security, best practices, catalogued and leveraged by the organization.

Answer: D

Explanation:
Option B is incorrect, because it refers to a specific applications security elements, meaning it is about an ANF, not the ONF. C is true, but not as complete as D, making D the better choice. C suggests that the framework contains only “some” of the components, which is why B (which describes “all” components) is better

NEW QUESTION 14

Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?

• A. A Type 2 hypervisor runs on top of another operating system and is dependent on the security of the OS for its own security.
• B. A Type 2 hypervisor allows users to directly perform some functions with their own access.
• C. A Type 2 hypervisor is open source, so attackers can more easily find exploitable vulnerabilities with that access.
• D. A Type 2 hypervisor is always exposed to the public Internet for federated identity access.

Answer: A

Explanation:
A Type 2 hypervisor differs from a Type 1 hypervisor in that it runs on top of another operating system rather than directly tied into the underlying hardware of the virtual host servers. With this type of implementation, additional security and architecture concerns come into play because the interaction between the operating system and the hypervisor becomes a critical link. The hypervisor no longer has direct interaction and control over the underlying hardware, which means that some performance will be lost due to the operating system in the middle needing its own resources, patching requirements, and operational oversight.

NEW QUESTION 15

What is the intellectual property protection for the tangible expression of a creative idea?

• A. Trade secret
• B. Copyright
• C. Trademark
• D. Patent

Answer: B

Explanation:
Copyrights are protected tangible expressions of creative works. The other answers listed are answers to subsequent questions.

NEW QUESTION 16

Which format is the most commonly used standard for exchanging information within a federated identity system?

• A. XML
• B. HTML
• C. SAML
• D. JSON

Answer: C

Explanation:
Security Assertion Markup Language (SAML) is the most common data format for information exchange within a federated identity system. It is used to transmit and exchange authentication and authorization data.XML is similar to SAML, but it's used for general-purpose data encoding and labeling and is not used for the exchange of authentication and authorization data in the way that SAML is for federated systems. JSON is used similarly to XML, as a text-based data exchange format that typically uses attribute-value pairings, but it's not used for authentication and authorization exchange. HTML is used only for encoding web pages for web browsers and is not used for data exchange--and certainly not in a federated system.

NEW QUESTION 17
......