Oper Sec Quizzes

Quick Links
Logout
Surya Kiran Mannava6

Home
1. 2016_SPR_MAIN_Operations Security_22
2.
Content
3.
Week 6
4.
Take Test: Lecture 6 Quiz
2016_SPR_MAIN_Operations Security_22
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
This test allows multiple attempts.
Force Completion
This test can be saved and resumed later.
Question Completion Status:
Save and Submit
Question 1
1. Though the position of CISO may also be known by
many other titles, the CISO role itself is the topranking individual with full-time responsibility for
information security.
True
False
10 points
Question 2
1. It is often the case that a security manager must
make tough management decisions when defining
the scope of a program. For example, the manager
may need to decide how the program applies to
contractors who connect to the companys
systems.
True
False
10 points
Question 3
1. Order the policy framework components from top
level (e.g 50,000 feet view) to bottom level
(templates and parameters).
2.
Standards
1.
Policy
4.
Guidelines
3.
Procedures
10 points
Question 4
1. Select the area of the image that best represents
the network switches that provide connectivity to
this SAN setup.
Selected Coordinates 345, 226 Clear

10 points
Question 5
1. Which RAID level provides no fault tolerance?
RAID 1
RAID 0
RAID 60
RAID 10
10 points
Question 6
1. Which of the following RAID levels implement
striping?
RAID 0
RAID 1
RAID 4
RAID 5
10 points
Question 7
1. Choose the RAID level which is least used into
today's systems.
RAID 1
RAID 3
RAID 5
RAID 6
10 points
Question 8
1. Choose the RAID level that implements byte-level
striping.
RAID 1
RAID 3
RAID 50
RAID 10
10 points
Question 9
1. Redundancy is the fabric of a Fiber Channel SAN is

not important since there are multiple hard disk
drives implemented in the system.
True
False
10 points
Question 10
1. iSCSI SAN's are much faster than Fiber Channel
(FC) SAN's and are therefore more expensive.
True
False
10 points
Save and Submit
Click Save and Submit to save and submit. Click Save All Answers to save all
answers.
Save and Submit
Quick Links
Logout

Home
2.
Content
3.
Week 7
4.
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
Force Completion
Save and Submit
Question 1
1. In the slideset, Altona Manufacturing had a
problem that plagued their datacenter. What
support system did Altona need to implement to
resolve their issue?
HVAC
Fire suppression
Fire detection
Power conditioning
10 points
Question 2
1. This fire stage actually occurs before fire
combustion begins.
Heat
Visible smoke
Incipient
Fast flaming
10 points
Question 3
1. Of the following fire suppressants, which is the
least desirable in a datacenter?
Halon
Carbon Dioxide
Halotron
Water
10 points
Question 4
1. VESDA uses the following device to detect
particles in the air:
Water Filter
Laser
Photoelectric eye
Magnet
10 points
Question 5
1. HVAC stands for:
Heating, Ventilation, and Air Conditioning
Higher Vents for Air Cooling
Heating Vents for Air Conditioning
Heating, Volume, and Air Controls

10 points
Question 6
1. Of the following options, which is the MOST
effective way of destroying data and reducing
data remnance?
Overwriting
Physical Destruction
Degaussing
Windows Format
10 points
Question 7
1. Match the following classes of fire to the proper
definition.
A A. Combustible Metals
B. Common Combustibles
D.
C. Flammable Liquids and Gases
A.
D. Cooking Media
E. Live Electrical Equipment
B.
D
E.
K
C.
10 points
Question 8
1. Installing a household smoke detector in
a datacenter is sufficient.
True
False
10 points
Question 9
1. The three factors of a fire are heat, combustible
materials, and a catalyst (such as oxygen).
True
False
10 points
Question 10
1. A VESDA system can detect fire at the incipient
stage.
True
False
10 points
Save and Submit
answers.
Save and Submit
Quick Links
Logout

Home
2.
Content
3.
Week 9
4.
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
Force Completion
Save and Submit
Question 1
1. This protocol provides for the transfer of mail between mail
servers.
POP
SMTP
HTML
IMAP
10 points
Question 2
1. This protocol allows a user to download email off the email
server. Typically, the email is also deleted from the server
after download.
POP
SMTP
HTML
IMAP
10 points
Question 3
1. This protocol allows a user to use one or more devices to
view emails saved on the server.
POP
SMTP
HTML
IMAP
10 points
Question 4
1. In the spam/spoof/phishing email example provided in the
lecture, the email that looked like it was sent from
University of the Cumberlands actually came from:
a gmail account
a valid ucumberlands.edu account
a sandiego.edu account
yahoo.com
10 points
Question 5
1. Dr. Doe, the CEO and President of Acme Corporation, just
received an email with a link to a sports site from his
friend. However, after hovering over the link, Dr. Doe
notices that the destination link does not match the link in
the email. After further review, the IT
department determines that the email did not originate
from Dr. Doe's friend and the link would have attempted to
steal Dr. Doe's administrative credentials to the financial

systems. Dr. Doe may have just been a potential victim of
what type of attack?
Whale Phishing Attack
Firewall Backlash Attack
Spear Phishing Attack
Financial Audit Attack
10 points
Question 6
1. Whale phishing is very generic and intended to attack the
general public.
True
False
10 points
Question 7
1. Hovering over an email link allows us to confirm the link's
identity.
True
False
10 points
Question 8
1. A secure web URL will start with:
http://
ftp://
sftp://
https://
10 points
Question 9
1. A subscription service on a spam firewall allows the firewall
to:
run faster
download the latest email threats database
give the admin weekly security magazines

process more email
10 points
Question 10
1. See the image below. In this example, a secure
transmission only needs to be implemented between the
two SMTP servers, not the SMTP server and the clients.
True
False
10 points
Save and Submit
answers.
Save and Submit
Quick Links
Logout

Home
2.
Content
3.
Week 11
4.
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
Force Completion


Save and Submit
Question 1
1. A systems analyst:
writes software code
designs systems to meet user specifications
manages a software implementation
directs the IT department
10 points
Question 2
1. The helpdesk administrator is notified that one of his
employees is asking users for their password when they
call in to check their account status. What response should
this action evoke from the helpdesk admin?
The admin should be watchful for further incidents.
The admin should terminate the employee who asked for passwords.
The admin should follow policy outlining the disciplinary actions taken
for this incident.
The admin should nicely tell the employee not to do it again.
10 points
Question 3
1. The database administrator is notified that the DBMS is
encountering issues and employees are unable to do their
work. Under what part of the CIA triad does this issue fall?
Avaliability
Confidentiality
Integrity
None of the above
10 points
Question 4
1. The DBA and the Network Admin are both similar in that:
They work in the same office
They use the same servers
Their respective systems are foundational and required by other

systems
They have the same training
10 points
Question 5
1. The backup admin is attempting to confirm that last night's
backup files are acceptable. How can this be
accomplished?
Open each file and view the contents
Open each file and compare the backup file to the production file
Ask each user to review their backup files
Run a checksum of the files to determine if they match production
without actually viewing the files
10 points
Question 6
1. A denial of service attack only affects web servers.
True
False
10 points
Question 7
1. Quality assurance and quality control ensure that systems
and services comply with accepted standards.
True
False
10 points
Question 8
1. Jim is the only person on the IT teams and
has admin access to all systems. What principle should be
implemented in Jim's office. (Choose the best answer)
Hire more employees and implement Separation of duties
Job rotation
Need to know
Least priviledge
10 points
Question 9
1. Separation of duties, job rotation, and mandatory vacation
seek to reduce:
overworked employees
too much employee salary
collusion and fraud
burnout
10 points
Question 10
1. Mitigating malicious code at the network level is best done
by:
a switch
a router
a firewall or unified threat management appliance
a gateway
10 points
Save and Submit
answers.
Save and Submit
Quick Links
Logout

Home
2.
Content
3.
Week 10
4.
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
Force Completion


Save and Submit
Question 1
1. This type of seasoned attacker is malicious in nature and
usually commits illegal acts.
White Hat
Black Hat
Grey Hat
Script Kiddie
10 points
Question 2
1. This type of attacker is a moderately skilled
but amateur cyberattacker who can wreak havoc on
systems.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 3
1. This type of attacker mostly attempts to perform
appropriate actions but does not always follow ethical
guidelines.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 4
1. This type of attacker follows ethical protocols and stays
within the scope of a project to determine whether or not
an organization can be attacked and how.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 5
1. SMTP port number:
80
443
25
53
10 points
Question 6
1. DNS port number:
80
53
443
22
10 points
Question 7
1. Secure web traffic (HTTPS) port number:
443
80
53
25
10 points
Question 8
1. The step in the Pen Testing process where the hacker

actually attempts to interact with the system is:
Discovery
Exploitation
Reporting
Enumeration
10 points
Question 9
1. Putting a username in a password is easier to remember
and therefore proper password protocol.
True
False
10 points
Question 10
1. Jimmy has been hired by ABC Corp. to perform
a penetration test. During the discovery phase, Jimmy
notices a high risk system that has several vulnerabilities.
However, that system is out of the scope of the project.
What should Jimmy do?
Test the vulnerable system and provide the results to management.
Make a post online about the vulnerable system.
Immediately notify management of the vulnerable system but take no
further actions.
Take no action.
10 points
Save and Submit
answers.
Save and Submit
Quick Links
Logout

Home
6.
Content
7.
Week 10
8.
Home Page
Information
My Instructor
Twitter Feed
Content
Discussions
Communicate
Course Messages
My Grades
Calendar
Library Resources
Groups
Tools
Help
Test Information
Description
Instructions
Multiple Attempts
Force Completion


Save and Submit
Question 1
2. This type of seasoned attacker is malicious in nature and
usually commits illegal acts.
White Hat
Black Hat
Grey Hat
Script Kiddie
10 points
Question 2
2. This type of attacker is a moderately skilled
but amateur cyberattacker who can wreak havoc on
systems.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 3
2. This type of attacker mostly attempts to perform
appropriate actions but does not always follow ethical
guidelines.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 4
2. This type of attacker follows ethical protocols and stays
within the scope of a project to determine whether or not
an organization can be attacked and how.
White Hat
Black Hat
Gray Hat
Script Kiddie
10 points
Question 5
2. SMTP port number:
80
443
25
53
10 points
Question 6
2. DNS port number:
80
53
443
22
10 points
Question 7
2. Secure web traffic (HTTPS) port number:
443
80
53
25
10 points
Question 8
2. The step in the Pen Testing process where the hacker

actually attempts to interact with the system is:
Discovery
Exploitation
Reporting
Enumeration
10 points
Question 9
2. Putting a username in a password is easier to remember
and therefore proper password protocol.
True
False
10 points
Question 10
2. Jimmy has been hired by ABC Corp. to perform
a penetration test. During the discovery phase, Jimmy
notices a high risk system that has several vulnerabilities.
However, that system is out of the scope of the project.
What should Jimmy do?
Test the vulnerable system and provide the results to management.
Make a post online about the vulnerable system.
Immediately notify management of the vulnerable system but take no
further actions.
Take no action.
10 points
Save and Submit
answers.
Save and Submit
Save and Submit
Question 1
1.
Which backup type has a fast restore time and processes a backup
for all data changed since the last full backup?
Full
Incremental
Differential
Mirror
2 points
1.
Question 2
Which of the following represent the three fundamental components
of an alarm?
Housing, whistle, and light
Sensor, control and communication, and enunciator
Strobe, bell, and air horn
Pull box, control box, and signal horn
2 points
Question 3
1.
Which of the following situations best illustrates the process of
authentication?
A Web site sets users passwords to expire every 90 days
Using an electronic signature on official documentation
When an application sets a limit on the amount of payment a user
can approve
When a service is made unavailable to a user due to a server crash
2 points
Question 4
1.
Which RAID level provides mirroring and requires at two drives?
1
3
4
5
2 points
1.
Question 5
Which RAID level provides no redundancy or failure protection and is
employs only striping?
6
5
1
0
2 points
1.
Question 6
Of these security card types, which is the least secure and oldest
method?
Magnetic stripe
Proximity Card
Smart Card
Credit Card
2 points
Question 7
1.
Which backup type provides the quickest restore time but the
slowest backup time?
Full
Incremental
Differential
Mirror
2 points
1.
Question 8
The most senior leader responsible for managing an organizations
risks is the chief privacy officer (CPO). Which of the following is not one of
the responsibilities of the CPO?
The CPO is responsible for keeping up with privacy laws.
The CPO also needs to understand how the laws impact business.
The CPO must be a lawyer.
The CPO must work closely with a technology team to create strong
security policies.
2 points
Question 9
1.
A firewall can be an example of a preventative control.
True
False
2 points
Question 10
1.
Data mirroring is the process of reflecting data in order to increase
disk access speeds.
True
False
2 points
1.
Question 11
Which of the following items do HVAC systems not control?
Temperature
Humidity
Air pollution and contamination
Power protection
2 points
Question 12
1.
In order to have a successful backup plan, backups must be tested
regularly.
True
False
2 points
1.
Question 13
Intrusion Detection Systems (IDS) are designed to alert the admin of
a potential issue but do not make any proactive changes to the system.
True
False
2 points
1.
Question 14
Availability ensures information is available to authorized users and
devices. Initially, the information owner must determine availability
requirements. The owner must determine who needs access to the data
and when.
True
False
2 points
1.
Question 15
An Intrusion Detection System (IDS) and Intrusion Prevention
System (IPS) function exactly the same but just have different terms
associated to them.
True
False
2 points
Question 16
1.
Which RAID level can survive two drive failures without the entire
RAID failing?
0
1
5
6
2 points
Question 17
1.
What fire classification would be the most likely culprit in
a datacenter fire?
A
B
C
D
2 points
1.
Question 18
___________________ is the act of protecting information and the
systems that store and process it.
Information systems security
Policy framework
Change management
Policy principles document
2 points
Question 19
1.
Correctly order the steps of a physical security system.
5.
Respond
1.
Deter
4.
Assess
3.
Detect
2.
Delay
2 points
Question 20
1.
Policies, which can be a process or a method for implementing a
solution, often become the measuring stick by which an organization is
evaluated for compliance.
True
False
2 points
Question 21
1.
Which of the following is an early smoke detection system based on

laser smoke detection?
VESDA
Simplex
Honeywell
First Alert
2 points
1.
Question 22
Locard's Exchange Principle states that "when a crime is committed,
the perpetrators leave something behind and take something with them".
True
False
2 points
1.
Question 23
CCTV stands for:
Circular Conduit TV
Closed Conduit TV
Circular Circuit TV
Closed Circuit TV
2 points
Question 24
1.
A(n) ___________________ is a confirmed event that compromises the
confidentiality, integrity, or availability of information.
breach
residual risk
operational deviation
threat
2 points
1.
Question 25
A SAN and a NAS are both types of network storage, but they
function on the network in completely different ways.
True
False
2 points
Question 26
1.
Integrity ensures that only authorized individuals are able to access
information.
True
False
2 points
Question 27
1.
In recent years, ___________________ has emerged as major
technology. It provides a way of buying software, infrastructure, and
platform services on someone elses network.
remote access domain
social networking
cloud computing
web graffiti
2 points
1.
Question 28
If human action is required, the control is considered _______________.
corrective
automated
manual
preventative
2 points
1.
Question 29
Which backup type only processes new or modified files and folders?
Full
Incremental
Differential
Mirror
2 points
1.
Question 30
An employee was recently terminated. After the termination, the
hard drive from their workstation was retrieved for archival purposes per
the security policy guidelines. The maximum archival time has now
elapsed and the drive should be destroyed. What is the most effective
way to destroy the data on the drive?
Degauss and physical destruction
Format using Windows format
Overwrite
Reuse the drive
2 points
1.
Question 31
Which RAID level employs block-level striping and distributed parity,
requires at least three disks, and can survive a single-disk failure.
0
4
5
6
2 points
1.
Question 32
Order the four stages of fire development.
2.
Visible smoke
1.
Incipient
4.
Heat
3.
Fast flaming
2 points
1.
Question 33
Backups can be an example of a corrective control when used for
restoration purposes.
True
False
2 points
Question 34
1.
An admin is assigned to review logs on a daily basis. This is an

example of a detective control.
True
False
2 points
1.
Question 35
RAID is important in small home/office computers but is not
employed in large corporate datacenters.
True
False
2 points
1.
Question 36
Which of the following drive types have no moving parts and
therefore have a longer mean time between failures?
Legacy hard drive
Spindle hard drive
Solid state hard drive
Super state hard drive
2 points
Question 37
1.
Authentication of a workstation and encryption of wireless traffic are
issues that belong to which of the following two domains?
LAN and WAN
workstation and LAN
LAN-WAN and remote access
workstation and WAN
2 points
Question 38
1.
Which of the following is not required for effective IDS managment.
Regular updates
Awareness
Technically knowledgeable staff
A list of all possible attacks
2 points
1.
Question 39
A policy defining security awareness training has recently been
drafted by your organization. What type of control does this respresent?
Physical
Administrative/Procedural
Technical
Backup
2 points
Question 40
1.
A UPS is designed to provide clean and steady power to electronic
equipment.
True
False
2 points
Question 41
1.
Your team is in charge of implementing and maintaining a network
firewall. What type of control does the firewall represent?
Physical
Technical
Backup
2 points
Question 42
1.
Degaussing requires a high strength magnetic field.
True
False
2 points
Question 43
1.
Data exists generally in one of two states: data at rest, such as on a
backup tape, or data in transit, such as when traveling across a network.
True
False
2 points
Question 44
1.
Match the fire classification letter to the fire type.
A A. Cooking Media
edcba
B. Combustible Metals
B
C. Common Combustibles
C D. Flammable Liquids and Gases
E. Live Electrical Equipment
D
2 points
Question 45
1.
After many years of service, your organizations HR director has retired. Since
the director's machine was newly purchased, that machine is going to be reallocated
to another staff member and the new director will receive a new machine. As a
security admin, you are not aware of the transfer and no procedures are completed
on the computer before the transfer. Which security standard has been violated?
Recoverability
Intrusion prevention
Object reuse and/or contamination
Acceptable use policy
2 points
Question 46
1.
Which security card type employs a small radio transmitter to
transfer a signal to a nearby reader?
Magnetic Stripe
Proximity Card
Smart Card
Credit Card
2 points
1.
Question 47
The _______________ domain refers to any endpoint device used by
end users, which includes but is not limited to mean any smart device in
the end users physical possession and any device accessed by the end
user, such as a smartphone, laptop, workstation, or mobile device
workstation
user
remote access
system/application
2 points
Question 48
1.
You are in charge of a mission-critical data center. As part of your
checklist, you ensure that backup generators have enough fuel to meet
standards. How many hours of fuel should the generator have at
minimum?
12 hours
18 hours
24 hours
48 hours
2 points
Question 49
1.
A door lock is damaged and in need of repair. What type of control
does the door lock represent?
Physical
Technical
Backup
2 points
Question 50
1.
A vulnerability is a human-caused or natural event that could impact
the system, whereas a risk is a weakness in a system that can be
exploited.
True
False
2 points
Save and Submit
answers.

Oper Sec Quizzes

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Oper Sec Quizzes

Enviado por

Direitos autorais:

Formatos disponíveis

Quick Links

Surya Kiran Mannava6

Take Test: Lecture 6 Quiz

Selected Coordinates 345, 226 Clear

1. Redundancy is the fabric of a Fiber Channel SAN is

Surya Kiran Mannava30

Take Test: Lecture 7 Quiz

Heating, Volume, and Air Controls

C. Flammable Liquids and Gases

Surya Kiran Mannava18

Take Test: Lecture 9 Quiz

steal Dr. Doe's administrative credentials to the financial

give the admin weekly security magazines

Surya Kiran Mannava41

Take Test: Lecture 11 Quiz

This test allows multiple attempts.

Question Completion Status:

Their respective systems are foundational and required by other

Surya Kiran Mannava28

Take Test: Lecture 10 Quiz

This test allows multiple attempts.

Question Completion Status:

1. The step in the Pen Testing process where the hacker

Surya Kiran Mannava28

Take Test: Lecture 10 Quiz

This test allows multiple attempts.

Question Completion Status:

2. The step in the Pen Testing process where the hacker

Save and Submit

Which of the following is an early smoke detection system based on

An admin is assigned to review logs on a daily basis. This is an

Você também pode gostar