Cloud Security Introduction +1100 Questions-Answers-Explanations

Cloud Security Introduction
QUESTION 1
Where does the term cloud come from?
A. Environmental threats
B. Exposed networks
C. Network diagrams
D. Legacy term for SOA
Correct Answer: C
Explanation
The cloud is a symbol used to represent the Internet in network diagrams, adopted to represent a “location”
for cloud services.
QUESTION 2
What characteristic of cloud computing reduces administrative costs?
A. Self-service or automated resource management
B. Placing the cloud data center farther away from local administrators
C. Limitation of platform/application development selection (in PaaS environments)
D. Paying only for resources actually consumed
Correct Answer: A
Explanation
Self-serve management of resource allocation reduces IT administrative overhead, while automated

resource allocation reduces administrative overhead for business and IT operations.
QUESTION 3
True or false? Cloud computing is the same as virtualized computing.
A. True
B. False
Correct Answer: B
Explanation
Although cloud computing utilized virtualization extensively, virtual hosting services predate cloud
computing solutions and lack the flexibility of resource assignment possible in the cloud.
QUESTION 4
Which type of client lacks storage for applications?
A. Thick
B. Thin
C. Mobile
D. Remote
Correct Answer: B
Explanation
A thin client system does not have a hard drive or flash drive for storage, so it relies on remote applications
to operate.
QUESTION 5
What characteristic of cloud computing reduces data center costs?
A. Using energy-efficient technologies in cloud data centers
B. Flexibility and sustainability of cloud service models
C. Allowing services to be automatically migrated between data center locations as required
D. Remote availability for mobile devices
Correct Answer: B
Explanation
Flexible resource assignment allows the cloud service provider to share resources across multiple
customers, reducing active server count, power load, and cooling requirements. The sustainable nature of
cloud services includes the mobility of data and service operations as well as the potential for green cooling
options.
QUESTION 6
Which fundamental technology provides cloud computing with its ability to split up processes across
multiple resource pools?
A. Distributed application design
B. Resource management Automation
C. Virtualized computing
D. High-performance computing
Correct Answer: A
Explanation
Cloud computing allows flexibility in applications by including XML technologies for distributed application
design and high-performance computing models.
QUESTION 7
What is another term for a flexible pool of computing resources available to network clients and managed
by self-service on-demand automated tools?
A. Server virtualization
B. High-performance computing
C. Cloud computing
D. Server consolidation
Correct Answer: C
Explanation
Cloud computing is a flexible self-service and network-accessible pool of computing resources; it is rapidly
transforming the modern enterprise network environment by moving on-premises services to remote cloud
service providers.
QUESTION 8
True or false? Cloud computing is inherently an ecologically green technology.
A. True
B. False
Correct Answer: B
Explanation
Although cloud computing can provide opportunities for reduced environmental impact through transparent
migration to optimal locations and by leveraging economies of scale, it still relies on the same basic
components found in a traditional data center.
QUESTION 9
When a service has been migrated into the cloud, where is it really located?
A. In the local data center
B. In a partner organization’s data center
C. At a service provider’s virtualized data center
D. Almost anywhere
Correct Answer: D
Explanation
Being “in the cloud” means only that a service, application, or other component of technology infrastructure
is being supported within a cloud computing flexible resource pool environment. There is no specific
location that can be pointed to as “the cloud” in general.
QUESTION 10
What is the term used in system virtualization to reflect more than one operating system or instance running
on a single host server?
A. Heterogeneous servers
B. Homogeneous servers
C. Multitenancy
D. Colocation
Correct Answer: C
Explanation
System virtualization allows a single powerful host computer’s resources to support multiple virtualized
machines at once, allowing full utilization of available resources and reduced power consumption needed
during “idle” times.
QUESTION 11
What type of cloud model would enable cloud bursting?
A. Private
B. Public
C. Community
D. Hybrid
Correct Answer: D
Explanation
Cloud-bursting supports private cloud capacity overruns by failing over to public cloud resources in a
compatible hybrid cloud configuration.
QUESTION 12
Which example of new cloud computing roles will focus more on financial matters than on technical ones?
A. Vendor management staff
B. Support desk staff
C. Cloud architect
D. Cloud service manager
Correct Answer: D
Explanation
The cloud service manager will be responsible for financial management, including pricing, service levels,
and service classes that will factor into cloud hosting contracts and billing policies.
QUESTION 13
True or false? Adoption of public cloud services requires an organization to first implement server
virtualization and private and hybrid clouds.
A. True
B. False
Correct Answer: B
Explanation
Although the spectrum of virtualization begins with the transfer of traditional servers to virtualized hosting in
the data center and ends with the fully virtualized public cloud, organizations can take advantage of any
level of virtualization without any of the others. This spectrum presentation is merely a mechanism for
aligning the various types of virtualized computing.
QUESTION 14
At what IT infrastructural level are server costs capital expenses rather than operational?
A. Traditional
B. Private cloud
C. Hybrid cloud
D. Public cloud
Correct Answer: A
Explanation
The traditional data center’s server costs tend to be capital expenses because the burden for change and
update lies solely with the organization.
QUESTION 15
Which type of cloud computing definitely involves resources in the organization’s own data center?
A. Public
B. Private
C. Community
D. Hybrid
Correct Answer: B
Explanation
Private clouds are constructed atop local data center resources. Hybrid clouds can blend two or more cloud
types including public, private, or other hybrid clouds, while community clouds might be located in one
community member’s data center but would be remote for all other members.
QUESTION 16
Which type of cloud is not specified expressly by NIST?
A. Private
B. Community
C. Partitioned public
D. Public
Correct Answer: C
Explanation
NIST specifies the four types of clouds as public, hybrid, private, and community. Community clouds
operate as private for the related community of organizations or as a secured partition of a public cloud for
all others. A partitioned public cloud is an example of a community cloud that does not reside within the
data center of any of the partner consuming organizations.
QUESTION 17
Which model of cloud computing best mirrors the current electrical utility grid?
A. Community
B. Private
C. Public
D. Hybrid
Correct Answer: C
Explanation
Like the current distributed electrical power grid, public clouds provide resources to clients based on utility
and consumption. Costs are operational for planning and vary based on level of use.
QUESTION 18
Which type of cloud is often used when external mandates require a high degree of data governance?
A. Private
B. Community
C. Partitioned public
D. Public
Correct Answer: A
Explanation
Because a private cloud resides on resources controlled or managed by an organization, it is preferable to

other forms of clouds when accountability for data access, location, and other factors are mandated, such
as in the case of Health Insurance Portability and Accountability Act (HIPPA) or Sarbanes-Oxley data
control requirements.
QUESTION 19
Which type of cloud allows an organization to share its local cloud services with its partners?
A. Private
B. Community
C. Public
D. Hybrid
Correct Answer: B
Explanation
A community cloud may be resident on one organization’s data center resources but shared with partner
organizations as a remote community cloud service. Community clouds may also reside outside of all
organizational cloud hosting and be accessed remotely by all partners in the community, as in the case of a
partitioned public community cloud service.
QUESTION 20
An organization that blends Google Docs forms and Microsoft’s Azure services for data collection and
management is using what type of cloud deployment?
A. Private
B. Community
C. Public
D. Hybrid
Correct Answer: D
Explanation
Although both Google Docs and Microsoft’s Azure platform are individually examples of public clouds,
integration between these services would be considered a public/public hybrid solution.
QUESTION 21
What type of cloud service is the most common?
A. SaaS
B. PaaS
C. IaaS
D. XaaS
Correct Answer: A
Explanation
Because Software as a Service cloud applications are entirely controlled by their provider, this type of cloud
service is the most common and numerous today.
QUESTION 22
True or false? Vendor lock-in concerns relate only to PaaS cloud implementations.
A. True
B. False
Correct Answer: B
Explanation
Although the proprietary language options available to a particular PaaS development environment present
the most obvious form of vendor lock-in potential, standards do not yet exist across all SaaS or even all
IaaS providers’ options, leading to some concerns that an early move into the cloud could create additional
costs later for switching to an alternate service.
QUESTION 23
Which level of management is provided by all cloud service providers, whether their products are Saas,
PaaS, or IaaS?
A. Infrastructure
B. Databases
C. Applications
D. Service-oriented architecture
Correct Answer: A
Explanation
The cloud service provider manages resource allocation provisioned for its customers using a subscription
or utility-like fee schedule across all types of cloud services. Consumers of SaaS cloud services do not
need to interact directly with the platform or infrastructure itself, allowing the provider to manage updates
and patches behind the scenes. PaaS consumers similarly do not need to know the infrastructural
components behind their application development environment, and even IaaS consumers do not need to
worry about the hardware-level support tasks anymore.
QUESTION 24
Which category of “as a Service” models is not specifically identified by NIST?
A. Software as a Service
B. Platform as a Service
C. Infrastructure as a Service
D. Hardware as a Service
E. Everything as a Service
Correct Answer: E
Explanation
NIST defines cloud computing service models for applications (SaaS), platforms (PaaS), and
infrastructures (IaaS). Hardware as a Service is just an alternate way to refer to IaaS. Everything as a
Service (XaaS) is simply a general term reflecting the evolution of traditional data center models into
integrated flexible and adaptable alternatives integrating elements of cloud computing. Industry giants like
Google, HP, and Microsoft are starting to use the XaaS designation, but it does not align to a formal
category of cloud services.
QUESTION 25
Which level of the cloud service model pyramid allows the greatest flexibility for application development?
Correct Answer: C
Explanation
SaaS options offer almost no application development, while PaaS application development is tied to a
provider’s selection of available languages—sometimes even using proprietary versions of common
languages to lock clients into their services. IaaS allows the greatest flexibility because an organization can
deploy its own resources from the operating system up.
QUESTION 26
True or false? Application life cycle management in the cloud is slightly more complex than in traditional
development models due to the addition of remote resources.
A. True
B. False
Correct Answer: B
Explanation
Because the organization is no longer involved in acquisition, installation, and maintenance upgrades,
software management life cycles can be shortened and costs reduced through cloud service integration.
QUESTION 27
What is the term used to reflect the division of a database into smaller data sets for analysis and
processing within the cloud?
A. Database profiling
B. Minimizing
C. Sharding
D. Subsetting
Correct Answer: C
Explanation
Borrowing from cloud computing’s distributed computing origins, very large or complex databases can be
broken up, or sharded, for simultaneous processing across multiple cloud resource pools.
Sharding
Cloud-based database services can break up a large data set into a number of sub–data sets to be
distributed across hosting servers to improve performance and data throughput for very large business
applications. MongoDB, for example, is used to manage high-volume transaction databases for SAP’s
content management service, EA’s game download manager, and the New York Times’s story submission
application. Scaling resources to meet such demands for submission rates in traditional application models
would have required specialized and costly high-performance computing solutions for transaction load
balancing and high data throughput.
Database Profiling
The potential for unanticipated or undesirable data modifi cation increases with the volume of processed
data, requiring database and data analysis to support the integrity aspect of data security. Some DBaaS
cloud services such as MondoDB have a built-in database profi ling tool that can review big data data sets
and data to identify predictable issues that may arise so that application design alternatives can be
developed.
QUESTION 28
Which NIST “as a Service” model is best suited to full customization for an organization’s services?
D. Everything as a Service
Correct Answer: C
Explanation
Of the three NIST models, IaaS allows the greatest flexibility from the operating system up.
QUESTION 29
At what NIST “as a Service” model level is the current concern of vendor/proprietary lockin greatest for
custom applications developed for the cloud?
D. Everything as a Service
Correct Answer: B
Explanation
Of the three NIST models, PaaS presents the greatest limitation on cloud application design that could lead
to an organization’s “lock in” to a particular cloud vendor’s services. Each vendor’s PaaS services (such as
Google Apps, Microsoft Azure, and Amazon Elastic Cloud) offer a limited spectrum of application
development languages, often involving proprietary variations even when using standard language bases.
Movement to another cloud service provider will involve rewriting many application functions or applications
in their entirety.
QUESTION 30
True or false? All cloud services fall into only one of the NIST models: SaaS, PaaS, IaaS.
A. True
B. False
Correct Answer: B
Explanation
Although most cloud “as a Service” products can be aligned within the NIST definitions, many cloud
services blend varying levels of the NIST models. The common Dropbox service, for example, includes
both SaaS (web client for accessing files) and IaaS (cloud file storage) elements into its particular product.
QUESTION 31
What type of cloud service is the most common?
A. SaaS
B. PaaS
C. IaaS
D. XaaS
Correct Answer: A
Explanation
Because SaaS cloud applications are entirely controlled by their provider, this type of cloud service is the
most common and numerous today.
QUESTION 32
True or false? Vendor lock-in concerns relate only to Platform as a Service cloud implementations.
A. True
B. False
Correct Answer: B
Explanation
Although the proprietary language options available to a particular PaaS development environment present
the most obvious form of vendor lock-in potential, standards do not yet exist across all SaaS or even all
IaaS providers’ options, leading to some concerns that an early move into the cloud could create additional
costs later for switching to an alternate service.
QUESTION 33
Which of the following does not describe the relationship between mobile computing and cloud computing?
A. Mobile devices serve as data input and presentation interfaces.
B. Data transmitted occupies the limited bandwidth available to mobile devices.
C. Cloud services provide functions that could overrun available resources on mobile devices if run locally.
D. Mobile devices must access cloud services using a mobile web browser.
Correct Answer: D
Explanation
Mobile devices are able to access cloud services not only through their web browsers but also through
applications loaded onto the devices.
QUESTION 34
Which category of “as a Service” models is not specifically identified by NIST?
E. Everything as a Service
Correct Answer: E
Explanation
NIST defines cloud computing service models for applications (SaaS), platforms (PaaS), and
infrastructures (IaaS). Hardware as a Service is just an alternate way to refer to IaaS. Everything as a
Service (XaaS) is simply a general term reflecting the evolution of traditional data center models into
integrated flexible and adaptable alternatives integrating elements of cloud computing. Industry giants like
Google, HP, and Microsoft are starting to use the XaaS designation, but it does not align to a formal
category of cloud services.
QUESTION 35
Which level of the cloud service model pyramid allows the greatest flexibility for application development?
A. IaaS
B. SaaS
C. PaaS
D. XaaS
Correct Answer: A
Explanation
SaaS options offer almost no application development, while PaaS application development is tied to a
provider’s selection of available languages—sometimes even using proprietary versions of common
languages to lock clients into its services. IaaS allows the greatest flexibility because an organization can
deploy its own resources from the operating system up.
QUESTION 36
True or false? Application life cycle management in the cloud is slightly more complex than in traditional
development models due to the addition of remote resources.
A. True
B. False
Correct Answer: B
Explanation
Because the organization is no longer involved in acquisition, the software management life cycles for
installation and maintenance upgrades can be shortened and costs reduced through cloud service
integration.
QUESTION 37
Which type of cloud service model allows the cloud-level hosting of organizational resources from the
operating system to the applications accessed within them?
A. PaaS
B. IaaS
C. Public cloud
D. Hybrid cloud
Correct Answer: B
Explanation
IaaS represents cloud resources provided at the lowest level—storage, databases, network
interconnections, and similar functions. This is the most flexible level of cloud service but requires the most
management and planning of the consuming organization. Platform as a Service represents cloud
resources provided at the development level for custom application development and hosting. Public and
hybrid clouds are deployment models, not service models.
QUESTION 38
The term Web Access Architecture refers to the organization of cloud functions against which model of
network communication?
A. TCP
B. HTTP
C. OSI
D. SMTP
Correct Answer: C
Explanation
Network communication is defined by the Open Systems Interconnection (OSI) model, in which data is
passed through a series of layers comprising similar communication functionality. Hypertext Transfer
Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) are high-level application protocols that run
over Transport Control Protocol (TCP), a low-level data delivery protocol.
QUESTION 39
What type of client system relies on server-based applications and services to take the place of locally
stored resources?
A. Thick client
B. Thin client
C. Desktop
D. Mobile device
Correct Answer: B
Explanation
In client/server architecture, thin clients are unable to perform their own processing and rely upon serverbased
applications and services. Thick clients, on the other hand, have enough processing and storage
resources to perform local processing. Desktops and mobile devices are examples of thin or thick clients.
QUESTION 40
All but which one of the following options are advantages of SaaS in the enterprise?
A. Application deployment and maintenance is performed by the cloud service provider.
B. Applications do not need to be installed on individual machines.
C. Data is aggregated across multiple individuals, sites, or organizations.
D. Customized and personalized applications can be developed.
Correct Answer: D
Explanation
The development of customized and personalized applications is a function of PaaS. With PaaS,
applications are developed, deployed, updated, and maintained by an organization’s own development
staff, as opposed to SaaS, in which the cloud service provider performs those functions. Aggregation of
data is generally considered to be a benefit of enterprise SaaS, while the ability to run applications without
them being installed on individual machines is an advantage of both enterprise and personal SaaS.
QUESTION 41
Physical computing hardware is an example of what type of expense?
A. Operating
B. Direct
C. Capital
D. Indirect
Correct Answer: C
Explanation
Computers, servers, and other physical devices are fixed assets and therefore, capital expenses. Operating
expenses are those associated with ordinary business operations. A cost is considered direct or indirect
based on whether it can be assigned to a single process, product, or service or to multiple ones, so more
information would be required for option B or option C to be correct.
QUESTION 42
Adding additional memory to a server is an example of what type of scalability?
A. Horizontal
B. Vertical
C. Diagonal
D. Load balancing
Correct Answer: B
Explanation
Vertical scaling, or scaling up, involves adding resources to a single node or host. Horizontal scaling, or
scaling out, involves adding additional nodes to a distributed system, while diagonal scaling is a
combination of the two. Load balancing is a process associated with scaling application services.
QUESTION 43
True or false? An organization should not be concerned with relying on a single vendor or proprietary
technology base.
A. True
B. False
Correct Answer: B
Explanation
This is referred to as vendor-lock in and can be problematic when the organization wants to switch to a
different cloud service provider.
additional infrastructure. Moving everything to the public cloud or trying to utilize a community cloud would
not align with the mandate of leveraging existing internal resources.
QUESTION 44
Which of the following is not a business driver for cloud computing?
A. Cost reduction
B. IT staff reduction
C. Strategic flexibility
D. Increasing capital expenses
Correct Answer: D
Explanation
Increasing capital expenses is not a business driver for cloud computing. Businesses looking to adopt cloud
computing are seeking to decrease capital expenses (e.g., hardware costs) by shifting the cost to
operations.
QUESTION 45
Which of the following terms refers to the ability to rapidly adapt to market changes?
A. Strategic flexibility
B. Organizational agility
C. Process transformation
D. Utility
Correct Answer: B
Explanation
Organizational agility is the ability to rapidly adapt to market changes. It is similar to strategic flexibility, but
strategic flexibility involves anticipating and preparing for uncertainty. Utility and process transformation are
levels of maturity identifying how an organization can leverage cloud services.
QUESTION 46
Decreased time to market is facilitated by which of the following cloud computing benefits?
A. Economies of scale
B. Pay-as-you-go billing
C. Mobility
D. Disaster recovery
Correct Answer: B
Explanation
Pay-as-you-go billing allows for rapid development without being limited by the cost of computing hardware
or being stalled by procurement times. Economies of scale is a tool for cost reduction. Mobility and
improved disaster recovery are cloud computing benefits, but they do not directly relate to time to market.
QUESTION 47
Which of the following is not an appropriate business reason for choosing a private cloud solution over a
public cloud solution?
A. Management directives to retain full control over hardware
B. Strict legal requirements for data protection and control
C. Significant IT investment already made by the organization
D. Limited Internet connectivity
Correct Answer: A
Explanation
Some managers prefer to “see” what they are paying for, even if it is otherwise unnecessary. A more
appropriate reason for keeping control over the hardware would be if it is required for legal or regulatory
compliance. Additionally, organizations that have significant IT investment, particularly recent investment,
may not be able to justify disposing of infrastructure, and sufficient Internet connectivity is required for
public cloud implementations.
QUESTION 48
True or false? Organizations with a workforce that is distributed geographically would not benefit from
public cloud services.
A. True
B. False
Correct Answer: B
Explanation
An organization with a geographically distributed workforce is an ideal candidate for using a public cloud
solution.
QUESTION 49
Which type of cloud would best be used by an organization that wants to leverage its existing IT
infrastructure but has occasional periods of high demand?
A. Public
B. Private
C. Hybrid
D. Community
Correct Answer: C
Explanation
A hybrid cloud is the best solution for organizations with appropriate infrastructure and compelling reasons
to implement a private cloud solution but that also have periods of high demand that make bursting into the
public cloud much more cost effective than purchasing
QUESTION 50
Which of the following tasks cannot be transferred to a cloud computing provider?
A. Software license management
B. Backups
C. Patch management
D. Ensuring compliance
Correct Answer: D
Explanation
Compliance is the responsibility of the organization, not the cloud service provider. Software license
management, backups, and patch management duties may all be transferred to a cloud service provider to
reduce administrative overhead.
QUESTION 51
When networks are architected for cloud services, which quality addresses the ability to expand to meet
variable data requirements?
A. Resiliency
B. Simplified management
C. Scalability
D. Throughput
Correct Answer: C
Explanation
Although throughput and resiliency address the ability to transport ever-larger volumes of data that must
remain available, scalability addresses the ability to expand both network and system resources to meet
expanding variable data consumption in a cloud service environment.
QUESTION 52
VXLAN provides virtual _______ layer connections across ________ layer networks?
A. Data-Link, Network
B. Physical, Data-Link
C. Transport, Physical
D. Network, Transport
Correct Answer: A
Explanation
Virtual Extensible Local Area Network (VXLAN) services provide virtual Layer 2 (Data-Link) network tunnels
between Layer 3 (Network) subnets.
QUESTION 53
Which factor contributes to network latency primarily because of oversubscription?
A. Congestion
B. Number of hops
C. Node count
D. Protocol latency
Correct Answer: A
Explanation
The primary cause of network congestion is oversubscription of devices on the network segment, which
depends on the number of devices and the bandwidth available to each.
QUESTION 54
Which capability of cloud service automation allows memory and processing power to be dynamically
assigned?
A. Provisioning policies
B. Data recovery
C. Resource limitation
D. Resource pooling
Correct Answer: D
Explanation
Resource pooling makes it possible for automated cloud provisioning systems to allow computing
resources such as storage, memory, network bandwidth, virtual servers, and processing power to be
assigned dynamically or upon request.
QUESTION 55
__________ cloud services can provide interconnections between cloud functioning, allowing multiple
clouds to be managed as a single cloud resource pool.
A. Hybrid
B. Federated
C. Layer 2
D. Layer 3
Correct Answer: B
Explanation
Federated cloud services can provide interconnections between clouds, allowing multiple clouds to be
managed as a single cloud resource pool in private/private, private/public, and public/public configurations.
QUESTION 56
Congestion occurs when devices begin to interfere with one another as they compete for available network
capacity and can be addressed by expanding the available bandwidth or ____________.
A. Selecting transport protocols with higher latency
B. Selecting transport protocols with lower latency
C. Reducing the number of hops between devices
D. Segmenting subnetworks to limit collisions
Correct Answer: D
Explanation
Network congestion can be addressed by expanding the available bandwidth (upgrading the network) or by
segmenting subnetworks to limit collisions between devices on the same subnet.
QUESTION 57
Which benefit of cloud automation eases Christmas data center support in particular, compared to
traditional data centers?
A. Hidden complexity
B. Standardization
C. Availability
D. Resource utilization
Correct Answer: C
Explanation
Availability in automated cloud self-service makes it possible to manage resource allocation and
provisioning even during off-hours, weekends, and holidays when the IT staff is otherwise engaged.
Concealing complexity from operators eases development and resource access at all times, so it would not
be associated with holidays in particular.
QUESTION 58
Which function of cloud storage gateways is intended to improve response time to data requests?
A. Backup
B. Caching
C. Compression
D. Encryption
Correct Answer: B
Explanation
The storage gateway can store regularly accessed data in its cache to improve response time in
comparison to repeated access against the original storage server.
QUESTION 59
Which of the following is not a definition for cloud interoperability?
A. The ability to move resources, such as applications, between service providers
B. The ability for services running in different clouds to access a common set of data or share information
C. The ability to arrange, organize, integrate, and manage multiple cloud services
D. The ability to use a common set of management tools with services from multiple providers
Correct Answer: C
Explanation
A cloud orchestration layer provides the ability to arrange, organize, integrate, and manage multiple cloud
services, facilitating cloud interoperability if it is not already present.
QUESTION 60
Which cloud standards body is focused on audit and security standards for cloud computing?
A. Cloud Security Alliance (CSA)
B. IEEE Standards Association (IEEE-SA)
C. National Institute of Standards and Technology (NIST)
D. Organization for the Advancement of Structured Information Standards (OASIS)
Correct Answer: A
Explanation
The Cloud Security Alliance (CSA) is a group that focuses on audit and security standards for cloud
computing.
QUESTION 61
Adopting cloud services will impact an organization’s financial management due to which of the following
changes?
A. Cost of technical support escalations
B. Changes in software licensing
C. Shifting technology from a capital to an operational expenditure
D. Both B and C
Correct Answer: D
Explanation
The cost of technical support escalations, although monetary, is an element of IT service management.
Changes in software licensing and the shifting of technology from CAPEX to OPEX are likely to require
significant changes to an organization’s budgeting process.
QUESTION 62
Which of the following is not an indicator of the organization’s ability to successfully adopt cloud services?
A. A successful pilot
B. A fully staffed help desk
C. Identification of regulatory requirements
D. Executive management support
Correct Answer: B
Explanation
A successful pilot indicates an organization’s readiness, and identification of regulatory requirements is

necessary to determine both the business needs and the appropriate service provider. Executive
management support, as well as that of key stakeholders, is necessary due to the changes in
organizational cultural, domain management, and business processes that will occur. A fully staffed help
desk may be of little consequence if help desk functionality is transferred to the cloud service provider.
QUESTION 63
What instrument identifies the roles and responsibilities of both the customer and the cloud service
provider?
A. Service-level objective
B. Web hosting agreement
C. Service-level agreement
D. Software license agreement
Correct Answer: C
Explanation
A service-level agreement (SLA) acts as an intermediary between the customer and the provider, and one
of its functions is to document the roles and responsibilities of both the customer and the provider so that
there are no surprises. A service-level objective is a quality of service measurement. Web hosting and
software license agreements are also contracts between customers and providers; however, they may not
contain all the necessary elements of an SLA.
QUESTION 64
What is the role of a cross-functional team representing all business elements of an organization in
determining readiness for cloud services?
A. To participate in the pilot program and identify areas of concern
B. To negotiate costs for services
C. To ensure that the SLA benefits the organization more than the provider
D. To manage the cultural change that will occur during and immediately after the transition
Correct Answer: A
Explanation
While personnel from multiple business units may participate in negotiation, review of the SLA, and
management of cultural change, a successful pilot program requires representatives from all business
elements in order to accurately identify potential issues.
QUESTION 65
Which of the following is not a critical success factor in selecting a cloud service provider?
A. The provider is able to provide the appropriate level of security for the organization’s data.
B. The provider’s offerings meet identified organizational requirements.
C. The provider uses open, Java-based standards.
D. The provider’s uptime meets the organization’s availability needs.
Correct Answer: C
Explanation
CompTIA and EXIN differ on vendor selection with regard to standards. EXIN does not indicate a
preference in technology (e.g., Java), while CompTIA does. As such, whether or not the provider uses
Java-based standards may not be a critical success factor, but the other options certainly are.
QUESTION 66
Of the following activities involved in cloud services adoption, which should be performed first?
A. Implement a pilot program.
B. Identify business processes and their dependencies.
C. Identify and compare vendors.
D. Identify the appropriate services and deployment models.
Correct Answer: B
Explanation
Prior to identification of services, deployment models, and vendors, the organization must identify its
business processes and their technical dependencies. After all this is done, the organization can implement
its pilot program.
QUESTION 67
With regard to an organization’s readiness to adopt cloud services, which of the following is not one of the
goals of a pilot program?
A. Identification of the type of service provider needed
B. Identification of problems with interoperability
C. To provide data to a cross-functional team for analysis
D. To test the implementation plan in a controlled environment
Correct Answer: A
Explanation
The type of service provider (Infrastructure, Software, or Platform as a Service) is a prerequisite for
embarking on a pilot program.
QUESTION 68
Which of the following SLA elements should be of high concern to an organization considering putting
mission-critical data or services in the cloud?
A. Services provided and excluded
B. Dispute resolution
C. Availability and performance requirements
D. Costs for services
Correct Answer: C
Explanation
Organizations considering using cloud services for mission-critical services or data should be very
concerned with both availability and performance because deficiencies in either could negatively impact
business. The other options are all standard elements of SLAs.
QUESTION 69
Prior to cloud services adoption, technical and business staff must work together to perform what action?
A. Identify business processes and their dependencies.
B. Determine changes to the organization’s infrastructure.
C. Determine the impact to business processes.
D. Both A and C.
Correct Answer: D
Explanation
It requires both business and technical staff to accurately identify business processes, their technological
dependencies, and the impact of change to both. The organization’s infrastructure, however, is generally
the domain of technical staff.
QUESTION 70
Cloud service opportunities should be identified based on what criteria?
A. Business needs
B. Regulatory requirements
C. Cost control
D. Security requirements
Correct Answer: A
Explanation
Any consideration of cloud service adoption should be based on business needs. Regulatory requirements,
security requirements, and cost control are all examples of specific business needs.
QUESTION 71
What are the three basic logical tiers of a distributed application? (Choose three.)
A. Presentation
B. Application
C. Network
D. Data
E. Internet
Correct Answer: ABD

Explanation
The three tiers of a distributed application are the presentation tier (user interface), application tier
(business logic), and data tier (data storage).
QUESTION 72
What is the main limitation of a desktop application?
A. Lack of manageability
B. Lack of reliability
C. Lack of security
D. Lack of scalability
Correct Answer: D
Explanation
Desktop applications can use all the power available in a desktop to allow for security, reliability and
manageability but cannot scale out to use other computers.
QUESTION 73
True or false? All distributed applications are web applications.
A. True
B. False
Correct Answer: B
Explanation
Distributed applications do not require the use of a web server and can have any type of user interface.
QUESTION 74
What are the main advantages of using a web-based distributed application?
(Choose two.)
A. Availability
B. Scalability
C. Security
D. Reliability
Correct Answer: AB
Explanation
You can make a web-based distributed application highly available by providing several web servers and
scalable by adding servers as needed based on usage. Security and reliability are no different than with a
regular distributed application, although some people might argue that you can easily enable SSL to encrypt
data transmission in a web application yet the same can be used for a regular distributed application.
QUESTION 75
Which of the following is a design pattern of cloud-based applications?
A. Predictable volume
B. Constant processing
C. Unpredictable burst
D. Big data
Correct Answer: C
Explanation
The four design patterns of cloud-based applications are predictable burst; unpredictable burst; start small,
grow fast; and periodic processing.
QUESTION 76
What type of application design is preferable for a cloud-based application?
A. A design that uses stateful objects
B. A design that uses stateless objects
C. A design that uses in-memory state management
D. A design that uses client-based state management
Correct Answer: B
Explanation
Stateful objects should be avoided at all times because calls from the client can reach different servers at
any time, and code should be optimized for multicore use.
QUESTION 77
Which of the following is an advantage of migrating an application to an IaaS provider?
A. No operating system maintenance
B. Lower cost than PaaS
C. Minimal code change
D. Lower cost than SaaS
Correct Answer: C
Explanation
IaaS offerings are the most expensive of the three main XaaS offerings and require the customer to handle
operating system maintenance. However, they allow for minimal changes to the existing code because you
are basically moving your servers to a virtualized cloud environment.
QUESTION 78
Which of the following is not a risk associated with cloud-based applications?
A. Vendor lock-in
B. Reliability
C. Security
D. Lack of development tools
Correct Answer: D
Explanation
Although some cloud service providers provide only proprietary development tools, most providers allow the
use of commonly used tools such as Visual Studio and programming languages such as C# and Java.
QUESTION 79
True or false? Big data applications are perfect candidates for cloud-based applications.
A. True
B. False
Correct Answer: B
Explanation
Big data applications are I/O bound, which may result in large costs for transferring data over the Internet.
QUESTION 80
Which of the following risks leads to an increased cost for running a cloud-based
application?
A. Security compliance
B. IT organizational changes
C. DDOS attacks
D. Cloud service maturity
Correct Answer: C
Explanation
DDOS attacks can cause new instances of a presentation layer server to be added automatically,
increasing the compute cost of the application.
QUESTION 81
What does a service-level agreement guarantee?
A. Service availability
B. Service security
C. Service interoperability
D. Service support
Correct Answer: A
Explanation
A service-level agreement specifies how frequently a service is available for use. This is usually a
percentage value, like 99.9%, which specifies that the service is down for no more than 8.76 hours a year
for a service expected to run 24 hours a day every day of the year.
QUESTION 82
Which of the following are important factors that must be negotiated with a SaaS vendor? (Choose all that
apply.)
A. Contract renewals
B. Data ownership
C. Programming language
D. Server operating system
Correct Answer: AB
Explanation
SaaS vendors tend to have an automatic contract renewal clause and policies on data ownership and
deletion. It is necessary to understand and negotiate those with vendors. The programming language used
by a SaaS vendor cannot be changed by a customer because the SaaS vendor owns the application and
develops its code; the same goes for the operating system running on the servers.
QUESTION 83
Which is the following services requires a broader capacity of technical skills owned by the organization
contracting a cloud service vendor?
A. SaaS
B. PaaS
C. IaaS
Correct Answer: C
Explanation
When using an IaaS vendor, the customer is responsible for managing everything on the virtual servers,
from the operating system to the application.
QUESTION 84
Which of the following organizational skills are important skills to have when moving applications to the
cloud? (Choose all that apply.)
A. Vendor management
B. Desktop security
C. Data integration
D. Customer management
Correct Answer: AC
Explanation
Cloud service vendors must be managed closely since the daily operations of the organization now relies
on the availability of services provided by the vendor. Integration of data maintained on premises and on the
cloud is needed to provide a more accurate picture of the business and facilitate business decisions.
Desktop security does not affect cloud services because data is stored and changed in the cloud. Customer
management does not affect cloud systems.
QUESTION 85
What application can be used to move a service from an on-premises test environment to the public cloud
in a hybrid cloud environment using Microsoft System Center and Azure?
A. Operations Manager
B. Configuration Manager
C. AppController
D. Virtual Machine Manager
Correct Answer: C
Explanation
AppController can be used to manage and create services on a private or public cloud using Microsoft
System Center and Azure.
QUESTION 86
Which of the following are important factors to consider when transitioning from an on-premises application
to a SaaS application? (Choose all that apply.)
A. Internet bandwidth
B. Processor architecture
C. WAN design
D. Programming language
Correct Answer: AC
Explanation
Internet bandwidth is the main factor that must be taken into account when moving to a SaaS model
because all calls that used to be made to an on-premises application are now directed to the Internet.
Because connectivity to the Internet is required, the WAN design of the organization must be looked into to
ensure that remote offices have the necessary connectivity to run the SaaS applications.
QUESTION 87
Which of the following elements must be defined to ensure that an organization is well prepared for incident
management for cloud-based services? (Choose all that apply.)
A. Service description
B. Service-level agreement
C. Support agreement
D. Contract renewal agreement
Correct Answer: ABC

Explanation
A service description details what is offered by the vendor, a service-level agreement specifies the
availability of the service offered, and the support agreement details how incidents are handled by the
vendor.
QUESTION 88
True or false? An organization contracting a vendor to provide a SaaS application must have the necessary
technical skills to maintain and operate the application being hosted on the cloud.
A. True
B. False
Correct Answer: B
Explanation
SaaS vendors are responsible for code maintenance and operation of applications they host.
QUESTION 89
True or false? An organization contracting a vendor to provide IaaS on a public cloud is responsible for
maintaining the operating system used by the virtual machines hosted in the IaaS environment.
A. True
B. False
Correct Answer: A
Explanation
IaaS is viewed as hardware as a service. The vendor manages the connectivity and storage but not the
individual virtual machines.
QUESTION 90
True or false? An organization contracting a vendor to provide PaaS on a public cloud is responsible for
deciding what programming language to use when developing cloud-based applications.
A. True
B. False
Correct Answer: B
Explanation
PaaS vendors have a predefined set of programming languages that can be used in their platform.
QUESTION 91
True or false? ITIL is a collections of tools used to manage an IT infrastructure.
A. True
B. False
Correct Answer: B
Explanation
ITIL is a collection of best practices on how to manage an IT infrastructure. The best practices prescribed
by ITIL are technology agnostic.
QUESTION 92
What are the five volumes in ITIL? (Choose five.)
A. Service Design
B. Service Development
C. Service Strategy
D. Service Transition
E. Service Operation
F. Service Analysis
G. Continual Process Improvement
Correct Answer: ACDEG

Explanation
ITIL is composed of five distinguished volumes: Service Design, Service Strategy, Service Transition,
Service Operation, and Continual Process Improvement.
QUESTION 93
Which ITIL volume provides guidance on the deployment of services into a production environment?
A. Service Strategy
B. Service Design
C. Service Transition
D. Service Operation
Correct Answer: C
Explanation
ITIL Service Transition provides guidance on the deployment of services required by an organization into a
production environment.
QUESTION 94
Which ITIL volume provides guidance on incident and problem management?
A. Service Strategy
B. Service Design
C. Service Transition
D. Service Operation
Correct Answer: D
Explanation
ITIL Service Operation provides guidance on achieving the delivery of agreed levels of service to end users
and the organization, including event management, incident management, problem management, request
fulfillment, and access management.
QUESTION 95
What are some examples of utility value provided by a cloud-based service?
A. Access from anywhere
B. Higher availability
C. Better security
D. Business continuity
Correct Answer: A
Explanation
Utility includes functionality, increased performance, and the removal of constraints. For instance, a cloudbased
accounting service may provide the same functionality as an accounting service hosted on premises,
but it may also allow the user to work from any device connected to the Internet, removing the constraint of
connectivity to the corporate network and increasing performance by allowing the user to work even if the
corporate network is unavailable.
QUESTION 96
How do you calculate the overall availability of a service composed of two tiers, where each tier is 99.999%
available?
A. Multiply the availability values.
B. Average the availability values.
C. Subtract each value from 100%, add the results, and subtract that from 100%.
D. Add the values, subtract from 200%, and subtract that from 100%.
Correct Answer: A
Explanation
Availability values are similar to probabilities. It is probable that a five 9s service will be available 99.999%
of the time. To determine overall availability of independent events, you need to multiply the individual
probabilities. For instance, the probability of getting a 6 from rolling a die is 1/6, the probability of rolling a 6
twice in a row is 1/6 × 1/6, or 1/36.
QUESTION 97
Which of the following elements should be monitored by a consumer of a SaaS service?
A. Network fabric
B. Storage fabric
C. Services on VMs
D. Connectivity to service
Correct Answer: D
Explanation
SaaS consumers do not have access to the underlying platform. They can only, and should always, monitor
access to the services being consumed.
QUESTION 98
Which of the following elements should be monitored by a consumer of a PaaS service?
A. Network fabric
B. Storage fabric
C. Virtualization hosts
D. Services on a VM
Correct Answer: C
Explanation
PaaS consumers do not have access to the underlying fabric of a cloud solution, but they are responsible
for developing and deploying services to the VM. They can, and should, monitor these services.
QUESTION 99
True or false? A watcher node is responsible for measuring application performance of a cloud service.
A. True
B. False
Correct Answer: A
Explanation
A watcher node is a computer located at a user facility that connects to a service and performs operations
to measure response time and connectivity to the service.
QUESTION 100
What are synthetic transactions?
A. Database transactions
B. File system transactions
C. Operations that mimic user interaction with a service
D. Operations that mimic a cloud service
Correct Answer: C
Explanation
A synthetic transaction is a set of prerecorded operations that mimic how a user operates a given service.
Synthetic transactions are used to verify if a service is available from a specific location and the
performance of said service.
QUESTION 101
Which of the following is not an appropriate mitigation to protect against malicious insiders?
A. Employee background checks
B. Security policies
C. Timely installation of security patches
D. Logging
Correct Answer: C
Explanation
While timely installation of security patches is a security control, it does not apply to malicious insiders.
Employee background checks, strong security policies, and logging employee actions are appropriate
mitigations because they reduce the risk of malicious employees being hired, limit the access they may
have to customer data, and provide an audit trail to aid in incident response.
QUESTION 102
Which security measures can be used to secure communications between cloud services and end users?
A. VPN
B. SSL
C. Firewall
D. Both A and B.
Correct Answer: D
Explanation
Firewalls manage network traffic but do not, on their own, secure communications. Virtual private
networking (VPN) creates a private network over an intermediate network such as the Internet through
tunneling, isolating communications. Secure Sockets Layer (SSL) is a type of encryption used to secure
web communications.
QUESTION 103
True or false? There are no significant security benefits to using cloud services.
A. True
B. False
Correct Answer: B
Explanation
Although there are numerous risks, there are also significant benefits related to scale. Cloud service
providers often take advantages of economy of scale to provide security services many organizations would
be unlikely to afford on their own.
QUESTION 104
Regarding information security management systems, in what phase of the Plan-Do-Check-Act cycle does
metrics analysis occur?
A. Plan
B. Do
C. Check
D. Act
Correct Answer: C
Explanation
Metrics analysis is part of the Check phase, in which the ISMS is evaluated for effectiveness.
Metrics are identified in the Plan phase and implemented in the Do phase.
Changes to metrics are made in the Act phase.
QUESTION 105
Encryption is not an appropriate mitigation technique for which of the following security risks?
A. Unauthorized access to confidential data
B. Loss of organizational control
C. Clear-text password transmission
D. Weak data destruction processes
Correct Answer: B
Explanation
Loss of organizational control is a problem when an organization is unable to properly manage risk due to
unknown exposure. This risk is mitigated by clearly defining security responsibilities and requirements in the
service-level agreement (SLA). Encryption is an appropriate mitigation technique against the risk of
unauthorized access to confidential data and weak data destruction procedures because even if
unauthorized individuals did gain access to encrypted files, they would be unreadable without the key (or a
great deal of computing power to dedicate to breaking the encryption). Encryption also protects against the
danger of password compromise in transmission.
QUESTION 106
Which of the following is not an appropriate mitigation technique against data exposure?
A. Audit
B. Recovery
C. Data isolation
D. Encryption
Correct Answer: B
Explanation
Recovery is part of incident management and takes place after a security incident has occurred, such as
restoring from backup after data loss. It does not prevent data exposure from occurring.
An audit can be used to test whether or not appropriate controls are in place. Data isolation reduces the risk
of data exposure in a multitenant environment.
Encryption renders data unreadable without the appropriate key.
QUESTION 107
Which of the following does not impact data confidentiality?
A. Man-in-the-middle (MitM)
B. Cross-site scripting (XSS)
C. Denial of service (DoS)
D. Password theft
Correct Answer: C
Explanation
DoS is an attack against availability. MitM attacks involve eavesdropping on encrypted communications.
XSS involves injecting malicious code into hyperlinks with the goal of intercepting data.
Password theft leads to unauthorized access of confidential data.
QUESTION 108
True or false? If the cloud service provider has a strong information security management system (ISMS),
the customer does not have to have one as well.
A. True
B. False
Correct Answer: B
Explanation
A strong ISMS is necessary for both organizations and cloud service providers due to shared responsibility
for security management.
QUESTION 109
With regard to security, the service-level agreement should clearly outline ___________________.
A. The security management responsibilities of the cloud service provider
B. The security responsibilities of the customer
C. The provider’s security incident notification procedures
D. All of the above
Correct Answer: D
Explanation
Security management responsibilities of both the provider and the customer should be defined in the SLA to
ensure that proper controls are applied and monitored. The provider’s security incident notification
procedures should be defined in the SLA to ensure that they meet the business needs and regulatory
requirements of the customer.
QUESTION 110
Risk is a factor of ___________________.
A. Threats and vulnerabilities
B. Probability and impact
C. Vulnerabilities and exploits
D. Probability and vulnerability
Correct Answer: B
Explanation
Risk is a factor of probability (likelihood) and impact (loss)—specifically, the probability that a particular
incident will occur and the impact to the business when that happens. Threats, vulnerabilities, and
successful exploits have the potential to negatively impact an organization but do not in and of themselves
define risk.
QUESTION 111
What is the process of verifying a user’s identity?
A. Authorization
B. Authentication
C. Logging in
D. Access control
Correct Answer: B
Explanation
Authentication is the process of verifying an entity’s identity by validating one or more factors against a
trusted identity provider. Authorization is the process of determining whether a user hast permission to
access a resource and is similar to access control. Logging in is the process of presenting credentials for
authentication.
QUESTION 112
Which countries could claim jurisdiction over data in the cloud?
A. The country in which physical servers storing data reside
B. The countries that data passes through between the provider’s servers
C. The country in which the data owner resides
D. All of the above
Correct Answer: D
Explanation
Data in the cloud may be subject to multiple jurisdictions, based on the laws of the countries in which the
data resides or passes through as well as the country of residence of the data owner and cloud service
provider.
QUESTION 113
True or false? Dynamic scaling of resources in the cloud may lead to noncompliance with software
licenses.
A. True
B. False
Correct Answer: A
Explanation
The number of servers an organization needs may increase or decrease dynamically to provide sufficient
quality of service and may overrun per-device or per-processor licenses.
QUESTION 114
An organization can address regulatory compliance risks in the cloud in all the following ways except which
one?
A. Its own security policies
B. Periodic audits
C. Service-level agreements with cloud providers
D. Delegation of full responsibility for compliance to the cloud service provider
Correct Answer: D
Explanation
Although the organization can delegate operational duties to a cloud service provider and in some cases
the cloud service provider may share responsibility with the organization, an organization cannot delegate
responsibility for compliance or liability. Options A, B, and C are all examples of appropriate mitigations
against noncompliance.
QUESTION 115
True or false? Government agencies must always notify a data owner when they compel disclosure of
information from a cloud service provider as part of lawful access.
A. True
B. False
Correct Answer: B
Explanation
Not only are government agencies not required to notify data owners, certain countries have gag orders that
prevent the service providers from providing notification to the data owners.
QUESTION 116
Which of the following actions would not lead to risks related to records retention in the cloud?
A. Secure destruction of records on schedule
B. Restrictions on archived storage
C. Difficulties associating metadata with archived records
D. Unauthorized access
Correct Answer: D
Explanation
Unauthorized access is a security and privacy risk and is not directly related to records retention. Secure
destruction of records on schedule, provider restrictions on archived storage, and difficulties associating
metadata with archived records are all records retention risks that should be addressed prior to moving
records subject to retention into the cloud.
QUESTION 117
Authentication to multiple services in the cloud can be streamlined by adopting which of the following
identity management mechanisms?
A. Kerberos
B. Integrated Windows authentication
C. Single sign-on
D. Authorization
Correct Answer: C
Explanation
Implementing single sign-on allows an organization’s users to authenticate once and pass identity attributes
on to multiple applications. Kerberos is a secure authentication protocol that can be used in single sign-on.
Integrated Windows authentication refers to Microsoft products authenticating against a domain login.
Authorization occurs after authentication and involves determining proper permissions.
QUESTION 118
True or false? The United States and the European Union have compatible data privacy laws.
A. True
B. False
Correct Answer: B
Explanation
The United States and the European Union have taken different approaches toward privacy, and US
organizations that are compliant with US privacy laws may not be compliant with stricter EU laws. This has
resulted in the Safe Harbor Framework, which allows organizations to certify that they are compliant with
EU privacy laws so that they may handle EU data.
QUESTION 119
Which of the following is not a legal risk associated with cloud computing?
A. Data isolation
B. Jurisdiction
C. Cost
D. Electronic discovery
Correct Answer: C
Explanation
Cost is a business risk, not a legal risk. Data isolation, jurisdiction (in reference to data location), and
electronic discovery are all legal risks.
QUESTION 120
The identity management process of allowing users in different security domains to share services without
having identities in each domain is called what?
A. Single-sign on
B. Federated
C. Authentication
D. Authorization
Correct Answer: B
Explanation
In federated identity management, identity information is passed from identity providers to service providers
(e.g., cloud services), allowing an organization to take advantage of single sign-on. Authentication refers to
validating an entity’s identity, and authorization is the process of determining whether an entity has
permission to access a resource.
QUESTION 121
With cloud computing services, hardware purchases, software purchases, and IT support are the
responsibility of whom?
A. Internet service provider
B. RraaS provider
C. SaaS provider
D. Application service provider
Correct Answer: C
Explanation
Software as a Service (SaaS) providers deliver web-based software over an Internet connection. The user
requires only a machine with a web browser to connect. The cloud providers must supply the hardware and
software to deliver the service over the Internet.
A is incorrect. Internet service providers present us with a connection to the Internet but not cloud services.
B is incorrect. RraaS is not a valid acronym that relates to cloud computing.
D is incorrect because
application service providers (ASPs) are not the same as cloud providers; ASPs host software that you
provide to them.
QUESTION 122
Which term best describes the ability to rapidly increase user accounts for a given cloud service?
A. Volatility
B. Synchronicity
C. Viability
D. Elasticity
Correct Answer: D
Explanation
Elasticity allows consumer of cloud services to quickly add or remove user accounts.
A, B, and C are incorrect because these terms are not related to rapidly adding user accounts related to a
cloud service.
QUESTION 123
Which option describes a benefit of virtualized servers?
A. Shared hardware
B. Individual hardware per virtual server
C. Physical servers taking less room space than virtual servers
D. Virtual servers taking less disk space than physical servers
Correct Answer: A
Explanation
A single physical server can host multiple virtual machines so that the hardware is shared by the virtual
machines.
B, C, and D are incorrect. Virtual servers do not each have their own hardware; they share the physical
hardware of the virtualization host. Physical servers take much more physical room space than virtual
servers, of which there could be many running on a single physical server. Disk space varies depending on
the role of the server, whether it is physical or virtual.
QUESTION 124
Your company runs a virtualized web application server in-house. You decide to make the web applications
available over the Internet through a cloud provider. Which method represents the quickest way to
accomplish this?
A. Create a new cloud server, install web services, and install and configure web applications.
B. Create a new cloud server, install web services, and import web application data.
C. Migrate your in-house web application server to the cloud.
D. This cannot be done—only generic applications are available through the cloud.
Correct Answer: C
Explanation
Since the in-house server is already virtualized, it is quicker to simply migrate it to the cloud as a cloud
server.
A and B are incorrect because they both involve the creation of the web application server from scratch—
this is not a quick method.
D is incorrect because the cloud offers much more than simply generic web apps.
QUESTION 125
Which term from the past describes the sharing of mainframe computing resources?
A. Time-sharing
B. Time division multiplexing
C. Mainframe-sharing
D. XaaS
Correct Answer: A
Explanation
Time-sharing allowed groups of people to use expensive mainframe computing resources concurrently by
working in isolated computing sessions.
B is incorrect because time division multiplexing is a signal transmission protocol.

C is not an industry-accepted term.
D refers to any web service delivered over the Internet (Anything as a Service) and thus is incorrect.
QUESTION 126
Purchasing software and providing it to a third party that installs and manages that software is an example
of which of the following?
A. Virtualization
B. Application service provider
C. Platform as a service
D. Private cloud
Correct Answer: B
Explanation
Application service providers (ASPs) host software that their client provides.
A, C, and D are incorrect.
Virtualization uses physical hardware to run multiple virtual machines.
Platform as a Service is a cloud solution for software developers.
Private clouds deliver services over networks to private organizations.
QUESTION 127
You are the IT director for a retail clothing outlet. Your competitors are using Internet-delivered inventory,
storage, and backup solutions from a specific provider. You conclude it is best that your company use the
same services from the same provider. What type of cloud will you be subscribing to?
A. Community cloud
B. Retail cloud
C. Private cloud
D. Public cloud
Correct Answer: A
Explanation
Community clouds are used by organizations with the same type of computing needs.
B is incorrect because there is no such thing as a retail cloud.

C and D are incorrect because private clouds serve a single organization, while public cloud is a much too
generic term; community cloud is the best answer.
QUESTION 128
For which businesses would cloud computing be best suited? (Choose two.)
A. Waterfront marketplace that thrives during the summer tourist season
B. Rural medical practice with four employees
C. Law enforcement agency
D. A new company start-up that manufactures watercraft
Correct Answer: AD
Explanation
A waterfront marketplace that thrives seasonally means more computing resources are needed during
certain times of the year; cloud computing provides elasticity, which means adding or removing computing
services and user accounts as needed. New companies present a financial risk and may not have the
desire to invest capital in computing resources on-site, so cloud computing offers an affordable solution
without an expensive long-term commitment.
B and C are incorrect.
These choices are not great cloud computing candidates since they deal with very sensitive data that is
protected by legislation.
QUESTION 129
Which of the following are valid reasons for not adopting a cloud solution? (Choose two.)
A. Local hardware is being fully utilized for unchanging IT workloads.
B. The number of employees rarely changes.
C. The number of employees changes often.
D. A business experiences unpredictable project spikes throughout the year
Correct Answer: AB
Explanation
If local hardware is being fully and efficiently utilized for unchanging IT workloads, there is no benefit to
using a cloud solution. Also, if the number of employees rarely changes, the business will not benefit from
elasticity.
C and D are incorrect because they are valid reasons for adopting a cloud solution.
QUESTION 130
As a developer for a software company, you have decided to build and test your web applications in a cloud
environment. Which type of cloud service best meets your needs?
A. PaaS
B. SaaS
C. IaaS
D. XaaS
Correct Answer: A
Explanation
Platform as a Service (PaaS) offers developers an inexpensive method by which they can develop and test
their applications.
B is incorrect because Software as a Service (SaaS) delivers end-user software over the Internet.
C is incorrect because Infrastructure as a Service (Iaas) allows administrators to use cloud servers,
storage, backup, networking, and so on.
D does not apply since Anything as a Service (XaaS) is a generic term and PaaS is specific to the stated
need.
QUESTION 131
How are cloud computing and outsourcing similar?
A. Immediate scalability
B. Vendor lock-in
C. Long contract renegotiation
D. Tailor-made client solutions
Correct Answer: B
Explanation
Both cloud computing and outsourcing have the possibility of vendor lock-in once a contract for services
has been agreed upon.
A, C, and D are incorrect.
Immediate scalability is a cloud computing characteristic, whereas outsourcing is characterized by longer
contract renegotiations and custom client solutions.
QUESTION 132
Which of the following is a benefit of outsourcing?
A. Immediate scalability
B. Vendor lock-in
C. Long contract renegotiation
D. Tailor-made client solutions
Correct Answer: D
Explanation
Public cloud solutions, specifically, SaaS, are often generalized IT software solutions. Outsourcing provides
specific client solutions.
A, B, and C are incorrect. Immediate scalability is a cloud computing characteristic.
Vendor lock-in is not a positive potential and as such is not a benefit of outsourcing.
Renegotiating contracts takes longer with outsourcing; cloud services allow rapid elasticity.
QUESTION 133
True or false? Cloud computing is a form of outsourcing.
A. True
B. False
Correct Answer: A
Explanation
From a business perspective, cloud computing is a form of outsourcing.
B is incorrect because cloud computing is a form of outsourcing.
QUESTION 134
What cloud computing characteristic ensures services and data are always reachable?
A. Confidentiality
B. Integrity
C. Availability
D. Scalability
Correct Answer: C
Explanation
Availability ensures that something is reachable at any time.

A, B, and D are incorrect.
Confidentiality protects data from unauthorized users, while integrity ensures data has not been tampered
with.
Scalability refers to growing or shrinking capacity.
QUESTION 135
You must ensure that your business computing resources can quickly grow as business demands change.
Which of the following allows this?
A. Confidentiality
B. Integrity
C. Availability
D. Scalability
Correct Answer: D
Explanation
Scalability allows adding or removing computing resources in a cloud environment.

A, B, and C are incorrect.
Confidentiality and integrity are related to data security.
Availability ensures data and services are always reachable.
QUESTION 136
__________ protects data contents, while __________ ensures that data has not been tampered with.
A. Availability, scalability
B. Integrity, confidentiality
C. Scalability, availability
D. Confidentiality, integrity
Correct Answer: D
Explanation
Confidentiality protects data contents, while integrity ensures that data has not been tampered with.
A, B, and C are incorrect.
Availability and scalability do not have anything to do with protecting data.
B is incorrect because the terms are in the wrong order.
QUESTION 137
Which of the following are related to cloud computing costs? (Choose two.)
A. Monthly subscription
B. Server hardware costs
C. Usage fees
D. Software licensing costs
Correct Answer: AC
Explanation
Cloud providers charge customers a monthly subscription fee as well as resource usage fees.
Resources might be cloud servers, CPU usage, storage space, and so on.
B and D are incorrect. They are costs associated with the on-premises acquisition of hardware and
software.
QUESTION 138
How does cloud computing help an organization as new opportunities arise? (Choose two.)
A. Shifting operating expenses to capital expenses
B. Speedy addition of computing resources
C. Less cost for new server hardware
D. Speedy removal of computing resources
Correct Answer: BD
Explanation
With many businesses, time to market is critical. The ability to quickly add and remove computing
resources cheaply allows acting upon business opportunities quickly.
A and C are incorrect.
Cloud computing shifts capital expenses to operating expenses, not the other way around.
Cheaper server hardware is great, but as a cloud customer, acquiring server hardware is kept at a
minimum, if it is done at all.
QUESTION 139
__________ and __________ give cloud customers a competitive advantage.
A. Integrity, confidentiality
B. Availability, integrity
C. Time to market, collaboration
D. Collaboration, confidentiality
Correct Answer: C
Explanation
Businesses have competitors. Getting products and services to the market before competitors is an
advantage. Convenient collaboration between employees is critical to the success of any organization;
everybody has their specific strengths. Data is made available from anywhere using any device with cloud
storage.
A, B, and D are incorrect. They are not specific advantages related to the cloud.
QUESTION 140
Which of the following statements are true? (Choose two.)
A. Public clouds are for the exclusive use of a single organization.
B. Private clouds are for the exclusive use of a single organization.
C. Public clouds are offered over an intranet.
D. Public clouds are offered over the Internet.
Correct Answer: BD
Explanation
Private clouds are for the exclusive use of a single organization. Public cloud offerings are accessible over
the Internet.
A and C. Public clouds are not for the exclusive use of a single organization; anybody on the Internet can
subscribe.
Public clouds are offered over the Internet, not an intranet within an organization.
QUESTION 141
True or false? Virtual servers are used only in public clouds.
A. True
B. False
Correct Answer: B
Explanation
Cloud computing uses virtualization, but virtualization does not need cloud computing.
Virtual servers are usable not only in public clouds; they can be used anywhere.
QUESTION 142
When creating cloud virtual servers, which of the following must be specified? (Choose two,)
A. Username and password
B. Server name
C. IP address
D. Operating system licensing
Correct Answer: AB
Explanation
Each cloud virtual server requires that you specify security credentials for the server as well as a server
name used in the cloud environment.
C and D are incorrect because they are not required when creating a cloud virtual server.
QUESTION 143
You are linking your company’s Microsoft Active Directory user accounts to your cloud provider for
federated identity management. What type of configuration must you create within your company?
A. Identity trust
B. XML provider
C. Relying party trust
D. JSON provider
Correct Answer: C
Explanation
Since your company is the identity provider, you must trust the relying party offering services, so you must
configure a relying party trust.
A, B, and D are incorrect. In the question, the cloud provider would configure an identity trust, not you. XML
and JSON are not specifically related to configuring identity federation.
QUESTION 144
Your public cloud environment is configured such that additional cloud storage is allocated to a virtual
server when the used disk space on that server reaches more than 80 percent of disk capacity. Which term
best describes this configuration?
A. Elasticity
B. Automation
C. Self-service
D. Disk latency
Correct Answer: B
Explanation
If storage space is allocated automatically based on a configured threshold, it is automation.

A, C, and D are incorrect. Elasticity is a close second here, but it does not imply the automatic provisioning
of resources. Automation is a better answer. Self-service allows users to provision the computing resources
they need using a web site, but it is not automatic. Disk latency refers to the amount of time taken to read
data from a disk and is not related to automation.
QUESTION 145
Which of the following might factor into an exit strategy for a cloud customer?
A. Vendor lock-in
B. Self-service
C. Standardization
D. Automation
Correct Answer: C
Explanation
Standardization allows cloud customers to move web services or data between cloud providers.
A, B, and D are incorrect. Vendor lock-in works against a cloud customer’s exit strategy since it implies
methods and components specific to that cloud provider. Self-service and automation are related to the
provisioning of cloud IT resources and have nothing to do with exit strategies.
QUESTION 146
Which of the following is not considered a cloud computing risk?
A. Loss of network connectivity
B. Data stored in the cloud
C. Network latency
D. Host-based firewalls
Correct Answer: D
Explanation
Host-based firewalls are not a risk; they mitigate network attacks.

A, B, and C are incorrect because they are all risks associated with cloud computing.
QUESTION 147
What is a benefit of PaaS?
A. Rapid application development
B. Replication
C. High bandwidth
D. Low latency
Correct Answer: A
Explanation
Rapid application development is possible with PaaS because servers, databases, and other components
used by developers can be made available within minutes instead of requesting hardware and software
from a local IT department.
B, C, and D are incorrect because they are not related directly to PaaS.
QUESTION 148
Developers build these components in the cloud.
A. Federation identity providers
B. Cloud load balancers
C. SaaS user mailboxes
D. Web services
Correct Answer: D
Explanation
Developers can build web services in the cloud. Web services are small web applications that run on web
servers and are accessible through a URL that may include parameters needed by the web service.
A, B, and C are incorrect because they are not components built in the cloud by developers; they are cloud
components built by IT administrators.
QUESTION 149
Which types of applications would be good cloud pilot candidates? (Choose two.)
A. Custom line-of-business software requiring high availability
B. An employee knowledge base application with unpredictable peak loads
C. Spreadsheets requiring multiple simultaneous user updates
D. Payroll application that stores data in a proprietary format
Correct Answer: BC
Explanation
Cloud elasticity lends itself to provisioning services with variable peak loads. Data collaboration for cloudstored
data, such as spreadsheets, is commonplace with SaaS solutions.
A and D are incorrect. Custom software might be difficult to migrate to the cloud. Even though some cloud
solutions offer high availability, the combination of custom software and high availability makes this a poor
cloud pilot candidate. Proprietary data formats can also present complexities when migrating that data to
the cloud, so this too is a poor choice.
QUESTION 150
Which of the following is not a consideration when planning IaaS adoption?
A. Cloud provider application development tools
B. Reduced time to deploy new servers
C. OPEX versus CAPEX
D. Ability to remove unneeded servers
Correct Answer: A
Explanation
Application development tools are related to PaaS, not IaaS.

B, C, and D are incorrect. Each of the listed items is a valid consideration when planning IaaS adoption.
QUESTION 151
What must be adhered to when your chosen cloud provider ceases to exist?
A. Disaster recovery plan
B. Exit strategy
C. Virtualization
D. Mission statement
Correct Answer: B
Explanation
A preplanned exit strategy will define actions to be taken should a cloud provider no longer be available.
A, C, and D are incorrect. Disaster recovery plans and virtualization are inherent parts of today’s cloud
computing environment when the cloud provider is functioning. Mission statements are not related to
whether a cloud provider is available.
QUESTION 152
Which of the following risks must be assessed when considering cloud adoption?
A. Weak security provided by public cloud providers
B. Loss of network connectivity
C. Failed virtual servers
D. Lack of on-demand growth capacity
Correct Answer: B
Explanation
Without network connectivity to cloud services, virtual servers, data, and cloud applications are
unavailable. This possibility must be assessed to determine whether the risk is acceptable.
A, C, and D. Public cloud providers have the requirement, resources, and expertise to exercise a higher
degree of security than most organizations could do themselves. Failed virtual servers present a risk
whether they are hosted by the organization or a cloud provider. High availability (clustering) and backups
minimize downtime. On-demand provisioning of cloud services is one of the reasons organizations seek to
adopt cloud solutions; it is not a risk.
QUESTION 153
Which of the following skills will internal IT require when adopting a cloud solution?
A. Performance monitoring
B. Security auditing
C. Configuring network routers
D. Writing scripts to automate virtual machine deployment
Correct Answer: A
Explanation
Adopting a cloud solution means monitoring the performance of the solution on an ongoing basis to ensure
the solution presents business value.
B, C, and D. Security auditing is the cloud provider’s concern, not the cloud consumer, as are configuring
network routers and presenting the tools for virtual machine deployment.
QUESTION 154
Which IT process might be affected by cloud adoption?
A. Financial management
B. Budget projections
C. Personnel management
D. Capacity management
Correct Answer: D
Explanation
Capacity planning and management might be affected with cloud adoption. Determining how many virtual
machines, how much storage, or how many user mail accounts are required are examples of how this IT
process might be affected.
A, B, and C are incorrect because they are not IT processes.
QUESTION 155
When evaluating the migration of one of your applications to the cloud, you discover complexities that may
make migration impossible. In this case, what strategy might you employ?
A. Find a functionally equivalent cloud application.
B. Migrate the application to the cloud anyway.
C. Export application data, provision a new virtual machine in the cloud, and then import application data to
the new virtual machine.
D. Export application data, provision a new physical machine in the cloud, and then import application data
to the new physical machine.
Correct Answer: A
Explanation
Sometimes specific commercial applications that run well within an organization are not available in the
cloud. Often there are functionally equivalences offered by cloud providers; this should be researched by
internal IT staff.
B, C, and D are incorrect because the question states that there are complexities impeding migration to the
cloud.
QUESTION 156
What business benefit is realized by migrating an application to the cloud?
A. Stronger data encryption
B. Less risk when there is a loss of network connectivity
C. Ability to quickly scale in response to business needs
D. Greater variety in virtual machine operating systems
Correct Answer: C
Explanation
Moving an application to the cloud must have business value. Cloud elasticity allows a quick response to
unpredictable business demands that use computing resources.
A, B, and D are incorrect. Strong data encryption is possible without migrating an application to the cloud.
Loss of network connectivity is a major risk that must be properly assessed. The cloud does not prevent a
greater variety in virtual machine operating systems than could be made available within an organization.
QUESTION 157
While evaluating cloud providers, you consider which SLA metrics might require negotiation. Which service
management phase does this apply to?
A. Service Strategy
B. Service Design
C. Service Operation
Correct Answer: B
Explanation
The Service Design phase includes making sure the negotiated SLA meets service level targets.
A, C, and D are incorrect. The Service Strategy phase relates more to Demand Management and Financial
Management. Service Operation relates to the management of IT service life cycles, once in operation.
Service Transition relates to changes in IT service life cycles.
QUESTION 158
One benefit of cloud computing is the ability to quickly procure IT computing resources. Which service
management phase does this apply to?
A. Service Strategy
B. Service Design
Correct Answer: A
Explanation
Service Strategy relates to IT processes such as Demand Management. The ease with which users can
self-provision resources warrants attention here.
B, C, and D are incorrect. The Service Design phase relates more to SLA Planning and Capacity
Management. Service Operation relates to the management of IT service life cycles, once in operation.
Service Transition relates to changes in IT service life cycles.
QUESTION 159
Which of the following are reasons IT processes will change with cloud adoption? (Choose two.)
A. Rapid elasticity
B. More focus on software patching within an organization’s IT department
C. Less focus on software patching within an organization’s IT department
D. Less focus on cloud service performance
Correct Answer: AC
Explanation
Rapid elasticity means it is easier for users to request new or additional IT services; Demand Management
takes on new meaning with this. With SaaS, an organization’s IT department is not responsible for patching
software with updates; this is the cloud provider’s responsibility.
B and D are incorrect. The cloud provider takes care of software patching for cloud services, not the
organization’s IT department. With cloud adoption, there is an emphasis on monitoring the performance of
cloud services; this is something the cloud customer’s IT staff can monitor.
QUESTION 160
Which of the following statements regarding cloud computing is true?
A. The cloud customer IT staff will no longer be responsible for giving security permissions to users.
B. Performance monitoring is the sole responsibility of the cloud provider.
C. Cloud service costs are fixed.
D. Performance monitoring should be performed by the cloud customer’s IT staff.
Correct Answer: D
Explanation
The cloud customer IT staff should be monitoring cloud service performance to ensure, according to the
SLA, business requirements are being met.
A, B, and C. None of these options is true. Cloud customer IT staff will still be granting access to cloud
services to users. Performance monitoring is an important task for the cloud customer. Cloud service costs
are normally variable, depending on requested services.
QUESTION 161
What obstacle might an organization face related to Demand Management?
A. Inability to provide enough computing infrastructure
B. Lack of data security in public clouds
C. Inability to rapidly deprovision compute resources
D. Ability of users to access SaaS applications from anywhere
Correct Answer: A
Explanation
The ability of users to quickly provision computing services not only requires careful attention to computing
infrastructure capacity and availability but also suggests capping how many services users can selfprovision.
B, C, and D. Public cloud data security is considered superior to the data security provided by a single
organization. The ability of users to rapidly deprovision computing services is seen as a benefit, not an
obstacle. Accessing SaaS applications from anywhere is considered a benefit of cloud computing.
QUESTION 162
How would cloud adoption impact the Service Design phase?
A. Ensuring SLA metrics are honored.
B. Fulfilling self-service requests.
C. Providing confidentiality for sensitive data stored in the cloud.
D. The CMDB will need to be updated more frequently.
Correct Answer: A
Explanation
Service Level Management is an IT process related to the Service Design phase. SLAs must be carefully
negotiated, and adherence (by the cloud provider) must be monitored.
B, C, and D are incorrect. Fulfilling self-service requests and cloud data confidentially would impact the
Service Operation phase. The Service Transition phase would involve ensuring the CMDB is updated more
frequently to match the rapid provisioning and deprovisioning of cloud services.
QUESTION 163
Which of the following items directly relate to Change Management?
A. Negotiating SLA details
B. Meeting demand for IT services
C. Installing new software
D. Ensuring cloud services are always available
Correct Answer: C
Explanation
Installing software falls under the IT process of Change Management. With SaaS, this is one process
where a cloud customer’s IT staff will have less work to do since the cloud provider takes care of making
software available and patching it.
A, B, and D are not related to Change Management. SLAs relate to Service Level Management, the
demand for IT services applies to Demand Management, and cloud service availability applies to Availability
and Service Continuity Management.
QUESTION 164
Access Management is affected by which aspect of cloud computing?
A. Identity federation
B. Cloud backup
C. Network connectivity to the cloud provider
D. Virtualization
Correct Answer: A
Explanation
Identity federation allows a central identity store to be used both inside and outside of an organization. For
example, Company A’s user accounts can be used to gain access to resources in Company A and
Company B, as well as Cloud Provider A.
B, C, and D are incorrect since they have nothing to do with Access Management. Cloud backup and
dependencies on network connectivity are related to IT Service Continuity Management. Virtualization does
affect all IT processes, but identity federation is a better answer.
QUESTION 165
You are negotiating SLA terms with your cloud provider. Your company’s chief financial officer, Mia, has
concerns with items contained within the SLA. Which item might Mia be interested in?
A. Cloud service uptime
B. Switching CAPEX to OPEX
C. Cloud service termination fees
D. Web page loading time
Correct Answer: C
Explanation
Cloud service termination fee terms can be buried in the SLA and must be accounted for as they relate to
an exit strategy.
A, B, and D are incorrect. Cloud service uptime and web page loading time are technical details that would
interest the IT department, not the finance people. Switching CAPEX to OPEX is not part of an SLA.
QUESTION 166
Which of the following might not be controlled by a public cloud provider?
A. Cloud service uptime
B. Web page load time
C. Cloud service termination fees
D. Network connection
Correct Answer: D
Explanation
The network connection between a cloud customer and a cloud provider is usually controlled by a regional
Internet provider.
A, B, and C are incorrect. Cloud service uptime, web page load time, and cloud service termination fees
are controlled by cloud providers, so these items would appear in the SLA.
QUESTION 167
Which of the following cloud-related items presents the greatest risk to business activity for a cloud
customer?
A. Network connectivity problems
B. Cloud providers going out of business
C. Inability to encrypt data stored in the cloud
D. Migrating in-house virtual machines to the cloud
Correct Answer: B
Explanation
Cloud providers going out of business presents the greatest risk. Even with contingency plans in place, this
could be disruptive to an organization, especially if most of the organization’s IT services are offered by a
single provider.
A, C, and D are incorrect. Network connectivity problems are a short-term concern. Data encryption and
virtual machine migration are important technical details, but none of these presents a greater risk than a
cloud provider going out of business.
QUESTION 168
How does cloud adoption change financial management skills?
A. Yearly budget cycles change because of rapid cloud elasticity.
B. Cloud customers must monitor their own cloud resource usage and pay accordingly.
C. OPEX becomes CAPEX.
D. Cloud service costs are fixed.
E. Performance monitoring should be performed by the cloud customer’s IT staff.
Correct Answer: A
Explanation
Instead of traditional yearly budget cycles, finance staff must account for the fact that rapid cloud elasticity
will make OPEX variable.
B, C, D, and E are incorrect. Cloud providers monitor customer usage, and they bill the customers
accordingly, not the other way around. Cloud adoption changes CAPEX to OPEX, not the other way around.
Even though cloud customer IT staff should be monitoring cloud service performance, this is not related to
financial management skills.
QUESTION 169
Which of the following statements correctly reflects costs associated with cloud computing?
A. There is an up-front capital investment.
B. SLAs never contain cloud service termination fees.
C. An organization’s funds are used to acquire server hardware.
D. Costs can be volatile.
Correct Answer: D
Explanation
Cloud computing costs are generally volatile since cloud services can be provisioned and deprovisioned in
a matter of minutes.
A, B, and C. One benefit of cloud computing is that CAPEX becomes OPEX; therefore, there is no up-front
capital investment as there would be if all IT services were hosted in-house. SLAs will normally contain
clauses related to premature service termination fees. The cloud provider, not the cloud customer, acquires
server hardware.
QUESTION 170
How can unpredictable costs associated with cloud services be managed? (Choose two.)
A. Choose the cheapest cloud provider.
B. Set limits on total costs for a given timeframe.
C. Ensure costs are related to revenue.
D. Prohibit IaaS from being used.
Correct Answer: BC
Explanation
Despite rapid elasticity, cloud costs can be managed by setting a limit on cloud-related costs and ensuring
that these costs are relevant to the business.
A and D are incorrect. Choosing the cheapest cloud provider is not a good strategy; there are many
variables to consider besides cost. Even though prohibiting the use of IaaS could reduce cloud costs, B and
C are better answers.
QUESTION 171
What should you do to ensure your cloud data can be used with other cloud providers? (Choose two.)
A. Use the fastest network connection possible.
B. Know the format in which cloud data is stored.
C. Know the maximum usable cloud storage capacity.
D. Know the format cloud data can be exported to.
Correct Answer: BD
Explanation
Data stored in the cloud might be stored in its native file format and also might be exportable in its native
format. For example, storing a Microsoft Excel spreadsheet file in the cloud might allow you to later export it
as the same file. This means you could use the file without the cloud service provider, or you could upload
this file to a different cloud service provider.
A and C are related to cloud storage but have nothing to do with other cloud providers.
QUESTION 172
You are planning strategies related to your cloud provider becoming unavailable. Which of the following will
ensure business continuity? (Choose two.)
A. In-house hosting
B. Cloud backup
C. Network connectivity to the cloud provider
D. Using an alternate cloud provider
Correct Answer: AD
Explanation
Should a cloud provider become unavailable, hosting IT services in-house or with other cloud providers are
possible contingency plans that will ensure business continuity.
B and C are incorrect. Cloud backup can ensure business continuity in the event of data loss but not if the
cloud provider becomes unavailable. Network connectivity is always required to a cloud provider and is not
relevant if the cloud provider is not reachable over the network.
QUESTION 173
Which of the following statements correctly explains the benefit of cloud computing?
A. Cloud computing delivers a wide range of services.
B. Cloud computing is procured by the IT department.
C. Cloud computing delivers IT capacity on demand.
D. Cloud computing delivers IT capabilities that scale with demand.
Correct Answer: D
Explanation
Whether private or public cloud, IT services are delivered over a network and are quickly provisioned and
deprovisioned as needed.
A, B, and C are incorrect. Although there are many cloud offerings, stating that cloud computing delivers a
wide range of services is too ambiguous. The IT department might provide support for or be consulted to
evaluate cloud solutions, but the IT department would not procure the cloud solution. Computing
infrastructure such as storage capacity can be increased in a cloud, but it is the IT capabilities (beyond just
capacity) that make cloud solutions so compelling.
QUESTION 174
It is easy to exchange small text messages through Twitter. What is this an example of?
A. IaaS
B. PaaS
C. SaaS
D. None of the above
Correct Answer: C
Explanation
Software as a Service is defined as productivity software, such as email or word processing or, in this case,
Twitter, that is delivered over a network and available any time using any device.
A, B, and D are incorrect. Infrastructure as a Service is rapidly scalable; it makes virtual servers, storage,
backup, and similar computing infrastructure available over a network. Platform as a Service is used by
developers; virtual machines, databases, and reusable software libraries make software development and
testing quick and efficient.
QUESTION 175
Which of the following statements best defines virtualization?
A. Virtualization is a method to organize servers in a more efficient manner.
B. Virtualization is a set of techniques for hiding software resources behind hardware abstractions.
C. Virtualization is a method to structure data in a more efficient manner.
D. Virtualization is a set of techniques for hiding hardware resources behind software abstractions.
Correct Answer: D
Explanation
Virtualization masks hardware resources so that each running virtual machine appears to have its own
hardware.
A, B, and C are incorrect. Organizing servers and data do not define the purpose of virtualization; they are
both possible without virtualization. Virtualization hides hardware resources behind software abstractions,
not the other way around.
QUESTION 176
When provisioning new virtual servers, which of the following must be done? (Choose two.)
A. Specify cloud backup options for the virtual server.
B. Specify the maximum server log file size.
C. Specify user credentials to use with the virtual server.
D. Specify the amount of RAM the virtual server will use.
Correct Answer: CD
Explanation
You must specify user credentials used with the new virtual server, and you must specify how much RAM
the virtual machine will use.
A and B are incorrect. Virtual servers do not have to use a cloud backup solution or any backup solution at
all. The maximum server log file size is configured within the operating system and is not required when
provisioning new virtual servers.
QUESTION 177
Which definition applies to time-sharing?
A. Individuals using computing resources at different times
B. Individuals using computing resources simultaneously within isolated computing sessions
C. Individuals using the same virtual servers simultaneously in the cloud
D. Individuals using computing resources simultaneously within a shared computing session
Correct Answer: B
Explanation
Users could share expensive computing equipment at the same time by having their own isolated
computing sessions.
A, C, and D are incorrect. Time-sharing means people share computing hardware by having their own
sessions at the same time. Virtual machines and shared user sessions are not related to this.
QUESTION 178
Which of the following statements are true regarding cloud services? (Choose two.)
A. Cloud services use a “pay-as-you-go” payment scheme.
B. Cloud services are always less expensive than in-house hosted solutions.
C. Cloud data storage is less secure than storing data locally.
D. Cloud services can be provisioned quickly.
Correct Answer: AD
Explanation
Instead of purchasing hardware and software, you purchase only the cloud IT solutions you use on an
ongoing basis. Provisioning new cloud IT services, such as new virtual servers, is done very quickly
compared to ordering physical server hardware and then installing an operating system on it.
B and C are incorrect. Cloud solutions are not always less expensive than in-house solutions; this
statement is too general. Security in the cloud is considered superior to that provided by a private
organization. This is because cloud providers have the resources and expertise to exercise proper security
controls, and they must pass third-party security audits often.
QUESTION 179
How can cloud computing improve the flexibility of businesses?
A. Easier access by users outside of the organization
B. Rapidly growing and shrinking capacity
C. Faster deployment of applications
D. All of the above
E. None of the above
Correct Answer: D
Explanation
Because public SaaS solutions are already on the Internet, any user who has been granted access can
easily connect. Rapid elasticity allows businesses to respond to up and down swings in business activity,
which in turn means businesses pay for the cloud services they use. PaaS allows developers to quickly
create and test applications; this is made possible by software libraries and databases for developers and
the rapid creation of virtual machines.
A, B, C, and E are incorrect. Each listed item allows businesses to be flexible and to respond to changes
in business volume.
QUESTION 180
Cloud computing might not be beneficial for which of the following?
A. Small engineering start-up
B. Email system for the Pentagon
C. Rapidly growing email system
D. Web site of a large newspaper
Correct Answer: B
Explanation
Sensitive email systems, such as that used by the Pentagon, should be hosted in-house. This allows full
control over the installation and use of the system.
A, C, and D are incorrect. A small engineering start-up would benefit from not having to purchase server
hardware, software, and licenses, as well as from not having to hire the expertise to configure the system.
Any IT need for rapid scalability is served well by cloud computing, such as a rapidly growing email system.
Newspaper web sites can benefit since ensuring the availability of the web site can be detailed in an SLA.
QUESTION 181
Syl, a developer, is using cloud services to create and test a new application. What type of cloud service is
Syl using?
A. PaaS
B. SaaS
C. XaaS
D. IaaS
Correct Answer: A
Explanation
PaaS allows developers to quickly create and test applications.

B, C, and D are incorrect. SaaS allows end users to access software over a network any time, from any
device. XaaS is an all-encompassing term that refers to any IT service delivered over a network. IaaS offers
computing infrastructure such as virtual servers, network, and storage to cloud consumers over a network.
QUESTION 182
Which of the following is not a typical business objective realized by IT outsourcing and cloud computing?
A. Eliminating noncore activities
B. Lack of skilled staff
C. Improving cost structure
D. Solving security problems
Correct Answer: D
Explanation
Security problems are not a typical reason for outsourcing or cloud adoption.
A, B, and C are incorrect. Eliminating noncore activities, a lack of internal skilled staff, and improving cost
structure (CAPEX to OPEX) are all common reasons that companies choose to outsource or adopt cloud
solutions. Remember that cloud computing is a form of outsourcing.
QUESTION 183
Which of the following statements is true?
A. Cloud computing and outsourcing are the same.
B. Outsourcing is specific to IT.
C. Cloud computing is specific to IT.
D. Outsourcing is cheaper than cloud computing.
Correct Answer: C
Explanation
Cloud computing is essentially IT outsourcing, at least from a business perspective.

A, B, and D are incorrect. Cloud computing is specific to IT, and outsourcing is not; thus, they are not
exactly the same. Outsourcing cannot be compared to cloud computing in terms of always being cheaper
because cloud computing is specific to IT; outsourcing could be related to any kind of skilled work.
QUESTION 184
Acme Incorporated is using a specific line-of-business piece of software and does not have the skilled helpdesk
staff required to support the software. What solution should Acme Incorporated employ?
A. Migrate the application to the cloud.
B. Virtualize the software.
C. Host the software in-house.
D. Outsource the help-desk staff requirement.
Correct Answer: D
Explanation
Acme Incorporated needs skilled help-desk staff to support its specific software. Outsourcing is usually the
result of a lack of specific skill sets within an organization.
A, B, and C are incorrect. Migrating the application to the cloud, virtualizing the line-of-business software,
and hosting it in-house do not address the core problem, which is a lack of skilled help-desk staff.
QUESTION 185
You are the IT administrator for a small regional airline that is opening a new office. To meet the airline’s
computing needs, you order server and desktop hardware, as well as the required software. Cloud
computing can reduce or, in some cases, entirely eliminate these responsibilities from their customers. To
which cloud characteristic does this scenario apply?
A. Time to market
B. Vendor lock-in
C. Scalability
D. Security
Correct Answer: C
Explanation
Scalability embodies the ability to grow in a controlled manner, as in increasing computing infrastructure as
business needs demand.
A, B, and D are incorrect. A reduction in time to market for new products and services gives a company a
competitive edge, but it does not apply to the scenario. Vendor lock-in ties customers to vendor-specific
solutions, which is not the case here. Security does apply to cloud computing, but it does not relate to this
scenario, where new hardware and software must be procured.
QUESTION 186
For a software development firm, which of the following cloud benefits is realized with PaaS?
A. Time to market
B. Vendor lock-in
C. Scalability
D. Security
Correct Answer: A
Explanation
PaaS allows developers to quickly create and test applications. Getting your product to market before your
competitors can give a competitive edge.
B, C, and D are incorrect. Vendor lock-in ties customers to vendor-specific solutions, but this is not a
benefit of PaaS. Scalability embodies the ability to grow in a controlled manner, but it is not a distinguishing
feature of PaaS as compared to other types of cloud offerings. Security does apply to cloud computing but
not specifically to PaaS.
QUESTION 187
How does cloud computing affect a cloud customer’s cost structure?
A. OPEX becomes CAPEX.
B. CAPEX becomes OPEX.
C. CAPEX increases.
D. OPEX decreases.
Correct Answer: B
Explanation
Instead of spending capital to acquire computing hardware, software, and licenses, cloud customers can
essentially rent the IT services they need as they need them; thus, capital expenditures (CAPEX) become
operating expenses (OPEX).
A, C, and D are incorrect. OPEX does not become CAPEX with cloud adoption; CAPEX becomes OPEX.
CAPEX decreases with cloud adoption, and OPEX increases.
QUESTION 188
With a cloud solution, which of the following IT tasks are the responsibility of the cloud provider? (Choose
three.)
A. Purchasing hardware
B. Purchasing and licensing software
C. Assigning user permissions to cloud data
D. Updating software
Correct Answer: ABD

Explanation
Cloud providers are responsible for all aspects of hardware and software for their cloud solutions.
C is incorrect. The cloud customer assigns user permissions to cloud data.
QUESTION 189
Stacey, a financial analyst, is describing the business benefits of public cloud computing to her colleagues.
Which of the following might she state? (Choose two.)
A. Shorter time to market
B. Decrease in operating expenses
C. Facilitated data collaboration
D. Increase in operating expenses
Correct Answer: AC
Explanation
Cloud solutions remove the need to wait for physical computing hardware to arrive as IT needs grow, and
provisioning of IT services is done very quickly thanks to virtualization; these factors reduce the amount of
time a business takes to get a product or service to their customers. Data stored in the cloud is easily
accessible from anywhere and thus facilitates data collaboration.
B and D are incorrect. Cloud computing increases operating expenses because of ongoing subscription
and usage fees, while capital expenditures decrease. An increase in any type of cost is never a benefit to
the payer.
QUESTION 190
While __________ and __________ are important IT considerations to a business, they are not specific to
cloud computing.
A. backup, disaster recovery
B. SLAs, SaaS
C. virtualization, PaaS
D. time to market, reduced CAPEX
Correct Answer: A
Explanation
Backup and disaster recovery are critically important to any business using any type of IT solution, not just
cloud customers.
B, C, and D are incorrect. SaaS and PaaS are specific to cloud computing. Time to market and CAPEX
are not IT considerations; they are business strategy and financial considerations.
QUESTION 191
Which statement regarding private clouds is true?
A. SLAs are not required.
B. Server virtualization is used only in public clouds.
C. They are more secure than public clouds.
D. They are for the exclusive use of a single organization.
Correct Answer: D
Explanation
Private clouds use computing assets owned by, and for the exclusive use by, a single organization.
A, B, and C are incorrect. Private clouds still use SLAs to guarantee levels of service to business units.
The use of server virtualization is not exclusive to public clouds. Public cloud providers generally have more
resources, have more expertise, and must pass frequent third-party audits. This suggests public cloud
providers must exercise the strictest security standards.
QUESTION 192
Numerous cloud customers sharing the same computing services while having isolated computing
environments is described as which of the following?
A. Multitenancy
B. Elasticity
C. Virtualization
D. XaaS
Correct Answer: A
Explanation
Multitenancy allows multiple cloud customers to use the same computing services such as cloud
mailboxes, but the cloud provider ensures each cloud customer is kept isolated from another.
B, C, and D are incorrect. Elasticity refers to the ease with which cloud services can grow or shrink to
meet business demand. Virtualization allows multiple operating systems to run simultaneously on a single
computing device. XaaS is a catchall term referring to any computing service delivered over a network.
QUESTION 193
Which of the following are specific examples of IaaS? (Choose all that apply.)
A. SLAs
B. Software code libraries
C. Cloud email accounts
D. Cloud storage
Correct Answer: D
Explanation
IaaS provides computing infrastructure services such as virtual servers, virtual networks, cloud backup, and
cloud storage.
A, B, and C are incorrect. SLAs describe levels of service that will be provided to a customer, but they are
not specific to IaaS. Software code libraries are of use to software developers; this is PaaS, not IaaS. Cloud
email accounts are an example of SaaS, not IaaS.
QUESTION 194
Your organization uses on-premises servers to authenticate user logon requests. You would like to
authorize user access to cloud email accounts using their local credentials. Which solution should you
employ?
A. Replicate local user accounts to the cloud.
B. Use identity federation.
C. Implement SaaS.
D. Re-create user accounts in the cloud.
Correct Answer: B
Explanation
Identity federation uses a single identity provider to authorize user access to multiple software applications,
including cloud apps.
A, C, and D are incorrect. Replicating user accounts to the cloud means you are not using the onpremises
user identities, which is required in this scenario. SaaS provides end-user software services over
a network and has nothing to do with authentication or authorization. Re-creating user accounts in the cloud
is unacceptable; the scenario clearly states that local user accounts are to be used for authentication.
QUESTION 195
Relocating web content closer to users for quicker access is done using __________.
A. content distribution networks
B. identity federation
C. virtualization
D. cloud relocation
Correct Answer: A
Explanation
Content distribution networks place cloud content closer physically to users, which enhances the user
experience because of quicker access.
B, C, and D are incorrect. Identity federation uses a single identity provider to authorize access to
numerous computing services. Virtualization makes cloud solutions possible, but it does not place content
closer to users. Cloud relocation is a fictitious term.
QUESTION 196
You are designing a solution to ensure your on-premises users will always have access to public cloud
services. What should you consider?
A. Identity federation
B. Tablets instead of smartphones
C. Redundant network connections
D. Encryption
Correct Answer: C
Explanation
A single network connection to a cloud provider presents a single point of failure.

A, B, and D are incorrect. Identity federation uses a single identity provider to authorize access to
numerous computing services; it does not ensure access to cloud services. Whether users use tablets,
laptops, smartphones, or desktops does not affect whether cloud services are reachable. Encryption
protects sensitive data from unauthorized use but is not related to accessing cloud services.
QUESTION 197
Cloud adoption does not remove the need for on-premises IT personnel. Which task must local IT
personnel undertake to ensure cloud solutions are delivering business value?
A. Setting limits on OPEX costs
B. Monitoring application performance
C. Creating new virtual machines
D. Removing active virtual machines
Correct Answer: B
Explanation
Local IT personnel must monitor cloud solutions to ensure optimal performance. Underperforming cloud
solutions could be because of sluggish network connections or overburdened cloud providers, and this
reduces the value offered by cloud computing.
A, C, and D are incorrect. Setting limits on OPEX is not the responsibility of the IT staff. The creation of
virtual machines can be important with cloud solutions but not as important to business value as optimal
performance. Removing inactive virtual machines can benefit the business because of less cost, but
removing active virtual machines cannot.
QUESTION 198
Which of the following statements is true?
A. PaaS is used to create web services.
B. PaaS is used by end users.
C. SaaS is used by software developers.
D. Applications cannot be developed in the cloud.
Correct Answer: A
Explanation
PaaS is used by software developers to create and test applications. These applications typically take the
form of web services.
B, C, and D are incorrect. PaaS is used by software developers, not end users. SaaS is used by end
users, not software developers. Applications can be developed and tested in the cloud; this is precisely
what PaaS is for.
QUESTION 199
What benefits are derived from PaaS?
A. OPEX instead of CAPEX
B. Cloud backup
C. Rapid application development
D. Elasticity
Correct Answer: C
Explanation
PaaS provides reusable software libraries, databases, virtual machines, storage, and so on, to software
developers to decrease the amount of time it takes to create and test software applications.
A, B, and D are incorrect. Shifting CAPEX to OPEX is a benefit of all cloud models, not just PaaS. Cloud
backup falls under IaaS, not PaaS. Elasticity is a benefit of all cloud models, not just PaaS.
QUESTION 200
Which application should be migrated to the cloud for initial cloud testing?
A. Financial management system
B. Word processing
C. Customer transaction database
D. Emergency response system
Correct Answer: B
Explanation
Noncritical software such as a word processor should be tested first in the cloud.
A, C, and D are incorrect. Sensitive or mission-critical software related to finances, customer transactions,
or emergency response are not good cloud pilot choices; less critical software would be a wiser choice.
QUESTION 201
Your company’s application development team requires a self-provisioned software development solution
that can quickly grow or shrink based on each project’s parameters. Existing customer data will be used
from a customized line-of-business application. What would you suggest?
A. Private PaaS
B. Private IaaS
C. Public PaaS
D. Public IaaS
Correct Answer: A
Explanation
Since customer data stored in a customized line-of-business app is needed, private PaaS makes the most
sense.
B, C, and D are incorrect. Private and public IaaS do not apply to developing software applications in a
cloud environment; IaaS provides computing infrastructure such as cloud storage. Getting data from a
customized app into a public cloud could prove to be complex.
QUESTION 202
Cloud solutions that can tolerate failures yet still provide service are referred to as what?
A. IaaS
B. Highly portable
C. PaaS
D. Highly available
Correct Answer: D
Explanation
High availability ensures cloud solutions are always accessible. This means eliminating single points of
failure such as storing data on a single hard disk or single network connections.
A, B, and C are incorrect. IaaS offers computing infrastructure services over the cloud, and PaaS offers
software development capabilities over the cloud; by themselves neither tolerates failures. Highly portable
means something can be moved from one system to another with ease; this is not related to high
availability.
QUESTION 203
You are evaluating cloud backup offerings from various cloud providers. What type of cloud service is cloud
backup?
A. SaaS
B. IaaS
C. PaaS
D. DaaS
Correct Answer: B
Explanation
IaaS cloud service offerings include virtual servers, cloud storage, cloud backup, virtual networks, and so
on.
A, C, and D are incorrect. SaaS offers end-user software over a network. PaaS allows developers to easily
and quickly create and test applications. DaaS makes remote virtual desktops available to users from any
device; the processing occurs on the desktop virtualization server.
QUESTION 204
What is used to automate the provisioning of virtual machines?
A. SaaS
B. Management software
C. PaaS
D. Software libraries
Correct Answer: B
Explanation
Cloud providers have management software, usually web-based, that is used to automate virtual machine
provisioning.
A, C, and D are incorrect. SaaS offers end-user software over a network. PaaS allows developers to easily
and quickly create and test applications. Software libraries are made available to developers with PaaS
offerings.
QUESTION 205
Which of the following are risks associated with depending on cloud providers? (Choose two.)
A. Proprietary data formats
B. Lack of security
C. Vendor lock-in
D. User authentication
Correct Answer: AC
Explanation
If cloud data is stored in a proprietary format and you decide to have that data hosted in-house or you
decide to switch cloud providers, your data will be inaccessible. Vendor lock-in occurs when cloud
customers are stuck with using a specific cloud provider’s management tools.
B and D are incorrect. There is no further security risk with cloud solutions than there otherwise would be.
User authentication is not a risk; it is required for users to be authorized to various cloud services.
QUESTION 206
Which item usually presents a single point of failure in regard to cloud computing?
A. Network connection
B. Hard disk
C. Cloud backup
D. Virtual server
Correct Answer: A
Explanation
Because cloud services are accessible over a network, it is important to have redundant network links.
B, C, and D are incorrect. Cloud providers always ensure that hard disks used for cloud storage and
backup, as well as virtual server files, are on-disk arrays that are mirrored. In addition, all of this data might
be replicated to another data center run by the cloud provider.
QUESTION 207
Which of the following statements regarding a change in IT roles as a result of cloud adoption is accurate?
A. In-house IT personnel are no longer required.
B. There will be an emphasis on managing operating expenses instead of capital expenses.
C. There is no longer a need to back up business data.
D. Private clouds could require IT personnel to provision services.
Correct Answer: D
Explanation
Provisioning services, and not servers, will be a skill that IT staff members must possess.
A, B, and C are incorrect. In-house IT personnel are required to maintain adequate cloud computing client
devices, to maintain network connections to cloud providers, to provision cloud services, and to evaluate
new innovative cloud solutions. IT is not responsible for financial management. Cloud solutions still require
an appropriate backup strategy.
QUESTION 208
For in-house IT personnel, which IT task will be emphasized with cloud adoption?
A. Application performance monitoring
B. Security auditing
C. Data backup
D. High availability
Correct Answer: A
Explanation
Monitoring the performance and availability of cloud services, and the network connection to them, is an
important skill resulting from cloud adoption.
B, C, and D are incorrect. Security auditing, data backup, and high availability are the concern of the cloud
provider, not the cloud customer.
QUESTION 209
What must be done to ensure the ongoing success of cloud service adoption?
A. Software updates must be applied.
B. Financial audits must take place.
C. Industry compliance audits must take place.
D. IT services must be coupled with specific business processes.
Correct Answer: D
Explanation
To provide business value, all IT services must serve the needs of the business.
A, B, and C are incorrect. Cloud providers are responsible for applying software updates for cloud
services. Financial and industry compliance audits are always relevant; however, this should be considered
before cloud adoption, not after.
QUESTION 210
When evaluating cloud solutions, you conclude that some existing end-user software hosted on premises is
not available as SaaS. What other options should you consider?
A. Evaluate other functionally equivalent SaaS offerings.
B. Keep using the on-premises end-user software.
C. Use cloud backup for the end-user software data.
D. Use PaaS instead.
Correct Answer: A
Explanation
Cloud providers might have a SaaS offering that has the same functionality of the in-house software in use.
This should be explored first.
B, C, and D are incorrect. Since cloud evaluation was part of the question, keeping the existing software
solution is not the best choice. Cloud backup does not address the issue of using a cloud SaaS solution.
PaaS is for developers to quickly create and test applications, not end-user productivity software.
QUESTION 211
Your company currently has six virtual servers hosted on premises using two clustered physical servers.
The two physical servers on which the six virtual servers are running must be replaced. You have been
asked to recommend the quickest solution to run the six virtual machines in the cloud instead of on the
premises. What should you recommend?
A. Back up the existing virtual servers. Create new cloud virtual servers and restore the data into them.
B. Migrate the existing virtual machines to the cloud.
C. You cannot migrate virtual machines to the cloud.
D. Re-create the six virtual machines in the cloud from scratch.
Correct Answer: B
Explanation
Migrating existing virtual machines to the cloud is the quickest solution. Most cloud providers offer this
solution.
A, C, and D are incorrect. Creating new virtual servers in the cloud and restoring data to them normally
takes longer than simply migrating virtual servers to the cloud. Most cloud providers offering IaaS allow
cloud customers to migrate virtual machines to the cloud.
QUESTION 212
Which of the following is a reason to migrate an application to the cloud?
A. Elasticity.
B. Data encryption.
C. High availability.
D. It will be cheaper than hosting the application in-house.
Correct Answer: A
Explanation
Cloud elasticity means the application can grow or shrink relative to business needs.
B, C, and D are incorrect. Data encryption and high availability are available without migrating an
application to the cloud. Even though CAPEX gets shifted to OPEX, when viewed over time, cloud solutions
are not always cheaper than in-house solutions.
QUESTION 213
Which of the following items would show up in an SLA? (Choose all that apply.)
A. Type of virtual server operating systems available
B. PKI certificate for identity federation
C. Degree of service elasticity
D. Guaranteed level of service
Correct Answer: CD
Explanation
Service elasticity, that is, the ability to increase or decrease a cloud service such as the number of user
mailboxes, should be stated in the SLA. All SLAs state the expected level of service cloud customers can
expect and the repercussions if those service levels are not met.
A and B are incorrect. The type of operating system used in virtual machines, along with PKI certificate
details, are not relevant to the SLA, even though they might be of technical relevance.
QUESTION 214
Cloud adoption can increase the workload for cloud customer internal IT staff members in which way?
A. Applying software patches
B. Acquiring server hardware
C. Monitoring cloud service performance
D. Performing data backups
Correct Answer: C
Explanation
With cloud adoption, IT staff members will find themselves focusing more on the delivery, monitoring, and
maintenance of IT services.
A, B, and D are incorrect. Applying software patches, acquiring server hardware, and performing backups
are tasks performed by the cloud provider.
QUESTION 215
Planning disk capacity requirements in the cloud applies to which service management phase?
A. Service Design
B. Service Strategy
Correct Answer: A
Explanation
Capacity planning falls under the Service Design phase.

B, C, and D are incorrect. Capacity planning, such as cloud storage, does not apply to these ITIL life-cycle
phases.
QUESTION 216
Encouraging cloud service use during minimal load times applies to which ITIL Service Strategy process?
A. Capacity Management
B. Demand Management
C. Financial Management
D. Service Level Management
Correct Answer: B
Explanation
Demand Management ensures customer capacity demands can be met. Discouraging IT service use
during peak busy times falls into this description.
A, C, and D are incorrect. These ITIL processes do not map directly to encouraging the use of IT services
during less busy times like Demand Management does.
QUESTION 217
Which process of the ITIL Service Design phase relates to ensuring cloud services are always accessible?
A. Service Level Management
B. Capacity Management
C. Information Security Management
D. Availability and Service Continuity Management
Correct Answer: D
Explanation
Availability and Service Continuity Management ensures that IT services are always accessible by
managing risks that could impact IT service delivery.
A, B, and C are incorrect. Service Level Management relates to ensuring that SLA terms map to business
requirements. Capacity Management ensures IT service capacity can be met in line with SLA terms.
Information Security Management allows only authorized users to access any IT-related service or data
belonging to an organization.
QUESTION 218
Choosing a cloud service that provides the same functionality as an in-house system applies to which ITIL
life-cycle phase?
A. Service Design
B. Service Strategy
Correct Answer: A
Explanation
Evaluating functional equivalents of in-house IT systems relates to the Service Design phase.
B, C, and D are incorrect. Service Strategy involves defining and implementing service strategies. Service
Operation focuses on making sure IT services are accessible and available at all times in the most efficient
and cost-effective way possible. Service Transition relates to processes such as Change Management,
Configuration Management, and Asset Management.
QUESTION 219
The manipulation of people to disclose confidential information defines what type of risk?
A. Malware
B. Denial of service
C. Password cracking
D. Social engineering
Correct Answer: D
Explanation
Tricking people to disclose sensitive information is referred to as social engineering. This could be as
simple as an imposter posing as a help-desk member calling an end user and asking for password
information.
A, B, and C are incorrect. Malware is software that performs malicious actions, such as deleting files from
a hard disk. Denial-of-service attacks render a network service unusable to legitimate users. Password
cracking involves breaking into user accounts once the password has been determined, usually by
automated means.
QUESTION 220
Why might a government agency be against storing its data in the cloud?
A. Clouds do not offer data encryption.
B. Data must be stored within national boundaries.
C. Data in virtual servers is unreliable.
D. Cloud data cannot be backed up.
Correct Answer: B
Explanation
Some cloud providers have data centers in many countries, and data from one country might be replicated
to another; this could present legal and jurisdiction ambiguities.
A, C, and D are incorrect. Many cloud solutions offer encryption, and for those that do not, you can encrypt
your data before storing it in the cloud. Virtual servers are very reliable, and so is their data. Cloud data can
be backed up.
QUESTION 221
What new IT service risk is a result of cloud adoption?
A. Loss of network connectivity
B. Loss of encryption keys
C. Loss of decryption keys
D. Failure of a hard disk
Correct Answer: A
Explanation
Losing network connectivity means losing access to cloud IT services and data. Redundant network
connections should be configured.
B, C, and D are incorrect. Encryption and decryption key loss is not a problem specific to cloud adoption.
Cloud providers use redundant disk arrays for data, so a hard disk failure will not interrupt IT service
operation.
QUESTION 222
How does cloud adoption affect IT budgets?
A. IT budgets increase.
B. IT budgets decrease.
C. IT budgets remain the same.
D. IT budgets must account for the “pay-as-you-go” model.
Correct Answer: D
Explanation
Instead of a yearly or quarterly IT budget cycle, cloud elasticity means costs are much more variable.
A, B, and C are incorrect. IT budgets normally decrease to reflect the lack of capital expenditures. This
may take time to become apparent because of asset depreciation methods of accounting, as well as
ongoing OPEX.
QUESTION 223
Which of the following is the function of orchestration services?
A. Assemble functional requirements for application development
B. Configure application clusters with Web services
C. Enable and disable load balancers
D. Manage the starting and stopping of application server clusters
Correct Answer: D
Explanation
Orchestration is often discussed as having an inherent intelligence or even implicitly autonomic control, but
those are largely aspirations or analogies rather than technical descriptions. In reality, orchestration is
largely the effect of automation or systems deploying elements of control theory.
This usage of orchestration is often discussed in the context of service-oriented architecture, virtualization,
provisioning, converged infrastructure and dynamic datacenter topics. Orchestration in this sense is about
aligning the business request with the applications, data, and infrastructure. It defines the policies and
service levels through automated workflows, provisioning, and change management. This creates an
application-aligned infrastructure that can be scaled up or down based on the needs of each application.
Orchestration also provides centralized management of the resource pool, including billing, metering, and
chargeback for consumption. For example, orchestration reduces the time and effort for deploying multiple
instances of a single application. And as the requirement for more resources or a new application is
triggered, automated tools now can perform tasks that previously could only be done by multiple
administrators operating on their individual pieces of the physical stack.
A somewhat different usage relates to the process of coordinating an exchange of information through web
service interactions.
A distinction is often made between orchestration (a local view from the perspective of one participant) and
choreography (coordination from a global multi-participant perspective, albeit without a central controller).
[citation needed]
QUESTION 224
Which of the following is a private SaaS?
A. An application for external use only, on company-owned assets.
B. An application for external use only, on public cloud-based systems.
C. An application for internal use only, on company-owned assets.
D. An application for internal use only, on public cloud-based systems.
Correct Answer: C
Explanation
Private SaaS = SaaS applications delivered on a single tenant

architecture hosted either on-premise or off-premise in a highly secure
exclusive “network”.
Some of the advantages of this model are
Data Security
– Unlike in the case of multi-tenant systems, data is isolated in a
single tenant system. This offers better privacy and security. Plus,
the compliance is easy with such systems.
Migration
– The very fact that the data is isolated makes it easy to migrate. In
the case of multi-tenant systems, migrations are not all that straight
forward.
Customization – With Private SaaS, the enterprises get to customize the SaaS applications to fit their
needs and this option is very limited in the case of public SaaS.
QUESTION 225
Who is responsible for granting access to a user in federated identity management?
A. Identity provider
B. Relying party
C. SaaS provider
D. User
Correct Answer: B
Explanation
Relying Party - A system entity that decides to take an action based on information from another system
entity.
For example, a SAML relying party depends on receiving assertions from an asserting party (a SAML
authority) about a subject.
Identity Provider - A kind of service provider that creates, maintains, and manages identity information for
principals and provides principal authentication to other service providers within a federation, such as with
web browser profiles.
User - A natural person who makes use of a system and its resources for any purpose
QUESTION 226
Which of the following application types is suitable for a cloud computing pilot?
A. Desktop productivity applications
B. Marginal applications
C. Mission-critical applications
D. Legacy applications
Correct Answer: A
Explanation
Productivity software (sometimes called personal productivity software or office productivity software is
application software dedicated to producing information, such as documents, presentations, worksheets,
databases, charts, graphs, digital paintings, electronic music and digital video.
QUESTION 227
The consumer does not manage or control the underlying cloud infrastructure but has control over
operating systems, storage, and deployed applications.
This describes what cloud service model?
A. SaaS
B. IaaS
C. PaaS
D. CaaS
Correct Answer: B
Explanation
Infrastructure as a Service allows the customer to deploy their own operating systems, storage, and
applications.
QUESTION 228
Which cloud service model is shared with companies that have similar interests?
A. Public
B. Private
C. Community
D. Hybrid
Correct Answer: C
Explanation
Community clouds are designed for specific areas of interest, regulatory, security, or policy requirements.
QUESTION 229
What is the ability to automatically and dynamically add additional resources such as storage, CPUs,
memory, and even servers?
A. Pay-as-you-grow
B. Cloud bursting
C. Elasticity
D. On-demand
Correct Answer: C
Explanation
In cloud computing, elasticity is defined as "the degree to which a system is able to adapt to workload
changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in
time the available resources match the current demand as closely as possible".
With elastic computing, there is no longer any need to deploy servers and storage systems designed to
handle peak loads.
Now you can scale the cloud infrastructure to the normal load and automatically expand as needed when
the occasion arises.
QUESTION 230
What is a part of a file or sector header in a storage system that is used to identify the contents of the file?
A. Policies
B. BLOB
C. Object ID
D. Metadata
Correct Answer: D
Explanation
Metadata can consist of many different types of information, such as the type of data or application and the
security level. Object storage allows administrators to define any type of information in metadata and
associate it with a file.
QUESTION 231
What technology is installed as an application on an already existing operating system and allows you to
then install virtual machines?
A. Infrastructure
B. Open source
C. Type 1 hypervisor
D. Type 2 hypervisor
Correct Answer: D
Explanation
A PC running Windows or Linux can install a Type 2 hypervisor and run it as any other application.Then,
inside the hypervisor, multiple operating systems or VMs can be run.
QUESTION 232
What is a file-based image of the current state of a VM called?
A. Snapshot
B. Cloning
C. Template
D. Image
Correct Answer: A
Explanation
A snapshot is an exact copy is made of a running VM. Snapshots can be created while the VM is in
operation and are used as a record of that VM’s state.
QUESTION 233
What process involves taking a server that is running an operating system and applications and migrating it
to a VM running on top of a hypervisor?
A. Online migration
B. P2V
C. V2V
D. V2P
Correct Answer: B
Explanation
A physical-to-virtual migration takes a server that is running an operating system and applications and then
migrates it to a virtual machine.
QUESTION 234
What is the ability to dynamically commit and reclaim resources such as storage, compute, and memory?
A. Elasticity
B. Bursting
C. Shared resources
D. Horizontal scaling
Correct Answer: A
Explanation
In cloud computing, elasticity allows cloud resources to be created, consumed, and reclaimed for future use
dynamically by the hypervisor.
handle peak loads.
QUESTION 235
Which file access type allows the reading and writing to a hard disk drive at the physical hardware level?
A. Fibre Channel
B. SAN
C. Direct-attached storage
D. Block-level access
Correct Answer: D
Explanation
In block-level access, a server reads and writes directly to a hard disk rather than relying on a file-level
protocol like CIFS or NFS.
Block-level access allows the reading and writing to a hard disk drive (HDD) at the physical hardware level.
A disk controller in a server reads and writes the disks at the block level.
QUESTION 236
What is the most common high-speed drive interface type found in a cloud computing center?
A. IDE
B. ATA
C. SATA
D. SCSI
Correct Answer: C
Explanation
Serial Advanced Technology Attachment (SATA) drives are commonly seen in the cloud. SATA is a current
technology found in many production data networks.
As the name suggests, SATA is a serial link connection to the drive instead of the older parallel interface
found in SCSI and IDE.
QUESTION 237
Which protocols allow storage data to be carried over the same network as your Ethernet LAN traffic (often
referred to as a converged fabric)?
(Choose two.)
A. Fibre Channel
B. iSCSI
C. FCoE
D. LUN masking
Correct Answer: BC
Explanation
When the switch fabrics of Ethernet and storage channel are combined, many advantages can be realized.
For example, this approach reduces the cabling and complexity of running multiple data and storage
networks inside the cloud. With FCoE, the Fibre Channel traffic is encapsulated again, this time with an
Ethernet header, and connected to the LAN along with all other networked devices in the cloud datacenter.
iSCSI encapsulates the SCSI command set directly into Ethernet frames using the reliable TCP to ensure
that the storage traffic is not lost across the network. .
QUESTION 238
If any disk in this type of RAID array fails, the parity information stored across the remaining drive can be
used to re-create the data and rebuild the drive array.
A. RAID 0+1
B. RAID 1
C. RAID 3
D. RAID 5
Correct Answer: D
Explanation
RAID 5 stripes file data and checks parity data and is stored over all the disks; there is no longer a single
parity check disk or write bottleneck.
RAID 5 dramatically improves the performance of multiple writes since they are now done in parallel.
.
QUESTION 239
Inside the cloud datacenter, which standardized method is used to segment networks not only at the logical
or IP addressing level but also at the physical port level?
A. 802.1Q
B. PAT
C. Supernetting
D. 802.1d
Correct Answer: A
Explanation
The Ethernet switches installed in the datacenter can have their ports logically divided into groups that
connect servers and devices using the 802.1Q VLAN tagging standard.
QUESTION 240
What is a network that is optimized for shorter distances, such as inside a metro area or a campus of a
large company or industrial park?
A. LAN
B. MAN
C. WAN
D. LAN
E. QoS
Correct Answer: B
Explanation
Metropolitan area networks will generally be capable of higher speeds than what most WAN architectures
can offer and are usually based off high-speed fiber-optic interconnections in a geographical area such as a
city, office park, or campus.
QUESTION 241
What network utility is found in both Windows and Linux that gives detailed information about the network
that the server is connected to?
A. Ping
B. Traceroute
C. Netstat
D. ifconfig
Correct Answer: C
Explanation
Netstat is a network statistics utility found on both Windows and Linux workstations and servers.
You can use netstat to see what network connections are open to remote applications, to view detailed
protocol information, to see addresses used both locally and remotely, and to determine which state the
TCP connections are currently in on the device.
QUESTION 242
Which protocols and port numbers are used when you enter https in your browser?
(Choose three.)
A. 25
B. 443
C. SSL
D. IPSec
E. TLS
Correct Answer: BCE

Explanation
When you type https in your web browser, you are requesting a secure WWW connection. Hypertext
Transfer Protocol Secure uses port 443 to set up an encrypted connection from your browser to a secure
web server in the cloud using the SSL/TLS secure protocols.
QUESTION 243
What BIOS setting must be enabled for hypervisors running on Intel bare-metal servers?
A. NX
B. Coherency
C. VY
D. VT
Correct Answer: D
Explanation
Hardware-assisted virtualization must be enabled in BIOS to optimize hypervisor support.

For Intel CPUs, it is called Virtualization Technology (VT) and AMD calls it AMD-V.
QUESTION 244
The vendor’s hardware compatibility list ensures which of the following?
(Choose two.)
A. Reliability
B. SLA
C. MTBF
D. Performance
Correct Answer: AD
Explanation
Server manufacturers go to great lengths to make sure that the hardware installed inside a server is
validated and fully tested for performance, manageability, reliability, and compatibility.
QUESTION 245
What is installed in a server’s expansion slot to provide a connection to remote storage?
A. HBA
B. SCSI
C. LUN
D. SAN
Correct Answer: A
Explanation
A host bus adapter (HBA) is a storage network interface card installed in a server to provide a connection to
remote storage.
HBAs are installed in a server’s expansion slot. To the server’s operating system, the storage appears to be
attached locally.
QUESTION 246
When hard drives are installed directly inside a server, which interfaces are used as the most common
connection types?
(Choose two.)
A. FCoE
B. SATA
C. SNMP
D. SCSI
Correct Answer: BD
Explanation
Hard drives can be installed directly inside a server using SCSI and SATA interfaces as the most common
connection types. However, with large storage needs, consolidation, and the need to provide the capability
to move VMs from server to server, external storage systems are very common. These are large systems
that centralize storage and connect to the servers using a storage area network (SAN).
QUESTION 247
What are the documents that outline which levels of service will be provided and which metrics the cloud
provider must meet?
A. NMaaS
B. SaaS
C. SLA
D. SNMP
Correct Answer: C
Explanation
. The service-level agreement is a document that outlines which levels of service will be provided and which
metrics the cloud provider must meet. It is a critical document that must be negotiated with the cloud
provider.
QUESTION 248
What aspects of the cloud do cloud management applications monitor? (Choose three.)
A. FCAPS
B. Hardware
C. Power
D. Cooling
E. FCoE
F. SNMP
Correct Answer: BCD

Explanation
Cloud management systems monitor all aspects of the cloud, including hardware, software, power, cooling,
and network connections.
QUESTION 249
What service is based on management applications hosted in the cloud?
A. SaaS
B. MaaS
C. SNMP
D. XaaS
Correct Answer: B
Explanation
. MaaS providers or MSPs allow for a quick deployment of managed services and offer many premium
services to assist in the administration, monitoring, and even the security of your cloud services.
QUESTION 250
What type of encrypted remote access connection is set up between the network management location and
the cloud services being monitored and managed?
A. QoS
B. SNMP
C. VPN
D. GRE
Correct Answer: C
Explanation
. A virtual private network allows for secure and usually encrypted connections over a public network.
QUESTION 251
A MIB uses which of the following to define the tree structure?
A. OIDs
B. SNMP
C. SSH
D. RSTP
Correct Answer: A
Explanation
. The MIB is a tree-based definition file that uses object identifiers (OIDs). The OID data describes to the
management station where the data is located on the remote device and follows an industry-standard tree
structure.
QUESTION 252
What allows the cloud service company to offer various classes or tiers of service such as basic, advanced,
and premium services based on quotas and levels of compute services offered per tier?
A. Entitlement
B. Hard limits
C. Reservations
D. Virtual instances
Correct Answer: A
Explanation
. Entitlement defines the allocation of resources such as storage space, memory, CPU processors, and
network resources that allows the cloud service company to offer various classes or tiers of service such as
basic, advanced, and premium.
QUESTION 253
What sets the minimum or the floor hardware resources guaranteed to be available in a virtualized
environment?
A. Quotas
B. Reservations
C. Entitlements
D. Affinity
Correct Answer: B
Explanation
. A reservation sets the minimum or the floor resources guaranteed to be available. This allows for a
guarantee of a baseline or guaranteed minimum of resources to be available for a virtual machine.
Reservations are important so that a VM can be assured to operate at a known performance level and that,
in the shared virtualized cloud datacenter, a certain minimum level of resources is available at all times
even when other VMs are consuming a high level of resources on the physical server.
QUESTION 254
What is the proprietary protocol developed by Microsoft to allow remote access to Windows devices?
A. SSH
B. RDP
C. ICA
D. RCP
Correct Answer: B
Explanation
. The Remote Desktop Protocol is a proprietary protocol developed by Microsoft to allow remote access to
Windows devices. It is a client-server application, which means RDP has to be installed and running on
both the server and the local workstation you are using to access the cloud server.
QUESTION 255
What technology provides the ability to selectively filter traffic by either permitting or denying Ethernet traffic
between network segments?
A. IDS
B. IPS
C. ACL
D. DMZ
Correct Answer: C
Explanation
. ACLs are an ordered list of permit and deny statements that are compared to the network traffic passing
through them. When a rule is matched, then the action is taken on the LAN traffic and no further ACL
processing is performed. A rule base is configured that specifies any number of parameters that usually
include a source or destination IP address or an application such as HHTP or SMTP.
QUESTION 256
What is the network attack that is launched over the Internet from many end stations all attacking a target
at the same time?
A. Teardrop attack
B. DDoS
C. Ping of Death
D. DoS
E. Ping flood
Correct Answer: B
Explanation
. A distributed denial-of-service (DDoS) attack is launched over the Internet from many end stations, all
attacking a target at the same time. They can attack the network infrastructure or target a specific server.
Due to the nature of the attack, with many devices all attacking at once, a DDoS attack can be highly
destructive and hard to protect against. Since there is such a high volume of traffic, the network bandwidth
can also be saturated, which will block legitimate users from accessing the network. Application-level
attacks are designed to exhaust the resources such as RAM, CPU, and total connections available.
QUESTION 257
What is a technique used to increase security of storage data by making it very difficult to read legitimate
data stored in files?
A. IPsec
B. LUN masking
C. Zoning
D. Obfuscation
Correct Answer: D
Explanation
. Obfuscation is a technique used to increase security of storage data by making it very difficult to read
legitimate data stored in files. Using obfuscation processes on storage systems makes it difficult for
hackers or hijackers to make sense of the stored data because the data is so deeply buried (obfuscated)
with random data that it is hard to determine what is actual data and what is not.
QUESTION 258
What is a standardized set of roles, policies, and procedures used to create, manage, distribute, use, store,
and revoke digital certificates and manage public/private key encryption?
A. IPsec
B. PKI
C. RSA
D. SSL/TLS
Correct Answer: B
Explanation
. PKI provides for identity, authorization, and encryption services that are central to implementing security in
the cloud. PKI is an industry-standard framework that provides authorization and enforces security policies.
QUESTION 259
What defines the process of managing all aspects of the ongoing upgrades, repairs, and reconfigurations?
A. Capacity management
B. Configuration control
C. Change management
D. CMDB
Correct Answer: C
Explanation
. Change management is defined as the process of managing all aspects of the ongoing upgrades, repairs,
and reconfigurations. Change management involves planning and managing changes to minimize any
disruptions of service.
QUESTION 260
What is the general term for optimizing hard disk performance?
A. I/O tuning
B. Swap space
C. Latency
D. Disk tuning
Correct Answer: D
Explanation
. Disk tuning is the general term for optimizing hard disk performance.
QUESTION 261
What is the measurement of the delta from when a frame traverses the network?
A. Multipathing
B. Latency
C. Metadata performance
D. Bandwidth
Correct Answer: B
Explanation
. Network latency is the delay incurred as a frame traverses the network. Each network device will receive
the frame, compute a CRC error check, look up the exit interface, and send the frame out that interface.
There are also delays in the serialization of the frame to exit the interface. When the frame passes through
a firewall, it will be compared against the firewall rule set to determine if it is permitted or denied, and the
data will be delayed during this process. If there is contention in the network, the frame may be buffered
until network bandwidth becomes available.
QUESTION 262
What device will examine incoming traffic and allocate connections across a pool of many servers to
service the connections?
A. Load balancer
B. High-availability servers
C. Horizontal scaling
D. Application delivery systems
Correct Answer: A
Explanation
. A large cloud service that has to manage many thousands of connection requests coming in over the
Internet. Therefore, a means must be implemented that spreads the processing workload over multiple
servers since it is not possible or desirable to have just one server active and servicing the complete
workload. A load balancer will examine incoming traffic and allocate connections across a pool of many
servers to service the connections.
QUESTION 263
Which disaster recovery site will host an operational database server that is in sync with the database
server at the primary datacenter?
A. Hot site
B. Warm site
C. Cold site
D. Mirrored site
Correct Answer: B
Explanation
. A warm disaster recovery site will host an operational database server that is in sync with the database
server at the primary datacenter. All other needed site infrastructure, such as servers, storage, load
balancers, and networking, are either offline or not provisioned until the warm site is brought online after a
failure at the primary datacenter.
QUESTION 264
What is the time it takes to get a service on line and available after a failure?
A. MTTR
B. RTO
C. RPO
D. MTBF
Correct Answer: B
Explanation
. The recovery time objective (RTO) is the time it takes to get a service online and available after a failure.
When planning for business continuity, the cost of the downtime must be taken into consideration.
QUESTION 265
What is the process of replicating data in real time from the primary storage system to a remote facility?
A. Archiving
B. Asynchronous replication
C. Synchronous replication
D. Site mirroring
Correct Answer: C
Explanation
. Synchronous replication is the process of replicating data in real time from the primary storage system to a
remote facility. Synchronous replications allow you to store current data at a remote location from the
primary datacenter that can be brought on line with a very short recovery time and limited loss of data.
Synchronous replications offer high availability for mission-critical applications by storing data in a remote
site that can assume processing responsibility with current data from the primary site. When implementing
a synchronous replication solution, disaster recovery hot and warm sites can be effectively implemented.
QUESTION 266
What is the restore point you recover to in the event of an outage that determines the amount of data lost?
A. MTTR
B. RTO
C. RPO
D. MTBF
Correct Answer: C
Explanation
The recovery point objective (RPO) is the restore point you recover to in the event of an outage. The RPO
is the amount of data that may be lost when restarting the operations. Generally speaking, if the site is used
for financial or other critical transactions, such as healthcare, the RPO would need to be very close to zero
since losing any data could be catastrophic.
QUESTION 267
What cloud model delivers server hardware with no operating system?
A. IaaS
B. PaaS
C. SaaS
D. CaaS
Correct Answer: A
Explanation
. Infrastructure as a Service offers computing hardware, storage, and networking but not the operating
systems or applications.
QUESTION 268
What cloud model delivers all services except the application?
A. IaaS
B. PaaS
C. SaaS
D. CaaS
Correct Answer: B
Explanation
Platform as a Service offers computing hardware, storage, networking, and the operating systems but not
the application software.
QUESTION 269
What cloud model delivers all services, including the application?
A. IaaS
B. PaaS
C. SaaS
D. CaaS
Correct Answer: C
Explanation
Software as a Service offers all cloud computing services, including the application software.
QUESTION 270
What cloud model delivers Virtual Desktop Infrastructure?
A. XaaS
B. DaaS
C. SaaS
D. CaaS
Correct Answer: B
Explanation
Desktop as a Service is a cloud-hosted service that extends a virtual desktop to a remote client.
QUESTION 271
What cloud delivery model is used by a single organization?
A. Hybrid
B. Public
C. Private
D. Community
Correct Answer: C
Explanation
A private cloud is used exclusively by a single organization.
QUESTION 272
What cloud delivery model is used by a group of consumers with similar requirements?
A. Hybrid
B. Public
C. Private
D. Community
Correct Answer: D
Explanation
A community cloud is used by companies with similar needs such as medical or financial services.
QUESTION 273
What cloud delivery model is shared by multiple organizations?
A. Hybrid
B. Public
C. Private
D. Community
Correct Answer: B
Explanation
A public cloud is used shared by many different organizations.
QUESTION 274
What delivery model uses a remote datacenter to host computing resources?
A. Co-location
B. On-premise
C. Off-premise
D. Public
Correct Answer: C
Explanation
The cloud delivery model that hosts compute resources remotely is referred to as off-premise.
QUESTION 275
Which cloud characteristic allows you to pay for only the services used?
A. Bursting
B. Pay-as-you-grow
C. Chargeback
D. Metering
Correct Answer: B
Explanation
The pay-as-you-grow cloud characteristic allows billing for only the services used.
QUESTION 276
Which cloud characteristic allows you to invoice individual groups for cloud computing services used?
A. Bursting
B. Pay-as-you-grow
C. Chargeback
D. Metering
Correct Answer: C
Explanation
Chargeback allows accounting and departmental billing for cloud services used.
QUESTION 277
Which cloud characteristic allows you to access a self-service portal to instantly create additional servers,
storage, or other services?
A. Bursting
B. Pay-as-you-grow
C. Multitenancy
D. On-demand
Correct Answer: D
Explanation
On-demand cloud computing allows the consumer to dynamically add and change resources with the use
of an online portal.
QUESTION 278
Which cloud characteristic allows a single software application to be shared among multiple cloud clients?
A. Ubiquitous access
B. Pay-as-you-grow
C. Chargeback
D. Multitenancy
Correct Answer: D
Explanation
Multitenancy is when a single software application is portioned and shared between multiple clients.
QUESTION 279
Which cloud offering is designed to use the public cloud for processing during times of increased compute
load?
A. Elasticity
B. Hybrid cloud
C. Cloud bursting
D. Rapid deployment
Correct Answer: C
Explanation
Cloud bursting is designed to use a public cloud during times of increased load on the primary datacenter.
QUESTION 280
What cloud service allows the consumer to provision and deploy cloud-based services in a very short time
window?
A. Elasticity
B. Automation
C. Cloud bursting
D. Rapid deployment
Correct Answer: D
Explanation
Rapid deployment gives the consumer the ability to rapidly change cloud resources by using automation.
However, automation is a tool and not the service itself.
QUESTION 281
What is a pointer to a globally piece of cloud storage data?
A. BLOB
B. Object ID
C. Metadata
D. VSAN
Correct Answer: B
Explanation
An object ID is a unique identifier of a stored piece of data and is used to locate data or metadata in a cloud
storage system.
QUESTION 282
What is a collection of binary data that is stored as a single entity inside a database management system?
A. BLOB
B. Object ID
C. Metadata
D. VSAN
Correct Answer: A
Explanation
A BLOB (Binary Large Object) is a collection of binary data that is stored as a single entity inside a
database management system.
QUESTION 283
What is an exact copy of a stored item?
A. BLOB
B. Object ID
C. Metadata
D. Replica
Correct Answer: D
Explanation
A replica is an exact copy of a stored item.
QUESTION 284
What is data that is part of a file or sector header in a storage system that is used to identify the content of
the data?
A. BLOB
B. Object ID
C. Metadata
D. Replica
Correct Answer: C
Explanation
Metadata is part of a file or sector header in a storage system that is used to identify the content of the data.
QUESTION 285
What are granular lists of rules of operations in computing systems called?
A. BLOB
B. Policies
C. Access lists
D. Role-based authentication
Correct Answer: B
Explanation
Policies define a granular list of rules of operations in a computing system that grant rights to perform
specific operations.
QUESTION 286
What is the agreement on performance and level of service between the cloud service provider and the
cloud consumer called?
A. Metering
B. Validation
C. SLA
D. Orchestration
Correct Answer: C
Explanation
The service level agreement spells out the responsibilities and levels of service between the cloud provider
and consumer.
QUESTION 287
What is the name given to the type of software that enables a server to be logically abstracted and appear
to the operating system running on it as if it is running directly on the server hardware itself?
A. Virtualization
B. Abstraction
C. Hypervisor
D. Volumes
Correct Answer: C
Explanation
A hypervisor is software that allows multiple virtual machines to run on a single server hardware platform.
QUESTION 288
What kind of hypervisor runs directly on the bare-metal server?
A. Virtualized
B. Cloud
C. Type 1
D. Type 2
Correct Answer: C
Explanation
A Type 1 hypervisor runs directly on the server hardware and does not rely on a guest operating system.
QUESTION 289
What kind of hypervisor runs as an application on top of an already installed operating system?
A. Virtualized
B. Cloud
C. Type 1
D. Type 2
Correct Answer: D
Explanation
A Type 2 hypervisor requires that (1) a Windows or Linux operating system be installed, and (2) the
hypervisor be run as an application on that OS.
QUESTION 290
Which two of the following are open source hypervisors?
A. ESXi
B. VirtualBox
C. KVM
D. Hyper-V
Correct Answer: BC
Explanation
VirtualBox and KVM are examples of open source hypervisors.
QUESTION 291
When cloning a server to use as a reference in creating new virtual machines, which two of the following
need to be changed?
A. UUID
B. BIOS
C. SAN name
D. MAC address
Correct Answer: AD
Explanation
The UUID and MAC address must be unique on each server and are changed during the cloning process.
A universally unique identifier (UUID) is a 128-bit number used to identify information in computer systems.
The term globally unique identifier (GUID) is also used.
When generated according to the standard methods, UUIDs are for practical purposes unique, without
depending for their uniqueness on a central registration authority or coordination between the parties
generating them, unlike most other numbering schemes. While the probability that a UUID will be
duplicated is not zero, it is close enough to zero to be negligible.
QUESTION 292
When creating a virtual machine image, what are some of the common components that are included in the
master image? (Choose three.)
A. Operating system
B. Service packs
C. Security configurations
D. Hypervisor settings
Correct Answer: ABC

Explanation
A master image includes the reference for creating new virtual servers and generally includes the operating
system, service packs, and security configurations.
QUESTION 293
A virtual server image created in a certain specific moment in time is called what?
A. Cloning
B. Virtual disk backup
C. Snapshot
D. Replica
Correct Answer: C
Explanation
A snapshot is a copy of a virtual machine at the moment in time that the snapshot was created.
QUESTION 294
What is the name for a piece of software running in a hypervisor that acts as a network interconnection for
the virtual machines to the outside network?
A. VSAN
B. VLAN
C. Virtual switch
Correct Answer: C
Explanation
A virtual switch is a virtualized Ethernet switch that runs inside a hypervisor and connects the virtual
server’s vNICs to the outside Ethernet network.
QUESTION 295
What type of storage is presented to the virtual machine as an actual hard drive?
A. Volume
B. File storage
C. Ghosting
D. Virtual disk
Correct Answer: D
Explanation
A virtual disk is a logical representation of a storage volume that is accessed by a virtual server.
QUESTION 296
A virtual machine does not have a hardware LAN card installed.
What does it use instead?
A. VLAN
B. Virtual switch
C. vNIC
D. Host bus adapter
Correct Answer: C
Explanation
A virtual network interface card (vNIC) is a software representation that a virtual machine installs to connect
to the outside network.
QUESTION 297
What LAN technology is used to logically segment an Ethernet network?
A. VSAN
B. vNIC
C. VLAN
D. Virtual switch
Correct Answer: C
Explanation
A VLAN logically creates multiple LANs inside a single switching fabric.
QUESTION 298
When creating a server baseline when planning a migration, you should collect and analyze which
important parameters?
(Choose three.)
A. CPU utilization
B. Memory requirements
C. BIOS settings
D. Storage requirements
Correct Answer: ABD

Explanation
There are many server baseline values to collect and analyze, including CPU, memory, and storage.
QUESTION 299
When you are migrating from a physical to a virtual server, what are some of the external parameters that
may need to be changed?
(Choose three.)
A. IP addressing
B. DNS names
C. Storage VSAN
D. Automation settings
Correct Answer: ABC

Explanation
When migration occurs, the new virtual machine will most likely be in a different IP subnet, necessitating an
address change and DNS name change. Also, the external storage will need to be configured.
QUESTION 300
What type of migration includes cloning an existing virtual machine and installing it on a cloud provider’s
hypervisor?
A. Type 1
B. Type 2
C. V2V
D. P2V
Correct Answer: C
Explanation
A virtual-to-virtual migration is when a virtual machine is migrated from one virtualized server environment
to another.
QUESTION 301
When you are performing online storage migration to the cloud, what must you take into consideration?
A. Applications to restore
B. WAN bandwidth
C. Migration type
D. Hypervisor capabilities
Correct Answer: B
Explanation
Storage volumes can be very large, and if there is limited network bandwidth to the cloud provider, an
online migration may take a very long time.
QUESTION 302
A real-time migration from the corporate datacenter to the cloud of virtual machines is referred to as what?
A. V2V
B. Transposing
C. Online migration
D. vMotion
Correct Answer: C
Explanation
A live migration over the WAN network to the cloud is referred to as online migration.
QUESTION 303
The process of converting a server running on a hypervisor to bare metal is called what?
A. V2V
B. P2V
C. V2P
D. Offline migration
Correct Answer: C
Explanation
Virtual-to-physical is the process of migrating a server from a virtual machine to one running on its own
server hardware.
QUESTION 304
The process of converting a virtual machine running in a corporate datacenter to a hypervisor in the cloud is
often referred to as what?
A. V2V
B. P2V
C. V2P
D. Online migration
Correct Answer: A
Explanation
The process of migrating from a virtual machine in a corporate datacenter to the same in a cloud is called
virtual-to-virtual (V2V) migration.
QUESTION 305
The process of converting a server running on bare-metal server hardware in a corporate datacenter to a
hypervisor in the cloud is often referred to as what?
A. V2V
B. P2V
C. V2P
D. Online migration
Correct Answer: B
Explanation
The process of migrating a server in a corporate datacenter to an image that runs on a hypervisor as a
virtual machine in the cloud is called physical-to-virtual (P2V) migration.
QUESTION 306
The ability to dynamically commit and reclaim resources such as storage, memory, and CPU is referred to
as what?
A. Elasticity
B. Resource pooling
C. Virtualization
D. Cloud bursting
Correct Answer: A
Explanation
Elasticity is the process of using a pool of computing resources in the cloud to dynamically assign and
reclaim resources as needed.
handle peak loads.
QUESTION 307
What type of storage is available on a network?
(Choose two.)
A. Shared
B. SCSI
C. SAN
D. RAID
Correct Answer: AC
Explanation
Network storage is available to multiple server systems and clients, so by nature it can be shared. A
storage area network (SAN) is also a shared storage medium. SCSI and RAID are hardware architectures
and not related to shared storage.
QUESTION 308
What type of storage interconnections are seen in standalone servers, laptops, and desktops?
A. iSCSI
B. Zoning
C. FCoE
D. Direct
Correct Answer: D
Explanation
Direct-connected storage is the most common connection type in this scenario. Fibre Channel is a remote
storage protocol, and zoning is used in storage area networking. iSCSI is a protocol used in storage
networking.
QUESTION 309
Which of the following is the name of a high-speed network storage solution?
A. Block access
B. Zoning
C. VMFS
D. SAN
Correct Answer: D
Explanation
A storage area network (SAN) is a high-speed network dedicated to storage transfers across a shared
network. Block access is not a networking technology. Zoning is for restricting LUNs in a SAN, and VMFS is
a VMware filesystem.
QUESTION 310
What interface hardware installed in a server is used to connect to a Fibre Channel network?
A. NIC
B. SCSI
C. HBA
D. RAID
Correct Answer: C
Explanation
A host bus adapter (HBA) is hardware interface card that is installed in a server to allow the operating
system to connect to remote storage arrays. A NIC is used for Ethernet, SCSI is encapsulated inside Fibre
Channel, and RAID is a hardware storage family of redundancy types.
QUESTION 311
What is a process of making storage resources available to some servers on a SAN and restricting the
storage to other systems?
A. Masking
B. LUN
C. Multipath
D. Tiering
Correct Answer: A
Explanation
Masking is a SAN technique to make logical storage units available to some servers while restricting
access to others. LUNs are the actual units being masked, multipath is a redundancy architecture, and
tiering is a storage hierarchy design.
QUESTION 312
What is a SAN technique used to restrict LUNs to specific storage devices?
A. HBA
B. Access control lists
C. Zoning
D. ZFS
Correct Answer: C
Explanation
Zoning is the process of restricting storage initiators such as servers in the cloud to specific logical units
(LUNs). Access control lists are found in Ethernet networking, HBAs are storage adapters, and ZFS is a
filesystem type.
QUESTION 313
Each Fibre Channel device has a unique identifier known as what?
A. FCP
B. WWN
C. SAN
D. NTFS
Correct Answer: B
Explanation
A worldwide name (WWN) is a unique identifier assigned to each Fibre Channel interface at the time of
manufacture. FCP is the actual Fibre Channel protocol; a SAN is a storage area network and not the
correct answer; and NTFS is a filesystem type.
QUESTION 314
What is the technology of using Fibre Channel on a converged network fabric?
A. SAN
B. iSCSI
C. FCoE
D. FCP
Correct Answer: C
Explanation
Fibre Channel over Ethernet (FCoE) allows the Fibre Channel frames to be encapsulated inside an
Ethernet frame and to share the same network switching fabric with LAN traffic. A SAN is not a converged
network. The Fibre Channel Protocol (FCP) is used on storage area networks; iSCSI is used over Ethernet
but is not a Fibre Channel protocol.
QUESTION 315
What is a predominant storage protocol in a cloud provider’s datacenter?
A. Ethernet
B. Fibre Channel
C. FAT
D. Tier 2
Correct Answer: B
Explanation
Fibre Channel is a predominant storage protocol found in storage area networks. Ethernet is a LAN
technology and not a storage protocol. FAT is a filesystem type, and Tier 2 is a storage architecture.
QUESTION 316
This storage technology can be encapsulated inside a TCP/IP frame and sent across as converged switch
fabric; when encapsulated, what is it known as?
A. Masking
B. iSCSI
C. Fibre Channel
D. Zoning
Correct Answer: B
Explanation
When the SCSI is encapsulated inside TCP/IP, it becomes known as iSCSI. Masking and zoning are LUN
access processes, and Fibre Channel is SAN protocol.
QUESTION 317
Which of the following are HDD architectures? (Choose two.)
A. WWN
B. Spinning
C. SSD
D. EXT
Correct Answer: BC
Explanation
The two hard drive designs found in the cloud storage systems are spinning and solid state. WWN is a
storage addressing system, and EXT is a Linux filesystem.
QUESTION 318
Which of the following are standardized hardware systems for storage interconnections? (Choose three.)
A. ATA
B. SATA
C. SCSI
D. Block
E. File
Correct Answer: ABC

Explanation
HDD interface types include ATA, SATA, and SCSI. Block and file are not hardware interconnections.
QUESTION 319
What system was developed to address the different types of storage needs a cloud consumer may require
for availability, response times, backups, and economics?
A. RAID
B. Multipathing
C. Tiering
D. Policies
Correct Answer: C
Explanation
Tiering is the process of defining the storage needs of the cloud customer and aligning them with the cloud
provider’s offerings. RAID is a hardware storage family of redundancy types. Multipathing is a redundant
SAN technique, and policies are not related to the question.
QUESTION 320
What is the name for a grouping of hard drives for redundancy and performance?
A. Multipathing
B. RAID
C. Masking
D. Tiering
Correct Answer: B
Explanation
RAID combines physical disks together for redundancy and performance. Multipathing is a redundancy
SAN design, masking is a LUN access process, and tiering is a storage hierarchy technique.
QUESTION 321
Which storage type stripes file data and performs a parity checking data over multiple disks that can
recover from a hard disk failure?
A. RAID 0
B. RAID 1
C. RAID 1+0
D. RAID 5
Correct Answer: D
Explanation
RAID 5 has parity information that is striped across multiple drives that allows the drive array to be rebuilt if
a single drive in the array fails. The other options do not have parity data.
QUESTION 322
Which of the following is a type of filesystem that is found in Unix operating systems and is now seen in
Linux distributions?
A. ZFS
B. VMFS
C. UFS
D. FAT
Correct Answer: C
Explanation
Unix File System (UFS) was developed for Unix and is available for the Linux operating system. FAT,
VMFS, and ZFS are all filesystem types but are not found in both Unix and Linux.
QUESTION 323
Which of the following is a SAN technique that restricts storage to a specific server or a small group of
servers that is implemented in SAN switches?
A. Masking
B. Zoning
C. Multipathing
D. Tiering
Correct Answer: B
Explanation
Zoning is a LUN access process that is implanted on the SAN switching fabric. Masking, multipathing, and
tiering are not related to LUN restrictions on the SAN fabric.
QUESTION 324
For SAN LUN mappings and restrictions, what process can be implemented at the HBA or storage
controller level?
A. Masking
B. Zoning
C. Multipathing
D. Tiering
Correct Answer: A
Explanation
LUN masking is implemented at the HBA or SAN storage controller level and either permits or denies a
server from accessing a LUN in a storage array. Zoning, multipathing, and tiering are not related to LUN
restrictions at the controller level.
QUESTION 325
Which of the following is a process of making a SAN highly available and fault resistant?
A. Fabric path
B. Multipathing
C. FCoE
D. WWN
Correct Answer: B
Explanation
Multipathing allows for two or more separate SAN networks between devices on a SAN. This allows for
redundancy and fault tolerance. Fabric path is a LAN redundancy protocol, and FCoE and WWNs are not
related to SAN fabric redundancy.
QUESTION 326
Which of the following are important factors when maintaining a storage network in the cloud?
(Choose three.)
A. Change management
B. Downtime
C. Best practices
D. Project management
Correct Answer: ACD

Explanation
Change management controls the process of implementing changes in the cloud datacenter, best practices
are suggested considerations when making changes, and project management is concerned with
processes to ensure a successful project.
QUESTION 327
What is the process of changing the IP address in a packet header? (Choose two.)
A. QoS
B. PAT
C. NAT
D. ARP
Correct Answer: BC
Explanation
Network address translation (NAT) and port address translation (PAT) are both used to change IP
addresses in a header. Address translation is commonly used to translate between public and private IP
address ranges.
QUESTION 328
What is the ability to take an IP address block and to consolidate several network ranges into a single
larger block called?
A. Trunking
B. Supernetting
C. Port aggregation
D. Port binding
Correct Answer: B
Explanation
Supernetting is the process of adjusting a subnet mask to consolidate several network address ranges into
one larger range.
QUESTION 329
What does a header inserted into an Ethernet frame to segment a network contain?
A. Subnet
B. VLAN tag
C. Segmentation pointer
D. DHCP scope
Correct Answer: B
Explanation
The header inserted into an Ethernet frame that is used to identify individual LAN segments is the VLAN
tag.
QUESTION 330
Ethernet port configurations can contain which of the following? (Choose two.)
A. Speed
B. VLAN
C. Cloud tag
D. Cache settings
Correct Answer: AB
Explanation
The speed setting and VLAN identifiers are common network port configuration items.
QUESTION 331
A Layer 3 router port configuration may contain which of the following? (Choose two.)
A. IP address
B. Duplex
C. Subnet mask
D. VLAN
Correct Answer: AC
Explanation
The IP address and subnet mask are Layer 3 configuration information. Both the VLAN and duplex settings
are Layer 2 switch configurations.
QUESTION 332
A centralized controller used to automate networking control and forwarding is part of what technology?
A. QoS
B. SDN
C. DNS
D. BGP
Correct Answer: B
Explanation
Software-defined networking (SDN) is the automation of the network fabric by use of a centralized group of
network controllers.
QUESTION 333
What is a network in a campus or community environment called?
A. LAN
B. SAN
C. WAN
D. MAN
Correct Answer: D
Explanation
A metropolitan area network (MAN) encompasses an area such as an office park, college campus, or city.
QUESTION 334
The measurement of time data takes to pass through a network is referred to as?
A. Compression delta
B. Bandwidth
C. Latency
D. QoS
Correct Answer: C
Explanation
Latency is the time measurement of delay in a data network.
QUESTION 335
Video and voice data is affected by what in a network?
A. NAT
B. VLANs
C. Latency
D. Load balancing
Correct Answer: C
Explanation
Latency affects real-time data such as voice and video.
QUESTION 336
What is it called when data is stored locally in the network where it is often requested?
A. Compression
B. Load balancing
C. Caching
D. Tiering
Correct Answer: C
Explanation
Caching stores data locally for fast retrieval that results in better network performance and less link
bandwidth utilization.
QUESTION 337
What device is placed in front of servers and used to increase the performance of a heavily used cloud
computing site?
A. SAN switch
B. Router
C. Load balancer
D. Compressor
Correct Answer: C
Explanation
A load balancer is used to spread the workload across many servers in a cloud datacenter.
QUESTION 338
What IP utility is used to verify that an IP address is available on the network and also to show the response
time at that moment in time?
A. Netstat
B. SFTP
C. ping
D. nslookup
Correct Answer: C
Explanation
Ping is a reachability application used to verify that an IP address is available on the network and also to
show the response time at that moment in time.
QUESTION 339
What is the name of the Windows tool used to show the routed path from source to destination in a
network?
A. ping
B. tracert
C. traceroute
D. netstat
Correct Answer: B
Explanation
Tracert is the Windows command used to show the path a packet takes through a network from source to
destination. The Linux equivalent is traceroute.
QUESTION 340
What is the command-line utility that shows open network connections, protocol information, and addresses
used?
A. ifconfig
B. Netstat
C. icmp
D. ipconfig
Correct Answer: B
Explanation
Netstat is a command-line utility found in both Windows and Linux that provides detailed TCP/IP connection
information.
QUESTION 341
What Linux command is used to resolve hostnames to IP addresses?
A. nslookup
B. dig
C. Netstat
D. Hostname
Correct Answer: B
Explanation
Dig is the Linux command used to do a DNS lookup of a hostname to determine the IP address. Nslookup
is the Windows version of the command.
QUESTION 342
What utility is used to verify the network interface configuration on a Windows server?
A. ifconfig
B. Netstat
C. ipconfig
D. show interface
Correct Answer: C
Explanation
Ipconfig is used at the Windows command prompt to verify and change local interfaces. The Linux
equivalent is ifconfig.
QUESTION 343
What well-known port number is used by email servers?
A. 22
B. 25
C. 80
D. 53
Correct Answer: B
Explanation
Simple Mail Transfer Protocol (SMTP) uses well-known port number 25 to exchange data.
QUESTION 344
What well-known port number is used by secure web servers?
A. 20
B. 22
C. 80
D. 443
Correct Answer: D
Explanation
Hypertext Transfer Protocol Secure (HTTPS) uses port number 443 and is used by secure web servers.
QUESTION 345
What protocol is used for encrypted file transfer and uses TCP ports 989 and 900?
A. HTTPS
B. SSH
C. FTPS
D. DHCP
Correct Answer: C
Explanation
File Transfer Protocol Secure is the encrypted version of FTP.
QUESTION 346
What is the IP application that allows for automatic assignments of IP interface configuration information?
A. SNMP
B. VLAN
C. DNS
D. DHCP
Correct Answer: D
Explanation
The Dynamic Host Configuration Protocol (DHCP) automatically configures TCP/IP settings on a server or
other device on a network.
QUESTION 347
What configuration information is contained in the BIOS? (Choose three.)
A. Drive boot order
B. Keyboard driver
C. LAN configuration
D. Security settings
E. Number of cores
Correct Answer: ABD

Explanation
Some of the options that can be configured in BIOS are drive boot order and security settings. The
keyboard driver is also part of the BIOS. However, the LAN configuration and number of CPU cores are not
a BIOS settings.
QUESTION 348
What CPU process is run to execute a program’s instruction?
A. Core
B. BIOS
C. Thread
D. Hypervisor
Correct Answer: C
Explanation
A thread is the CPU process that executes an instruction of a program. The core, BIOS, and hypervisor are
not directly part of this process.
QUESTION 349
What parameters are set in BIOS to enhance hypervisor performance? (Choose three.)
A. I/O virtualization
B. SAN multithreading
C. VT
D. AMD-V
E. DRAM caching
Correct Answer: ACD

Explanation
I/O virtualization, VT, and AMD-V are BIOS settings that can be configured to optimize the performance of a
server running hypervisor software. SAN multithreading and DRAM cache are not relevant.
QUESTION 350
To enhance a server’s DMA transfer and interrupts when running a virtualized server, you need to enable
which parameter in BIOS?
A. I/O virtualization
B. SAN multithreading
C. VT
D. AMD-V
E. DRAM caching
Correct Answer: A
Explanation
I/O virtualization is the correct BIOS setting. The other answers are all incorrect.
QUESTION 351
What is the BIOS setting that enables hardware-assisted virtualization that prevents code from running in
protected areas called?
(Choose two.)
A. VT
B. NX
C. AMD-V
D. XD
Correct Answer: BD
Explanation
A vital aspect of virtualization is isolation -- preventing application code in one VM from accessing the
memory space used by other VMs. This kind of isolation can help secure VMs from one another and protect
the entire server from a wide range of malicious attacks including viruses, which always try to replicate and
buffer overflow attacks.
Processors implement this kind of memory space isolation using a special bit that can mark certain memory
areas as "non-executable." AMD processors provide an NX (never execute) bit, while Intel processors
provide an XD (execute disable) bit. Both bits are effectively identical -- only the names are different -- and
you may see both processor bits listed together as NX/XD. The idea is that when a memory area is marked
as non-executable, the processor will refuse to run any code in those protected areas. If an attempt is made
to execute code that is marked non-executable, a memory access violation is triggered, which can alert
administrators to possible inappropriate activity on the server. This prevents one VM from affecting another
VM, and stops malware from proliferating from one VM to another, making NX/XD an important processor
feature.
Intel’s VT and AMD’s AMD-V are hardware-assisted virtualization settings that should be enabled in BIOS if
a hypervisor is installed on the server.
QUESTION 352
What can you use to verify BIOS versions? (Choose two.)
A. Hardware compatibility lists
B. Vendor support site
C. Server firmware upgrade bundles
D. show version command
Correct Answer: BC
Explanation
The vendor support site and firmware update software will have the BIOS version information for the server.
QUESTION 353
What will a server motherboard contain for CPU installations? (Choose two.)
A. Cores
B. Sockets
C. Slots
D. LOMs
E. HBAs
Correct Answer: BC
Explanation
The terms sockets and slots are used interchangeably and refer to the hardware adapter where the CPU is
installed onto a motherboard.
QUESTION 354
A CPU can contain one or more of which of the following?
A. Slots
B. Cores
C. HBAs
D. Sockets
Correct Answer: B
Explanation
A CPU will have one or more processing cores. Slots and sockets refer to hardware on the motherboard,
and host bus adapters are for storage interconnections.
QUESTION 355
What server interface is commonly used to connect remote storage arrays?
A. LOM
B. HBA
C. NIC
D. USB
Correct Answer: B
Explanation
The host bus adapter (HBA) is the storage connection interface on a server. The LOM and NIC are for LAN
networking, and a USB is generally not used for storage array connections.
QUESTION 356
A SAN can be used to access what types of remote storage? (Choose three.)
A. SSD
B. HBA
C. HDD
D. DVD
Correct Answer: ACD

Explanation
SSD, HDD, and DVD drives are all examples of remote storage devices. The HBA is a storage network
adapter and not a storage device.
QUESTION 357
What storage type is commonly used for backups stored offsite?
A. SSD
B. USB
C. HDD
D. Tape
Correct Answer: D
Explanation
Tapes are very common offsite storage media. USB, HDDs, and SSDs are not as common as tape for
offsite storage of backups.
QUESTION 358
Solid-state drives are based on what technologies? (Choose two.)
A. USB
B. LOM
C. Flash
D. NVRAM
Correct Answer: CD
Explanation
Flash is the primary silicon used on SSD; NVRAM is also frequently used for cache on an SSD.
QUESTION 359
Which storage technologies have no moving parts? (Choose two.)
A. SSD
B. Tape
C. HDD
D. USB thumb drive
Correct Answer: AD
Explanation
SSD and USB thumb drives have no moving parts. Tape and hard drives both utilize mechanical moving
parts.
QUESTION 360
What drive architecture is used for troubleshooting and software installations by cloud maintenance
engineers?
A. SSD
B. Tape
C. HDD
D. USB thumb drive
Correct Answer: D
Explanation
USB thumb drivers are very common for troubleshooting and maintaining servers.
QUESTION 361
What drive type offers fast access times and is very power efficient?
A. SSD
B. Tape
C. HDD
D. USB thumb drive
Correct Answer: A
Explanation
SSD has both fast read-write times and is power efficient.
QUESTION 362
What drive interface offers quick installation on many types of devices?
A. LOM
B. BIOS
C. USB thumb drive
D. HBA
Correct Answer: C
Explanation
A USB thumb drive can be quickly inserted and removed from a server or other datacenter hardware.
QUESTION 363
To access a Fibre Channel–based network, what type of interface must be installed in the server?
A. LOM
B. BIOS
C. USB
D. HBA
Correct Answer: D
Explanation
The host bus adapter provides the Fibre Channel interface. BIOS is for configurations settings, USB is not a
Fibre Channel technology, and LOM is for Ethernet connections.
QUESTION 364
Each CPU core can process one of which of the following at a time?
A. Slots
B. Cores
C. Threads
D. TCP ports
Correct Answer: C
Explanation
Threads are processed one at a time per core. Slots and cores are hardware interfaces to install CPUs on a
motherboard, and TCP ports are not relevant to the question.
QUESTION 365
What CPU type can be assigned to a virtual machine running on a hypervisor?
A. VT
B. vCPU
C. Thread
D. Multicore
Correct Answer: B
Explanation
Hypervisors can virtualize the CPUs running on the hardware and offer vCPUs to the virtual machines
running on the platform.
QUESTION 366
Modern CPUs have internal support to enhance which of the following running on a server? (Choose two.)
A. Hypervisors
B. HBAs
C. Virtual machines
D. vStorage
Correct Answer: AC
Explanation
Modern CPU technology has hypervisor support that can be enabled to enhance hypervisor and virtual
machine performance.
QUESTION 367
When should a cloud provider’s management responsibilities and scope be agreed upon?
A. During an incident
B. At contract signing
C. When configuring FCAPS
D. When opening a trouble ticket
Correct Answer: B
Explanation
Defining cloud systems management scope, responsibilities, and service-level agreements with the cloud
company must be done at the time of the initial contract signing.
QUESTION 368
Which of the following describes a cloud provider’s offerings that help them to meet their delivery and
automation models? (Choose two.)
A. Distributed
B. Scripted
C. Flexible
D. Automated
Correct Answer: BD
Explanation
Offerings are often highly automated and scripted to meet their delivery and automation models; this may
leave the cloud services provider with little flexibility in offering custom management options.
QUESTION 369
Name the organizations that offer cloud network management services. (Choose three.)
A. Enterprise in-house operations
B. Cloud service providers
C. Third-party organizations
D. DevOps
Correct Answer: ABC

Explanation
The area of cloud management is constantly and rapidly evolving as new services and management
techniques are introduced to the market from cloud service providers, third-party support organizations, and
internal management systems to accommodate cloud computing.
QUESTION 370
What model will a company use when they implement more than one network management solution?
A. Hybrid service model
B. Network bursting option
C. MaaS
D. Shared
Correct Answer: D
Explanation
Companies may end up with a shared management model where the cloud company provides a base level
of management in the datacenter that is enhanced and expanded upon by the company using the cloud
service.
QUESTION 371
What acronym is commonly used to cover the main areas found under the management umbrella?
A. SNMP
B. FCAPS
C. DTMF
D. NIST
Correct Answer: B
Explanation
The acronym FCAPS is commonly used to cover the main areas found under the management umbrella. It
is broken down into Fault, Configuration, Accounting, Performance, and Security.
QUESTION 372
What devices collect logs from servers, network equipment, storage systems, and many other devices?
A. FCAPS
B. SNMP
C. Management systems
D. MaaS
Correct Answer: C
Explanation
Network management or monitoring systems are used to collect logs from servers, network equipment,
storage systems, and many other types of devices.
QUESTION 373
Cloud monitoring and management tools are required by the provider to keep up with which of the
following? (Choose three.)
A. Additions
B. SNMP
C. Configurations
D. Elasticity
E. ITSM
Correct Answer: ACD

Explanation
Cloud monitoring and management tools are required by the provider to keep up with the constantly and
rapidly changing configurations, capacity additions and elasticity.
handle peak loads.
QUESTION 374
Inside the cloud management operations are tools and software that monitor network and application
performance, the continuity needed for on-demand offerings, and specialized monitoring of a highly
virtualized and automated datacenter. These systems also monitor which of the following? (Choose four.)
A. Software
B. Power
C. Cooling
D. ITSM
E. Hardware
Correct Answer: ABCE

Explanation
These systems monitor all aspects of the cloud, including hardware, software, power, cooling, and network
connections.
QUESTION 375
What advanced service offerings can a monitoring operation provide? (Choose three.)
A. Performance management
B. Service-level management
C. Release management
D. NIST compliance
E. Incident management
Correct Answer: ABE
Explanation
Monitoring operations use tools that track provisioning and change management, configuration
management, release management, incident management, performance management, and service
continuity.
QUESTION 376
A cloud provider’s management center would generally apply application updates to what type of service?
A. PaaS
B. IaaS
C. SaaS
D. Vaas
Correct Answer: C
Explanation
The cloud provider will manage and maintain the service level offered.
QUESTION 377
What is a common protocol used in network management and monitoring?
A. VPN
B. DTMF
C. SNMP
D. ITSM
Correct Answer: C
Explanation
The Simple Network Management Protocol is a common method used to collect monitoring and
management data.
QUESTION 378
What organization is most responsible for cloud management?
A. The company providing the cloud service
B. The managed service provider
C. The company that purchased the cloud service
D. The management as a service company
Correct Answer: C
Explanation
The company that purchased the cloud service owns the data and is responsible for the management of
their deployment.
QUESTION 379
Name two organizations that are active in setting standards for cloud management.
A. FCAPS
B. NIST
C. SNMP
D. DMTF
Correct Answer: BD
Explanation
The National Institute of Standards and Technology and the Distributed Management Task Force are both
organizations that set standards for cloud management.
QUESTION 380
What technology provides encrypted access for remote management?
A. Firewalls
B. VPN
C. SNMP
D. ITSM
Correct Answer: B
Explanation
A virtual private network provides an encrypted secure tunnel over an unencrypted network for remote
access.
QUESTION 381
For network protection and security, what device can be deployed between the cloud network and the cloud
consumer?
A. VPN
B. Firewall
C. RMON
D. ITSM
Correct Answer: B
Explanation
Firewalls are generally deployed between the cloud network and the cloud consumer for protection of
unauthorized access into the networks.
QUESTION 382
What are some devices that can be monitored using SNMP? (Choose three.)
A. MaaS
B. VPNs
C. Servers
D. Network devices
E. ITSM
F. Storage controllers
Correct Answer: CDF

Explanation
Many different types of devices can be monitored using SNMP, including servers, storage controllers, and
network devices.
QUESTION 383
The SNMP protocol uses what two data structures?
A. DMTF
B. SysLog
C. OID
D. MIB
Correct Answer: CD
Explanation
A data tree called an object identifier (OID) provides a string definition to query using SNMP. The device
manufacturers will publish a management information base (MIB) to define what can be managed, and the
MIB is compiled on the network management station.
QUESTION 384
What parameters can a firewall inspect to determine whether to allow or deny a packet of data? (Choose
four.)
A. TCP port number
B. Protocol identifier
C. Diffserve field
D. Source IP address
E. VLAN identifier
F. Destination IP address
Correct Answer: ABDF

Explanation
Firewalls will inspect all traffic passing through it and determine whether to permit or deny the packets.
Generally such objects as source and destination IP addresses, protocol number, and port or application
type are used in the rules sets to make these decisions.
QUESTION 385
What type of connection is set up between the network management location and the cloud services being
monitored and managed for remote access?
A. FCAPS
B. MaaS
C. VPN
D. SNMP
Correct Answer: C
Explanation
A VPN connection is commonly deployed for remote network management.
QUESTION 386
What is a standardized method of reading and writing configurations and gathering statistics?
A. OSPF
B. SNMP
C. ITSM
D. VPN
Correct Answer: B
Explanation
SNMP is a standardized method of reading and writing configurations and gathering statistics from
managed devices.
QUESTION 387
What does SNMP use to send an unsolicited datagram to the management station to alert it of a critical
event?
A. OID
B. Set
C. Alert
D. Trap
Correct Answer: D
Explanation
A trap is an unsolicited datagram sent to a management device to alert it of an event.
QUESTION 388
The SNMP protocol uses which functions as its primary method of communications with a remote managed
device? (Choose two.)
A. Get
B. Trap
C. OID
D. Set
Correct Answer: AD
Explanation
The SNMP protocol uses gets and sets to retrieve information from and to configure a managed device.
QUESTION 389
Which management protocol can be used to remotely access a server to power it on and make BIOS
changes?
A. WMI
B. IPMI
C. RDP
D. SSH
Correct Answer: B
Explanation
The Intelligent Platform Management Interface (IPMI) can be used to remotely access a servers out of
band management interface to power it off or on and to make changes in the BIOS settings.
QUESTION 390
A network management station can send alerts using which of the following methods? (Choose two.)
A. SNMP
B. Trap
C. Email
D. SMS
Correct Answer: CD
Explanation
A network management station uses methods such as sending an email or SMS text message to alert
personal of a critical event.
QUESTION 391
What are predefined threshold values that are exceeded called?
A. Delta value
B. Trap
C. Variance
D. Deviation pool
Correct Answer: C
Explanation
The variance is a value that is considered out of range from your baseline measurements.
QUESTION 392
What do the physical resources on a bare-metal server contain? (Choose four.)
A. Storage
B. Memory
C. Cooling systems
D. Load balancers
E. CPU
F. Network interfaces
Correct Answer: ABEF

Explanation
Physical resources on a bare-metal server contain storage, memory, CPUs, and network interfaces.
QUESTION 393
Since there is a finite supply of server resources and there are many virtual machines that can consume
these resources, it becomes very important that what be assigned to prevent a few VMs from monopolizing
all the available resources? (Choose two.)
A. OIDs
B. limits
C. IPMI
D. Quotas
Correct Answer: BD
Explanation
Limits and quotas define resources allocated to a VM and prevent the starvation of resources.
QUESTION 394
What is the usage fee for the right to use an application called?
A. EULA
B. Licensing
C. Pooling
D. SNMP
Correct Answer: B
Explanation
Licensing is the fee a commercial software vendor will charge for the use of their software.
QUESTION 395
The hypervisor will pool multicore CPUs into what to be used by the VMs?
A. CPU affinity
B. Multithreading
C. vCPU
D. Multisockets
Correct Answer: C
Explanation
A vCPU is a virtual CPU assigned to a VM by the hypervisor.
QUESTION 396
What is a secure communications protocol used for remote command-line access to a device?
A. IPSec
B. Telnet
C. SNMP
D. SSH
E. RDP
Correct Answer: D
Explanation
Secure Shell is a secure communications protocol usually used for remote command-line access to a
device.
QUESTION 397
What is the ability to assign resources from pools to VMs as demand requires known as?
A. Reservations
B. Dynamic resource allocation
C. Affinity
D. Automation
Correct Answer: B
Explanation
Dynamic resource allocation is the process in which resources such as memory and storage are added as
needed to prevent resource starvation of a virtual machine.
QUESTION 398
What is a proprietary protocol developed by Microsoft to allow remote access to Windows operating
systems?
A. SNMP
B. RDP
C. SSH
D. IPMI
Correct Answer: B
Explanation
The Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft to allow remote
access to Windows devices.
QUESTION 399
What interface is used as a command-line interface using a serial port?
A. Console port
B. Telnet
C. USB port
D. Serial Line Interface Protocol
Correct Answer: A
Explanation
The console port on a device is a physical serial port used for management on configurations.
QUESTION 400
What are standards-based protocols used for remote management and configuration? (Choose three.)
A. SNMP
B. RDP
C. SSH
D. HTTP
E. ILO
Correct Answer: ACD

Explanation
SNMP, Secure Shell, and HTTP are all standards-based protocols used for network management and
configuration.
QUESTION 401
What is the ability to assign a processing thread to a core instead of having the hypervisor dynamically
allocate it?
A. Priority threading
B. QOS services
C. CPU affinity
D. Dynamic resource sharing
Correct Answer: C
Explanation
A VM can have CPU affinity enabled, and when a processing thread is received by the hypervisor, it will be
assigned to the CPU it originally ran on.
QUESTION 402
Physical resource redirection includes the mapping of what devices? (Choose three.)
A. Parallel port
B. Redundant power supplies
C. Serial port
D. USB port
E. HDD sector
Correct Answer: ACD

Explanation
Physical resource redirection allows ports on a server to be mapped to a virtual machine to mount
interfaces such as USB, serial, and parallel ports.
QUESTION 403
Which SNMP version added 64-bit counters?
A. 1
B. 2
C. 2c
D. 3
Correct Answer: C
Explanation
SNMP version 2c added a larger counter size of 64 bits to support larger counter values.
QUESTION 404
Which SNMP version supports secure authentication and encryption?
A. 1
B. 2
C. 2c
D. 3
Correct Answer: D
Explanation
SNMP version 3 supports both encryption and secure authentication.
QUESTION 405
Problems with your deployment can be determined and resolved by using which of the following?
A. Pooling
B. Affinity
C. Resource monitoring
D. Hypervisor remediation
Correct Answer: C
Explanation
Resource monitoring allows you to identify problems with your deployment and resolve them, preferably
before they become serious.
QUESTION 406
What is the process used to relieve network operations from repetitive tasks?
A. Hypervisor management utilities
B. Automation
C. Dashboard
D. IPMI
Correct Answer: B
Explanation
Automation uses software algorithms to automatically make configuration changes and relieves the network
operations support staff from making repetitive operations of cloud computing resources.
QUESTION 407
Which security technique uses a list of permit and deny statements in a security device?
A. Zoning
B. Masking
C. ACL
D. Authentication
Correct Answer: C
Explanation
An access control list (ACL) is an ordered list of permit and deny statements that are used to secure
networks.
QUESTION 408
What uses a number of zombies or bots to create a denial-of-service attack?
A. Ping of death
B. RCMP
C. DDoS
D. Ping flood
Correct Answer: C
Explanation
A distributed denial-of-service attack uses a central system to control many bots or zombies to attack
systems and prevent access.
QUESTION 409
What is the process of complicating the ability to read stored data?
A. PKI
B. Obfuscation
C. Cipher
D. Symmetrical
Correct Answer: B
Explanation
Obfuscation is a means to complicate or confuse the ability to decipher storage information.
QUESTION 410
What security technique is used in a storage area network to limit the storage systems a server can
access?
A. Access control lists
B. LUN masking
C. AES
D. Zoning
Correct Answer: D
Explanation
Zoning is a security process that restricts SAN initiators to a listed group of SAN targets and is configured
on the SAN network switching fabric.
QUESTION 411
What is the name of a security site that authenticates the identity of individuals, computers, and other
entities in the network?
A. Registration authority
B. Key archival repository
C. Certificate authority
D. Certificate store
Correct Answer: C
Explanation
The certificate authority (CA) of trust authenticates the identity of individuals, computers, and other entities
in the network.
QUESTION 412
Network scanning will determine which of the following? (Choose three.)
A. ACLs
B. TCP ports
C. IPsec
D. Active applications
E. Server vulnerabilities
Correct Answer: BDE

Explanation
Network scanners are used to determine which application ports are active on a server and to disable
unneeded ports for additional security.
QUESTION 413
Security software installed on a virtual machine for protection against attacks can include which of the
following? (Choose two.)
A. AES
B. Firewall
C. PKI
D. Antivirus
Correct Answer: BD
Explanation
Both antivirus software and software-based firewalls are installed on a VM for security protection.
QUESTION 414
Which denial-of-service attack sends malformed ICMP packets to the target server?
A. PKI
B. DDoS
C. Ping flood
D. Ping of death
Correct Answer: D
Explanation
A ping of death attack exploits weaknesses in a server’s TCP/IP software stack by sending malformed and
nonstandard ICMP echo request packets, causing the server to fail.
QUESTION 415
What security protocol is used on web browsers for secure connection to an e-commerce site?
A. AES
B. SSL/TLS
C. 3DES
D. DSA
Correct Answer: B
Explanation
Secure Sockets Layer and Transport Layer Security are standard encryption protocols used on web
browsers to secure connections to a remote website.
QUESTION 416
What type of access control allows the users to assign rights to objects?
A. Mandatory
B. Multifactor
C. Discretionary
D. Federation
Correct Answer: C
Explanation
Discretionary access control gives users the ability to grant or assign rights to objects and make access
decisions.
QUESTION 417
Hardening a server system can include which of the following? (Choose three.)
A. Installing security software
B. Installing service packs
C. Using federations
D. Configuring user credentials
E. Using ciphers
Correct Answer: ABD

Explanation
Hardening and securing a server system includes installing security software such as firewalls and antivirus
applications, installing service packs, and making sure user credentials are properly configured.
QUESTION 418
Name three types of role-based access control.
A. Zone masks
B. IPsec
C. Auditor
D. Admin
E. PKI
F. Guest
Correct Answer: CDF

Explanation
Role-based access is a method in which access rights are granted to or restricted from users and can
include groups such as guests, administrators, and auditors.
QUESTION 419
What security technique is configured on a storage controller to limit what storage volumes a server can
access?
B. LUN masking
C. AES
D. Zoning
Correct Answer: B
Explanation
LUN masking is a security process configured on a storage controller that restricts SAN initiators to a listed
group of storage LUNs.
QUESTION 420
What is a standardized set of roles, policies, and procedures used to create, manage, distribute, use, store,
and revoke digital certificates and manage public/private key encryption?
A. IPsec
B. AES
C. RSA
D. PKI
Correct Answer: D
Explanation
PKI (public key infrastructure) is a framework for managing public and private keys for security systems.
QUESTION 421
User access control consists of which of the following? (Choose four.)
A. Role-based administration
B. Discretionary
C. Multifactor
D. Guest accounts
E. User credentials
F. Federation
Correct Answer: ABCF

Explanation
Role-based, discretionary, multifactor, and federation are all examples of user access controls.
QUESTION 422
Which two encryption protocols use a public and private key pair for encryption?
A. RC4
B. RSA
C. AES
D. DSA
Correct Answer: BD
Explanation
Both RSA and DSA are asymmetrical encryption algorithms that use a public key to encrypt the data and a
private key for decryption.
QUESTION 423
What type of denial-of-service attack sends a large amount of Internet control packets to the target?
A. DDoS
B. Ping of death
C. Ping flood
D. Obfuscation
Correct Answer: C
Explanation
A ping flood sends a large amount of Internet Message Control Protocol (ICMP) ping packets to a server to
consume bandwidth and resources as a denial-of-service attack.
QUESTION 424
Where are access control lists commonly configured? (Choose two.)
A. Storage controllers
B. Routers
C. Load balancers
D. Servers
Correct Answer: AB
Explanation
Access control lists are commonly placed on routers and storage controllers to either permit or deny traffic
based on an ordered rules list.
QUESTION 425
What security protocol uses multiple keys in a repetitive encryption process?
A. SSL/TLS
B. 3DES
C. RC5
D. RSA
Correct Answer: B
Explanation
Triple Data Encryption Standard (3DES) is a symmetrical cipher that uses three encryption keys of various
lengths. The first key is used to encrypt a block of data, a second key is then used to decrypt the block, and
a third key is used to encrypt it again.
QUESTION 426
Ciphers that perform symmetrical block encryption include which of the following? (Choose two.)
A. RC4
B. DSA
C. AES
D. RC5
Correct Answer: AD
Explanation
RC4 and RC5 are examples of encryption protocols that are used to perform symmetrical block encryption.
QUESTION 427
Networking documentation should include which of the following? (Choose three.)
A. IP numbering plans
B. Security device placement
C. Swap space configuration
D. Disk IOPS
E. Interface configuration details
Correct Answer: ABE

Explanation
IP numbering, security devices, and interface configuration details are all network documentation topics.
Disk and swap space are not related to the network.
QUESTION 428
What serves as the central repository for all items in an organization related to configuration and IT assets?
A. Capacity management
B. Change management
C. CMDB
D. Life-cycle management
Correct Answer: C
Explanation
The configuration management database (CMDB) serves as a central repository for all configuration
management and IT assets.
QUESTION 429
What is the measurement of the expected hardware lifetime?
A. Duty cycle
B. Service performance
C. Life cycle
D. MTBF
Correct Answer: D
Explanation
The measurement of a device’s expected lifetime duration is called the mean time between failures
(MTBF).
QUESTION 430
The number of devices a data packet takes through a network is referred to as what?
A. Route metric
B. Traceroute
C. Multipathing
D. Hop count
Correct Answer: D
Explanation
The hop count is the number of devices a packet traverses across a network from source to destination.
QUESTION 431
What is the process of tracking a device from deployment to decommission?
B. Life-cycle management
C. Configuration control
D. Asset accountability
Correct Answer: B
Explanation
Life-cycle management tracks a device through the complete phases of its existence, from the initial
planning, the design through deployment, including regular ongoing maintenance and support, until it gets
decommissioned and retired from the datacenter.
QUESTION 432
What is the term for the time that a process or thread has to wait for processing?
A. Load balancing
B. Caching
C. I/O throttling
D. CPU wait time
Correct Answer: D
Explanation
With a hypervisor supporting many virtual machines running on it, the VMs may at times have to wait for the
finite physical CPU resources to become available. This is referred to as the CPU wait time.
QUESTION 433
Name a hypervisor function that allows the hypervisor to reclaim unused memory from a VM running on top
of the hypervisor and allocate that memory for other uses.
A. Swap space
B. I/O throttling
C. Memory ballooning
D. Disk caching
Correct Answer: C
Explanation
Memory ballooning is a hypervisor function that reclaims unused memory from VMs.
QUESTION 434
What term is used to describe when more than one Ethernet interface can be combined into one higherspeed
logical link? (Choose two.)
A. Teaming
B. Trunking
C. Bonding
D. Load balancing
Correct Answer: AC
Explanation
Both teaming and bonding are terms that describe combining two or more Ethernet interfaces into a single
logical link.
QUESTION 435
What is the process of keeping all software versions the same?
C. Configuration control
D. Asset accountability
Correct Answer: C
Explanation
Configuration control tracks and consistency in versions and configurations.
QUESTION 436
What is a security practice that prevents one individual from having too much control over the cloud
operations?
A. Vulnerability
B. Penetration assessment
C. Separation of duties
D. Service policy
Correct Answer: C
Explanation
As a security precaution, the practice of separation of duties prevents one individual from having end-to-end
control over the network.
QUESTION 437
What is the name of a no-standard Ethernet frame?
A. Team
B. Bonding
C. Jumbo
D. VLAN
Correct Answer: C
Explanation
A Ethernet Jumbo frame is larger than the standard 1518 byte Ethernet frame size.
QUESTION 438
What process allows the optimization of disk drives?
A. Disk tuning
B. Disk latency
C. Disk swap space
D. I/O tuning
Correct Answer: A
Explanation
Disk tuning is the process of optimizing hard disk performance.
QUESTION 439
What is the storage called when an operating system uses secondary memory instead of main memory?
A. Multipathing
B. Load balancing
C. Disk swap space
D. I/O tuning
Correct Answer: C
Explanation
The swap space on a disk is space that is preconfigured to store data used by the main memory.
QUESTION 440
What offers differentiated services based on information in the Ethernet packet?
A. I/O tuning
B. QoS
C. CMDB
D. Metadata
Correct Answer: B
Explanation
Quality of service allows prioritization or differentiated services between traffic on a network.
QUESTION 441
What is the process of tracking equipment for installation and removal?
A. Configuration control
C. Asset accountability
D. Life-cycle management
Correct Answer: C
Explanation
Asset accountability is the process of tracking equipment to be installed or removed.
QUESTION 442
What is the time delay between the time a block of data is requested until it is returned?
A. Disk swap space
B. Disk latency
C. Hop count
D. Throughput
Correct Answer: B
Explanation
Disk latency is the measurement of the time a block of data on the disk is requested to the time it is
returned.
QUESTION 443
What is the name of the process that ensures that all current and future needs are planned for and
implemented?
A. CMDB
C. Capacity management
D. Change management
Correct Answer: C
Explanation
Capacity management ensures that all current and future needs are planned for and implemented.
QUESTION 444
What is a hypervisor operation that controls the maximum input and output data rates from guest operating
systems and virtual machines to actual hardware devices?
A. Load balancing
B. Caching
C. I/O throttling
D. CPU wait time
Correct Answer: C
Explanation
I/O throttling is a hypervisor operation that controls the maximum input and output data transfer rates of
each VM.
QUESTION 445
What is data obtained from your network monitoring operations or from analytics that gives a view of your
current growth trends and where and how long additional capacity may be required?
B. Capacity management
C. Systems life-cycle management
D. Trending data
Correct Answer: D
Explanation
Trending data is used to plan for network growth.
QUESTION 446
Name the term for the increase of disk and network performance by using RAM pools to temporarily store
data for rapid access.
A. Memory ballooning
B. Caching
C. Swap space
D. Multipathing
Correct Answer: B
Explanation
The term for a disk using RAM to temporarily store data is caching.
QUESTION 447
What is the process of transferring operations to a backup system in the event that the primary fails?
A. Multipathing
B. High availability
C. Failover
D. Replication
Correct Answer: C
Explanation
Failover is the act of switching over to a redundant system in the event of a failure of a primary system.
QUESTION 448
What is the expected lifetime of a component referred to as?
A. RTO
B. SNMP
C. MTBF
D. STP
Correct Answer: C
Explanation
The mean time between failures rating is the expected lifetime of a component.
QUESTION 449
What is the data recovery point when recovering operations from an outage?
A. RTO
B. ITIL
C. MTBF
D. MTTR
E. RPO
Correct Answer: E
Explanation
The RPO - Recovery Point Objective - is the point where restored data can be brought back online after a
service outage.
QUESTION 450
A server that has a power supply failure but remains operational has what kind of systems?
A. Failback
B. Redundant
C. High availability
D. Local clustering
Correct Answer: B
Explanation
A server with multiple power supplies installed so that if one fails the server will remain operational is known
as a redundant system.
High availability is several complete systems backing each other up. Failback and local clustering are not
relevant to the question.
QUESTION 451
What is it called when you disperse the cloud deployment to multiple dispersed cloud hosting datacenters
so that if one facility experiences a disruption your cloud services will remain accessible in other locations?
A. High availability
B. Archiving
C. RTO
D. Geographical diversity
E. Site mirroring
Correct Answer: D
Explanation
Distributing cloud operations at multiple cloud datacenters physically distant from each other is referred to
as geographical diversity.
QUESTION 452
A disaster recovery architecture in which a standby datacenter has current data and can take over for the
primary in near real time is known as?
A. Hot site
B. Cold site
C. Warm site
D. Site mirroring
Correct Answer: A
Explanation
The cloud operations can be deployed in a hot site model, where two fully redundant cloud datacenters are
in sync with each other, with the standby site backing up the primary in real time in the event of a failure.
QUESTION 453
Which data replication process is scheduled?
A. Asynchronous replication
B. Archiving
D. Site mirroring
Correct Answer: A
Explanation
Asynchronous replication is when the data is written to the primary first and then a copy is written to the
remote site on a scheduled arrangement or in a nearly real-time backup.
QUESTION 454
What technology allows for horizontal scaling of computing resources?
A. Replication
B. Load balancing
C. MTTR
Correct Answer: B
Explanation
Load balancers are designed for horizontal scaling of computing resources. Additional computing resources
can be added and removed based on workload.
QUESTION 455
What is it called when two devices are interconnected in an active/standby or active/active configuration
that allows for very fast recovery from a failure?
A. Load balancing
B. Mirroring
D. Clustering
Correct Answer: C
Explanation
When systems are in a, HA pair such as firewalls or load balancers, a network interconnection exists
between the two devices. The active system will be constantly updating the standby in the HA pair with state
information, and each system will verify the health of the other. In the event of a primary failure, the
secondary in the pair will automatically take over and there will be no loss of service.
QUESTION 456
A group of servers interconnected and sharing processing and redundancy in a single datacenter is referred
to as what?
A. Redundancy
B. Cluster
D. Replication
Correct Answer: C
Explanation
A cluster is when multiple servers are interconnected into a single logical system for resiliency.
QUESTION 457
What is the expected repair time of a component referred to?
A. RTO
B. SNMP
C. MTBF
D. MTTR
E. RPO
Correct Answer: D
Explanation
The mean time to repair is the expected time it will take to repair a failed component.
QUESTION 458
What is the process of keeping the backup site updated so it is ready to assume the workload in the event
of a primary datacenter failure?
B. Archiving
C. Replication
D. Site mirroring
Correct Answer: D
Explanation
Site mirroring is the synchronization of data between two or more cloud sites so that each has current data
for disaster recovery.
QUESTION 459
What are examples of multipath technologies? (Choose three.)
A. TRILL
C. SAN_A/SAN_B
D. Spanning tree
E. Link aggregation
Correct Answer: ACE

Explanation
Multipathing is the use of two or more links between a source and destination.
TRILL, redundant SAN Fibre Channel fabrics, and link aggregation are all examples of multipathing.
QUESTION 460
What refers to the ability of a service to remain online in the event of a failure in the system?
A. Replication
B. Load balancing
C. Fault tolerance
D. Archiving
Correct Answer: C
Explanation
Fault tolerance is the ability of a service to remain available to end users in the event of a device or
component failure in the system.
QUESTION 461
Which disaster recover model provides a remote facility that requires equipment to be installed and
configured as part to the recovery process?
A. Hot site
B. Cold site
C. Warm site
D. Site mirroring
Correct Answer: B
Explanation
The cold site model is where a backup datacenter is provisioned to take over operations in the event of a
primary datacenter failure, but the servers and infrastructure are not operational until needed.
QUESTION 462
What is the expected time metric to recover from a service interruption?
A. RTO
B. SNMP
C. MTBF
D. MTTR
E. RPO
Correct Answer: A
Explanation
The restore time objective (RTO) is the measurement of time it takes to recover operations after a service
outage.
QUESTION 463
What is the transfer and synchronization of data between multiple datacenters called?
B. Archiving
C. Replication
D. Site mirroring
Correct Answer: C
Explanation
For disaster recovery purposes and data security, your data must be transferred, or replicated, between
datacenters.
QUESTION 464
What is the process of returning operations to your primary datacenter after service has been restored?
A. Multipathing
C. Failover
D. Replication
E. Failback
Correct Answer: E
Explanation
Failback is the process of restoring services back to the primary cloud datacenter.
QUESTION 465
Which data replication process occurs in real time?
B. Archiving
D. Site mirroring
Correct Answer: C
Explanation
Synchronous replication is the process of replicating data in real time from the primary storage system to a
remote facility.
QUESTION 466
A disaster recovery site that is offline except for critical data storage such as a database is a?
A. Hot site
B. Site mirroring
C. Warm site
Correct Answer: C
Explanation
A warm site will have current data that is constantly in sync with the primary site, but the remaining
infrastructure will be offline until needed.
QUESTION 467
Which of the following would be considered an example of IaaS?
A. Google Apps
B. Salesforce
C. Amazon Web Services
D. AppScale
Correct Answer: C
Explanation
Amazon Web Services is an example of IaaS because it provides hardware resources over the Internet.
A, B, and D are incorrect. A and B are examples of SaaS. AppScale is an example of PaaS.
QUESTION 468
Which term is used to define the increasing number of services delivered over the Internet?
A. XaaS
B. CaaS
C. MaaS
D. C-MaaS
Correct Answer: A
Explanation
XaaS is a collective term that means “Anything as a Service” (or “Everything as a Service”).
B, C, and D are incorrect. Communications as a Service (CaaS), Monitoring as a Service (MaaS), and
Cloud Migration as a Service (C-MaaS) are all examples of XaaS.
QUESTION 469
Voice over IP (VoIP) is an example of what type of cloud service?
A. IaaS
B. PaaS
C. MaaS
D. CaaS
Correct Answer: D
Explanation
Voice over IP is an example of CaaS.

A, B, and C are incorrect. VoIP is not an example of any of these cloud services.
QUESTION 470
Which of the following cloud solutions provides only hardware and network resources to make up a cloud
environment?
A. SaaS
B. CaaS
C. PaaS
D. IaaS
Correct Answer: D
Explanation
In a cloud service model IaaS providers offer computers and other hardware resources. Organizations
would outsource the equipment needed to support their business.
A, B, and C are incorrect. SaaS allows applications to be hosted by a service provider and made available
to the organization over the Internet. CaaS provides network communication such as VoIP. PaaS offers a
way to rent hardware, operating systems, storage, and network capacity over the Internet.
QUESTION 471
Which of the following is usually accessed via a web browser?
A. IaaS
B. SaaS
C. PaaS
D. Virtual machines
Correct Answer: C
Explanation
PaaS provides a platform to allow developers to build applications and services over the Internet. PaaS is
hosted in the cloud and accessed with a web browser.
A, B, and D are incorrect. In a cloud service model IaaS providers offer computers and other hardware
resources. Organizations would outsource the equipment needed to support their business. SaaS allows
applications to be hosted by a service provider and made available to the organization over the Internet.
Virtual machines would not be accessed via a web browser.
Poorly writen question, SaaS usually is accessed via a Web Browser
QUESTION 472
What type of computing solution would be defined as a platform that is implemented within the corporate
firewall and is under the control of the IT department?
A. Private cloud
B. Public cloud
C. VLAN
D. VPN
Correct Answer: A
Explanation
A private cloud is a cloud computing solution that is implemented behind a corporate firewall and is under
the control of the internal IT department.
B, C, and D are incorrect. A public cloud is a cloud computing solution that is based on a standard cloud
computing model where a service provider makes the resources available over the Internet. A VLAN (virtual
LAN) is a broadcast created by switches. A VPN (virtual private network) extends a private network over a
public network such as the Internet.
QUESTION 473
A cloud deployment has been created explicitly for the finance department.
What type of cloud deployment would this be defined as?
A. Public cloud
B. Hybrid cloud
C. Community cloud
D. Private cloud
Correct Answer: C
Explanation
A community cloud is a cloud solution that provides services to a specific or limited number of individuals
who share a common computing need.
A, B, and D are incorrect. A public cloud is a cloud computing solution that is based on a standard cloud
computing model where a service provider makes the resources available over the Internet. A hybrid cloud
is a cloud computing model where some of the resources are managed by the internal IT department and
some are managed by an external organization. A private cloud is a cloud computing solution that is
implemented behind a corporate firewall and is under the control of the internal IT department.
Poorly writen question.
Community cloud would be if it was accessed by finance department of other companies too.
If it´s only accessed by finance department of only one company, it could be a private cloud or a
hibryd cloud.
Will the finance department access only this cloud?
And the rest of the company?
Would they access system on premisses?
Nothing is clear
QUESTION 474
Which of the following statements would be used to explain a private cloud but not a public cloud?
A. Used as a service via the Internet
B. Dedicated to a single organization
C. Requires users to pay a monthly fee to access services
D. Provides incremental scalability
Correct Answer: B
Explanation
A private cloud is dedicated to a single organization and is contained within the corporate firewall.
A, C, and D are incorrect. These all describe features of a public cloud, not a private cloud. A public cloud is
used as a service over the Internet, requires a monthly fee to access and use its resources, and is highly
scalable.
QUESTION 475
Which of the following statements is a benefit of a hybrid cloud?
A. Data security management
B. Requirement of a major financial investment
C. Dependency of internal IT department
D. Complex networking
Correct Answer: A
Explanation
A hybrid cloud offers the ability to keep the organization’s mission-critical data behind a firewall and outside
of the public cloud.
B, C, and D are incorrect. These are all disadvantages of a hybrid cloud.
QUESTION 476
Which of the following would be considered an advantage of cloud computing?
A. Increased security
B. Ability to scale to meet growing usage demands
C. Ease of integrating equipment hosted in other data centers
D. Increased privacy for corporate data
Correct Answer: B
Explanation
One of the benefits of cloud computing is the ability to easily scale and add resources to meet the growth of
the organization.
A, C, and D are incorrect. These are all disadvantages of cloud computing. The organization loses some
control of their environment, has more difficulty integrating equipment hosted in multiple data centers, and
deals with the uncertainty of whether other organizations have access to their data.
QUESTION 477
Which statement defines chargeback?
A. The recovery of costs from consumers of cloud services
B. The process of identifying costs and assigning them to specific cost categories
C. A method of ensuring that cloud computing becomes a profit instead of a cost
D. A system for confirming that billing occurs for the cloud services being used
Correct Answer: A
Explanation
The purpose of a chargeback system is to measure the costs of IT services, hardware, or software and
recover them from the business unit that used them.
B, C, and D are incorrect. None of these options is the main focus of a chargeback system.
QUESTION 478
When you run out of computer resources in your internal data center and expand to an external cloud on
demand, this is an example of what?
A. SaaS
B. Hybrid cloud
C. Cloud bursting
D. Elasticity
Correct Answer: C
Explanation
Cloud bursting allows you add additional resources from an external cloud on an on-demand basis. The
internal resource is the private cloud and the external resource is the public cloud.
A, B, and D are incorrect. SaaS allows applications to be hosted by a service provider and made available
to the organization over the Internet. A hybrid cloud is a cloud computing model where some of the
resources are managed by the internal IT department and some are managed by an external organization.
Elasticity provides fully automated scalability. It implies an ability to shift resources across infrastructures.
QUESTION 479
A website administrator is storing a large amount of multimedia objects in binary format for the corporate
website. What type of storage object is this considered to be?
A. BLOB
B. Replica
C. Metadata
D. Object ID
Correct Answer: A
Explanation
A BLOB is a collection of binary data that is stored as a single entity. BLOBs are primarily used to store
images, videos, and sound.
B, C, and D are incorrect. A replica is a complete copy of the data. Metadata describes information about
the set of data, including who created the data and when it was collected. It is data about the data. An
object ID identifies an object in a database.
QUESTION 480
A(n) is a storage device that has no moving parts.
A. HDD
B. SSD
C. Tape
D. SCSI
Correct Answer: B
Explanation
A solid state drive is a drive that has no moving parts.

A, C, and D are incorrect. A hard disk drive has platters that rotate. A tape drive writes data to a magnetic
tape. SCSI is an interface type.
QUESTION 481
Which type of storage device would be used primarily for off-site storage and archiving?
A. HDD
B. SSD
C. Tape
D. SCSI
Correct Answer: C
Explanation
Tape storage is good for off-site storage and archiving because it is less expensive than other storage
types.
A, B, and D are incorrect. HDD and SSD have different advantages and would normally not be used for offsite
or archiving of data. SCSI is an interface type.
QUESTION 482
You have been given a drive space requirement of 2 terabytes for a production file server.
Which type of disk would you recommended for this project if cost is a primary concern?
A. SSD
B. Tape
C. HDD
D. VLAN
Correct Answer: C
Explanation
You should recommend using an HDD because of the large size requirement. An HDD would be
considerably cheaper than an SSD. Also, since it is a file share the faster boot time provided by an SSD is
not a factor.
A, B, and D are incorrect. While an SSD can work in this situation, the fact that cost is the primary concern
rules it out. Although tape storage is considered cheap, it is not fast enough to support the requirements.
VLAN is not a type of storage.
QUESTION 483
Which of the following storage device interface types is the most difficult to configure?
A. IDE
B. SAS
C. SATA
D. SCSI
Correct Answer: D
Explanation
SCSI is relatively difficult to configure as the drives must be configured with a device ID and the bus has to
be terminated.
A, B, and C are incorrect. All of these interface types are relatively easy to configure.
QUESTION 484
If price is not a factor, which type of storage device interface would you recommend for connecting to a
corporate SAN?
A. IDE
B. SCSI
C. SATA
D. FC
Correct Answer: D
Explanation
Fibre Channel delivers the fastest connectivity method with speeds of up to 16 Gbps, but it is more
expensive than the other interface types. If price is not a factor, FC should be the recommendation for
connecting to a SAN.
A, B, and C are incorrect. While IDE is the least expensive of the group, it does not deliver the speed that
FC would. SCSI would be a good choice if price were a limitation. Since price is not a limiting factor in this
case, FC would be the better choice. SATA is similar to SCSI, as it delivers a viable option when price is the
primary concern for connecting to a SAN. Since price is not a factor, FC is the better choice.
QUESTION 485
Which data tier would you recommend for a mission-critical database that needs to be highly available all
the time?
A. Tier 1
B. Tier 2
C. Tier 3
D. Tier 4
Correct Answer: A
Explanation
Tier 1 data is defined as data that is mission-critical, highly available, and secure data.
B, C, and D are incorrect. Tier 2 data is not mission-critical data and does not require the same response
time as tier 1. Tier 3 data is data that is not accessed on a daily basis. Tier 4 data is used for archiving and
is kept for compliance purposes.
QUESTION 486
Which term describes the ability of an organization to store data based on performance, cost, and
availability?
A. RAID
B. Tiered storage
C. SSD
D. Tape drive
Correct Answer: B
Explanation
Tiered storage refers to the process of moving data between storage devices based on performance, cost,
and availability.
A, C, and D are incorrect. RAID is the process of making data highly available and redundant. It does not
allow you to move data between storage devices. SSD and tape drive are types of storage devices.
QUESTION 487
Which data tier would you recommend for data that is financial in nature, is not accessed on a daily basis,
and is archived for tax purposes?
A. Tier 1
B. Tier 2
C. Tier 3
D. Tier 4
Correct Answer: C
Explanation
Tier 3 storage would be for financial data that you want to keep for tax purposes and is not needed on a
day-to-day basis.
A, B, and D are incorrect. Tier 1 storage is used for data that is mission-critical, highly available, and secure
data. Tier 2 data is not mission-critical data but, like tier 1, is considerably more expensive than tier 3. Tier 4
data is used for archiving data and is kept for compliance purposes.
QUESTION 488
What RAID level would be used for a database file that requires minimum write requests to the database, a
large amount of read requests to the database, and fault tolerance for the database?
A. RAID 10
B. RAID 1
C. RAID 5
D. RAID 0
Correct Answer: C
Explanation
RAID 5 is best suited for a database or system drive that has a lot of read requests and very few write
requests.
A, B, and D are incorrect. RAID 10 would be used for a database that requires a lot of write requests and
needs high performance. RAID 1 is used when performance and reliability are more important than storage
capacity and is generally used for an operating system partition. RAID 0 provides no fault tolerance and
would not be recommended.
QUESTION 489
Which of the following statements can be considered a benefit of using RAID for storage solutions?
A. It is more expensive than other storage solutions that do not include RAID.
B. It provides degraded performance, scalability, and reliability.
C. It provides superior performance, improved resiliency, and lower costs.
D. It is complex to set up and maintain.
Correct Answer: C
Explanation
Using RAID can provide all these benefits over conventional hard disk storage devices.
A, B, and D are incorrect. RAID can be a more expensive solution compared to conventional storage
because of the loss of storage space to make up for redundancy. This is not a benefit of RAID. RAID does
not provide degraded performance, scalability, or reliability. RAID can be more complex to configure and
maintain, so this would not be a benefit of implementing RAID.
QUESTION 490
True or False. Even with the proper RAID configuration an organization should still have an appropriate
backup plan in place in case of a failure.
A. True
B. False
Correct Answer: A
Explanation
A proper backup plan is recommended even if you have implemented RAID. You may need to store the
data off-site, or the machine itself may have a failure. Also, it is possible, although unlikely, that all drives
can fail at the same time.
B is incorrect. Although RAID does provide redundancy, it does not allow for off-site storage. Because you
need some form of off-site storage, having no backup plan in place is not recommended.
QUESTION 491
Which of the following file systems is used primarily for Unix-based operating systems?
A. NTFS
B. FAT
C. VMFS
D. UFS
Correct Answer: D
Explanation
UFS is the primary file system in a Unix-based computer.

A, B, and C are incorrect. NTFS is a proprietary Microsoft file system and is used on Microsoft-based
operating systems. FAT is a legacy file system used to support older operating systems. VMFS is used for
VMware’s cluster file system.
QUESTION 492
Which of the following file systems was designed to protect against data corruption and is a 128-bit file
system?
A. NTFS
B. UFS
C. ZFS
D. FAT
Correct Answer: C
Explanation
ZFS was developed by Sun Microsystems and is focused on protecting the user’s data against corruption. It
is currently the only 128-bit file system.
A, B, and D are incorrect. The other file systems were not designed for protecting against data corruption
and are not 128-bit file systems.
QUESTION 493
The following file system was designed to replace the FAT file system:
A. NTFS
B. ZFS
C. EXT
D. UFS
Correct Answer: A
Explanation
NTFS was designed by Microsoft as a replacement for FAT.

B, C, and D are incorrect. The other file system types were designed for operating systems other than
Microsoft Windows
QUESTION 494
Which of the following file systems was the first to be designed specifically for Linux?
A. FAT
B. NTFS
C. UFS
D. EXT
Correct Answer: D
Explanation
EXT was the first file system designed specifically for Linux.
A, B, and C are incorrect. These file systems were not designed for Linux and are used primarily in other
operating systems.
QUESTION 495
Which type of storage system is directly attached to a computer and does not use a storage network
between the computer and the storage system?
A. NAS
B. SAN
C. DAS
D. Network share
Correct Answer: C
Explanation
A DAS is a storage system that directly attaches to a server or workstation without a storage network in
between the devices.
A, B, and D are incorrect. A NAS provides file-level storage that is connected to a network and supplies
data access to a group of devices. A SAN is a dedicated network and provides access to block-level
storage. A network share is a piece of information on a computer that can be accessed remotely from
another computer.
QUESTION 496
Which of the following characteristics describe a network attached storage (NAS) deployment?
A. Requires expensive equipment to support
B. Requires specialized skillsets for administrators to support
C. Delivers the best performance of any networked storage technologies
D. Provides great value by utilizing existing infrastructure
Correct Answer: D
Explanation
Network attached storage can utilize existing Ethernet infrastructures to deliver a low-cost solution with
good performance.
A, B, and C are incorrect. Expensive and often proprietary hardware and software along with systems
administrators with specialized skillsets are required to run storage area networks. Storage area networks,
although more expensive to build and support, provide the best possible performance for storage
networking.
QUESTION 497
Which statement would identify the primary difference between a NAS and a DAS?
A. A NAS cannot be shared and accessed by multiple computers.
B. A DAS provides fault tolerance.
C. A DAS does not connect to networked storage devices.
D. A NAS uses an HBA and a DAS does not
Correct Answer: C
Explanation
A DAS is a storage system that directly attaches to a server or workstation without a storage network in
between the devices.
A, B, and D are incorrect. A NAS can be shared and accessed by multiple computers over a network.A
DAS would not provide fault tolerance since it is connected to a single server, and neither NAS nor DAS
technologies utilize HBAs as a part of their solution.
QUESTION 498
Which storage type can take advantage of Universal Naming Convention addressable storage?
A. SAN
B. NAS
C. DAS
D. SATA
Correct Answer: B
Explanation
A NAS appears to the client operating system as a file server, which allows it to use Universal Naming
Convention addressable storage.
A, C, and D are incorrect. A DAS is directly attached to a server and is accessed directly from an indexed
filesystem. A SAN only provides storage at a block level, and SATA is an interface technology, not a
storage type.
QUESTION 499
Which storage type provides block-level storage?
A. SAN
B. NAS
C. DAS
D. SATA
Correct Answer: A
Explanation
A SAN is a storage device that resides on its own network and provides block-level access to computers
that are attached to it.
B, C, and D are incorrect. A NAS provides file-level storage. A DAS is not accessible over a storage
network. SATA is an interface technology, not a storage type.
QUESTION 500
Which of the following connects a server and a SAN and improves performance?
A. NIC teaming
B. Host bus adapter (HBA)
C. Ethernet
D. SCSI
Correct Answer: B
Explanation
An HBA card connects a server to a storage device and improves performance by off-loading the
processing required for the host to consume the storage data without having to utilize its own processor
cycles.
A, C, and D are incorrect. NIC teaming teams multiple NICs into a single interface and provides
redundancy. Ethernet and SCSI would not improve performance because they cannot off-load the
processing for the host computer to connect to the storage device.
Access Protocols and Applications
QUESTION 501
Which of the following protocols allows Fibre Channel to be transmitted over Ethernet?
A. HBA
B. FCoE
C. iSCSI
D. SAN
Correct Answer: B
Explanation
Fibre Channel over Ethernet (FCoE) enables the transport of Fibre Channel traffic over Ethernet networks
by encapsulating Fibre Channel frames over Ethernet networks.
A, C, and D are incorrect. iSCSI is a protocol that utilizes serialized IP packets to transmit SCSI commands
across IP networks and enables servers to access remote disks as if they were locally attached. A SAN is a
storage technology and an HBA is an adapter used to improve the performance of a SAN. They are not
protocols.
QUESTION 502
Which of the following is considered a SAN protocol?
A. FCP
B. IDE
C. SSD
D. DTE
Correct Answer: A
Explanation
The Fibre Channel protocol is a transport protocol that transports SCSI commands over a Fibre Channel
network. These networks are used exclusively to transport data in FC frames between storage area
networks and the HBAs attached to servers.
B, C, and D are incorrect. IDE is used to connect devices to a computer. SSD is a type of hard drive. DTE
stands for “data terminal equipment.” A computer is an example of DTE.
QUESTION 503
Which of the following allows you to connect a server to storage devices with speeds of 10 Gbps?
A. Ethernet
B. iSCSI
C. Fibre Channel
D. SAS
Correct Answer: C
Explanation
You can use Fibre Channel (FC) to connect servers to shared storage devices with speeds of up to 10
Gbps.
A, B, and D are incorrect. While Ethernet can run at 10 Gbps, it is not normally used to directly connect to a
storage device like Fibre Channel.
QUESTION 504
Which of the following uses IP networks that enable servers to access remote disks as if they were locally
attached?
A. SAS
B. SATA
C. iSCSI
D. Fibre Channel
Correct Answer: C
Explanation
iSCSI utilizes serialized IP packets to transmit SCSI commands across IP networks and enables servers to
access remote disks as if they were locally attached.
A, B, and D are incorrect. SAS and SATA do not allow you to connect to remote disks as if they were locally
attached to the system. Fibre Channel utilizes the Fibre Channel protocol to transmit data packets to SANs
across a fabric of fiber optic cables, switches, and HBAs.
Storage Provisioning
QUESTION 505
Warren is a systems administrator working in a corporate data center, and he has been tasked with hiding
storage resources from a server that does not need access to the storage device hosting the storage
resources. What can you configure on the storage controller to accomplish this task?
A. Zoning
B. LUN masking
C. Port masking
D. VLANs
Correct Answer: B
Explanation
LUN masking is executed at the storage controller level instead of at the switch level. By providing LUNlevel
access control at the storage controller, the controller itself enforces access policies to the devices,
making it more secure. This is the reason that physical access to the same device storing the LUNs
remains “untouchable” by the entity using it.
A, C, and D are incorrect. LUN masking provides more detailed security than zoning because LUNs allows
for sharing storage at the port level. Port masking occurs at the switch level instead of the controller, and
VLANs are virtualized local area networks that are also not modified at the controller.
QUESTION 506
Which of the following would increase availability from a virtualization host to a storage device?
A. Trunking
B. Multipathing
C. Link aggregation
D. VLANs
Correct Answer: B
Explanation
Multipathing creates multiple paths for the computer to reach the storage resources it is attempting to
contact, improving fault tolerance and possibly speed.
A, C, and D are incorrect. Trunking provides network access to multiple clients by sharing a set of network
lines instead of providing them individually. Link aggregation combines multiple network connections in
parallel to increase throughput. VLANs are virtual local area networks that do not have any effect on
increasing availability to storage resources.
QUESTION 507
Which of the following allows you to provide security to the data contained in a storage array?
A. Trunking
B. LUN masking
C. LUN provisioning
D. Multipathing
Correct Answer: B
Explanation
LUN masking enforces access policies to storage resources, and these storage policies make sure that the
data on those devices is protected from unauthorized access.
A, C, and D are incorrect. Trunking provides network access to multiple clients by sharing a set of network
lines instead of providing them individually. LUN provisioning does the opposite of LUN masking by making
LUNs available for data access, and multipathing creates multiple paths for the computer to reach the
storage resources that it is attempting to contact.
QUESTION 508
Which network type is not accessible from outside the organization by default?
A. Internet
B. Extranet
C. Intranet
D. LAN
Correct Answer: C
Explanation
An Intranet is a private network that is configured and controlled by a single organization and is only
accessible by users that are internal to that organization.
A, B, and D are incorrect. An Extranet is similar to an Intranet, but it is accessible from outside the
organization. The Internet is accessible from anywhere, and a LAN is part of an Intranet but is not a
separate network type.
QUESTION 509
Which of the following statements describes the difference between an Extranet and an Intranet network
configuration?
A. An Intranet does not require a firewall.
B. An Extranet requires less administration than an Intranet.
C. An Intranet is owned and operated by a single organization.
D. An Extranet allows controlled access from outside the organization.
Correct Answer: D
Explanation
An Extranet is an extension of an Intranet with the primary difference being that an Extranet allows
controlled access from outside the organization.
A, B, and C are incorrect. An Extranet requires a little bit more administration due to the fact that you have
to maintain access to resources outside the organization. Both an Intranet and an Extranet are owned by a
single organization, so this is not a difference in the two network types.
QUESTION 510
Which of the following is a network of multiple networks relying on network devices and common protocols
to transfer data from one destination to another until it reaches its final destination and is accessible from
anywhere?
A. Intranet
B. Extranet
C. Internet
D. LAN
Correct Answer: C
Explanation
The Internet is not controlled by a single entity and serves billions of users around the world.
A, B, and D are incorrect. An Intranet is only accessible to users within a specific organization. An Extranet
allows only controlled access from outside the organization. A LAN is part of an Intranet.
Network Optimization
QUESTION 511
Which of the following terms defines the amount of data that can be sent across a network at a given time?
A. Network latency
B. Bandwidth
C. Compression
D. Network load balancing
Correct Answer: B
Explanation
Bandwidth is the amount of data that can traverse a network interface over a specific amount of time.
A, C, and D are incorrect. Network latency is a time delay that is encountered while data is being sent from
one point to another on the network and impacts network bandwidth. Compression is the reduction in the
size of data brought about by converting it into a format that requires fewer bits and does not define the
amount of data that can be sent over the network. Network load balancing is used to increase performance
and provide redundancy for websites and applications.
QUESTION 512
Which of the following causes network performance to deteriorate and delays network response time?
A. Network latency
B. Caching
C. Network bandwidth
D. High CPU and memory usage
Correct Answer: A
Explanation
Network latency is a time delay that is encountered while data is being sent from one point to another on
the network and impacts network bandwidth and performance.
B, C, and D are incorrect. Caching is the process of storing frequently accessed data in a location close to
the device requesting the data and helps improve network performance. Network bandwidth is the amount
of data that can traverse a network interface over a specific amount of time. CPU and memory are different
compute resources that need to be monitored for performance but are separate from network
performance.
QUESTION 513
After taking a new job at the state university, you are asked to recommend a network topology that best fits
the large college campus. The network needs to span the entire campus. Which network topology would
you recommend?
A. LAN
B. WAN
C. MAN
D. SAN
Correct Answer: C
Explanation
A metropolitan area network (MAN) can connect multiple LANs and is used to build networks with high data
connection speeds for cities or college campuses.
A, B, and D are incorrect. A local area network (LAN) is a network that connects computers to each other
and allows them to communicate over a short distance and would not satisfy the requirement of spanning a
large campus. A wide area network (WAN) is a network that can contain multiple LANs and/or MANs and is
not restricted by geographic area. A storage area network (SAN) would not allow you to connect different
LANs throughout the campus as the question requires.
QUESTION 514
You administer a website that receives thousands of hits per second. You notice the web server hosting the
website is operating at close to capacity. What solution would you recommend to improve the performance
of the website?
A. Caching
B. Network load balancing
C. Compression
D. Network bandwidth
Correct Answer: B
Explanation
Network load balancing is used to increase performance and provide redundancy for websites and
applications.
A, C, and D are incorrect. Caching is the process of storing frequently accessed data in a location close to
the device requesting the data and helps improve network performance for the client, but it would not help
improve the performance of the web server. Compression is defined as the reduction in the size of data,
which is done by converting that data into a format that requires fewer bits and does not define the amount
of data that can be sent over the network. Again, this is a technology that helps with the receiving end of the
network traffic but will not alleviate performance issues on the hosting server. Network bandwidth is the
amount of data that can traverse a network interface over a specific amount of time, and is a measurement
but not a technique or mechanism for improving performance.
Routing and Switching
QUESTION 515
Which process allows a router to modify packets so that multiple devices can share a single public IP
address?
A. NAT
B. DNS
C. VLAN
D. Subnetting
Correct Answer: A
Explanation
NAT allows your router to change your private IP address into a public IP address so that you can access
resources that are external to your organization; then the router tracks those IP address changes.
B, C, and D are incorrect. DNS maps host names to IP addresses, but does not allow multiple hosts to
operate from a single IP address. A VLAN allows you to logically segment a LAN into different broadcast
domains, whereas subnetting allows you to divide one network into multiple networks.
QUESTION 516
Which of the following IP addresses is in a private IP range?
A. 12.152.36.9
B. 10.10.10.10
C. 72.64.53.89
D. 173.194.96.3
Correct Answer: B
Explanation
10.0.0.0–10.255.255.255 is a private class A address range.

A, C, and D are incorrect. All of these are examples of public IP addresses. Only IP addresses that fall into
the IP ranges listed in Table 4-1 are considered private IP addresses.
QUESTION 517
Which of the following technologies allows you to logically segment a LAN into different broadcast
domains?
A. MAN
B. WAN
C. VLAN
D. SAN
Correct Answer: C
Explanation
A VLAN allows you to configure separate broadcast domains even if the devices are plugged into the same
physical switch.
A, B, and D are incorrect. A MAN usually connects physically, not logically, separated LANs and is used to
build networks with high data connection speeds for cities or college campuses. A WAN is a network that
covers a large geographic area and can contain multiple physical, not logical, LANs and/or MANs. A SAN is
a dedicated network used to provide access to block-level storage and not broadcast domains.
Network Ports and Protocols
QUESTION 518
Which of the following protocols and ports is used to secure communication over the Internet?
A. HTTP over port 80
B. SMTP over port 25
C. FTP over port 21
D. HTTPS over port 443
Correct Answer: D
Explanation
HTTPS is an extension of the HTTP protocol that provides secure communication over the Internet and
uses port 443 by default.
A, B, and C are incorrect. HTTP uses port 80 by default and allows for communication between a web
client or web browser and a web server hosting a website. SMTP uses port 25 by default to transfer e-mail
messages over the Internet. FTP uses port 21 by default to download and transfer files over the Internet.
None of these three protocols is a secure form of communication.
QUESTION 519
SFTP uses _________ to secure FTP communication.
A. Certificates
B. FTPS
C. SSH
D. SMTP
Correct Answer: C
Explanation
SFTP uses SSH keys to secure FTP communication.

A, B, and D are incorrect. FTPS uses SSL or TLS and certificates to secure FTP communication. SMTP is
used to transfer e-mail messages over the Internet.
QUESTION 520
In a network environment _______ is responsible for assigning IP addresses to computers and _______ is
responsible for resolving those IP addresses to names.
A. DNS, DHCP
B. DHCP, DNS
C. HTTP, DNS
D. DHCP, SMTP
Correct Answer: B
Explanation
DHCP is responsible for assigning IP addresses to computers and DNS is responsible for resolving those
IP addresses to names.
A, C, and D are incorrect. HTTP allows for communication between a web client or web browser and a web
server hosting a website. SMTP is used to transfer e-mail messages over the Internet.
QUESTION 521
Which of these ports is the well-known port for the Telnet service?
A. 25
B. 22
C. 23
D. 443
Correct Answer: C
Explanation
Telnet uses port 23 by default for its communication.

A, B, and D are incorrect. Port 25 is used by SMTP for transferring e-mail. Port 22 is used by SSH, and port
443 is used by HTTPS to provide secure communication over the Internet.
QUESTION 522
This protocol is responsible for transferring electronic mail messages from one mail server to another over
the Internet.
A. DNS
B. HTTPS
C. FTP
D. SMTP
Correct Answer: D
Explanation
SMTP is used to transfer e-mail messages from one e-mail server to another over the Internet.
A, B, and C are incorrect. DNS translates Internet domain or host names into IP addresses. HTTPS is an
extension of the HTTP protocol that provides secure communication over the Internet. FTP is a standard
network protocol that allows access to and transfer of files over the Internet using either a command-line or
graphical-based FTP client.
Hypervisor
QUESTION 523
Which of the following hypervisors would provide the best performance for a host machine?
A. Type 1
B. Type 2
C. Open source
D. Proprietary
Correct Answer: A
Explanation
A type 1 hypervisor is one that is created and deployed on a bare metal installation. The hypervisor
communicates directly with the physical server hardware and boots before the operating system. Due to the
way the hypervisor interacts with the host computer, a type 1 hypervisor will provide improved performance
versus the other answer choices.
B, C, and D are incorrect. A type 2 hypervisor is loaded on top of an already existing operating system
installation, and the underlying operating system is what impacts performance. While it could be argued that
open source might perform better than proprietary, the open-source hypervisor would still be considered a
type 1 hypervisor.
QUESTION 524
You are investigating which technology is best suited for virtualizing a server operating system for personal
use on a desktop computer. Which of the following technologies would you recommend?
A. Type 1
B. Type 2
C. SAN
D. RAID 6
Correct Answer: B
Explanation
A type 2 hypervisor is more suited for personal use because it can be installed directly on top of an existing
operating system. Most desktop manufacturers support hardware virtualization on their desktops, which
would allow you to run a type 2 hypervisor on your existing operating system.
A, C, and D are incorrect. A type 1 hypervisor is more suited for an enterprise environment where the host
computer is designed and configured to do nothing but virtualization. A SAN and RAID 6 would not be a
required consideration when running a personal virtualization solution.
QUESTION 525
Which of the following hypervisors runs on a bare metal system?
A. Open source
B. Proprietary
C. Type 1
D. Type 2
Correct Answer: C
Explanation
A type 1 hypervisor is one that is created and deployed on a bare metal installation.
A, B, and D are incorrect. A type 2 hypervisor is loaded on top of an already existing operating system
installation. Type 1 or type 2 hypervisors can be either open source or proprietary hypervisors.
QUESTION 526
What type of hypervisor is provided to an enterprise to use without cost?
A. Proprietary
B. Open source
C. Type 1
D. Type 2
Correct Answer: B
Explanation
An open-source hypervisor is provided at no cost and delivers the same ability to run multiple guest virtual
machines on a single host as a proprietary hypervisor.
A, C, and D are incorrect. A proprietary hypervisor is one that is developed and licensed under an exclusive
legal right of the copyright holder and must be purchased by the customer. Type 1 or type 2 hypervisors can
be either open source or proprietary hypervisors.
QUESTION 527
An administrator is testing a variety of operating systems while performing other functions like surfing the
Internet and word processing. What type of hypervisor are they most likely using?
A. Type 1
B. Enterprise hypervisor
C. Type 2
D. Open source
Correct Answer: C
Explanation
A type 2 hypervisor allows an administrator to run virtual machines on top of an existing operating system
while surfing the Internet and running word processing on the host computer.
A, B, and D are incorrect. A type 1 hypervisor could be used to run virtual machines and at the same time
surf the Internet and do word processing, but it would not be best practice. It is not advised to run additional
applications on the host computer other than the type 1 hypervisor software due to security risks and
resource utilization. An enterprise hypervisor is not a valid hypervisor. An open-source hypervisor can be
either a type 1 or type 2 hypervisor
QUESTION 528
You are deploying two virtual servers. One of the virtual servers is a heavily used database server and the
other is a lightly used print server. What virtual CPU configuration would you recommend?
A. One virtual CPU for the database server and two virtual CPUs for the print server
B. Two virtual CPUs for the database server and two virtual CPUs for the print server
C. Two virtual CPUs for the database server and one virtual CPU for the print server
D. Three virtual CPUs for the print server and two virtual CPUs for the database server
Correct Answer: C
Explanation
When assigning virtual CPUs, you want to assign as many as possible to the heavily used application. If an
application is not going to be heavily utilized, you should assign the minimum amount of virtual CPUs. In
this case the database server is heavily utilized so it should get more CPUs than the lightly used print
server.
A, B, and D are incorrect. You would not need to assign the print server more than one virtual CPU, and
you would want to assign the database server more virtual CPUs than the print server.
QUESTION 529
An administrator is trying to enable hardware-assisted virtualization in the BIOS of a computer and notices it
is not an option. He checks the specification on the manufacturer’s website and finds that the system
should support hardware-assisted virtualization. What is most likely the reason why he can’t enable it?
A. The BIOS needs a firmware update.
B. The BIOS is corrupt.
C. Hardware-assisted virtualization is enabled in the operating system, not the BIOS.
D. The firmware is corrupt.
Correct Answer: A
Explanation
If the manufacturer states that the hardware should support hardware-assisted virtualization and the option
is unavailable in the BIOS, the most likely cause is that the BIOS needs a firmware update to add the
additional feature.
B, C, and D are incorrect. While there could be additional reasons that the feature is not available in the
BIOS, the first thing to consider would be to update the BIOS firmware.
QUESTION 530
You have been tasked with planning the purchase of a new virtualization host computer. When it comes
time to recommend the processor type, which processor capability is more important?
A. CPUs are more important than CPU cores and cache.
B. CPU cores and cache are more important than CPUs.
C. CPU speed is more important than CPU cores and cache.
D. CPU cores and cache are more important than CPU speed.
Correct Answer: D
Explanation
You are better off spending money on more cores with more cache rather than on faster CPU speed. When
it comes to virtualization, you want as many CPU cores as possible to assign to the virtual machine.
A, B, and C are incorrect. While CPU speed is important, CPU cores and cache are more important. When
determining where to spend the extra budget, you want to spend it on cores and cache over speed.
QUESTION 531
True or False. When purchasing a NIC for a host computer, it is important to purchase one that supports
advanced features such as jumbo frames and TCP Off-loads.
A. True
B. False
Correct Answer: A
Explanation
You should use only server-class NICs in a virtualization host, and the NIC should support advanced
features such as jumbo frames to help minimize network latency.
B is incorrect. You should not purchase NICs that do not support the advanced features listed in the
question for a host computer.
QUESTION 532
Which of the following would be a requirement when planning the compute resources for a host computer?
A. The host computer does not need to have enough compute resources to support the virtual machine
workload.
B. The host computer must have enough compute resources to support the virtual machine workload.
C. The host computer must be running a support operating system.
D. The number of virtual machines running Microsoft Windows must be known.
Correct Answer: B
Explanation
When you are planning for and determining the compute resources for a host computer, you need to make
sure there are enough resources to handle the virtual machine workload that the host computer is expected
to support.
A, C, and D are incorrect. The most important thing for planning compute resources on a host computer is
to have enough resources to cover the virtual machine load.
Virtual Machine
QUESTION 533
In a virtual machine, which component appears as an Ethernet adapter?
A. Virtual HBA
B. Virtual NIC
C. Virtual switch
D. Virtual router
Correct Answer: B
Explanation
A virtual network interface card does not have any physical components; it is a software component made
up of software drivers that mimic a physical NIC and appears as an Ethernet adapter on a virtual machine.
A, C, and D are incorrect. None of these options would be shown as an Ethernet adapter on a virtual
machine when they are added to a virtual machine.
QUESTION 534
An administrator deploys a new virtual machine. After logging on to the virtual machine, he notices that it
has a different time setting than the host. What is most likely the cause of this issue?
A. The virtual machine cannot communicate with the network.
B. The guest tools are not installed.
C. The virtual NIC is not configured correctly.
D. The VLAN tag is incorrect.
Correct Answer: B
Explanation
Guest tools are software additions that are added to a virtual machine after the operating system has been
installed. Among other things, the guest tools allow a virtual machine to synchronize its time with a host
computer.
A, C, and D are incorrect. The guest tools allow the virtual machine to use the host computer as a time
source. Without the guest tools the virtual machine might not have the correct time.
QUESTION 535
Which of the following groups multiple network storage devices into a single storage unit that can be
managed from a central console and used by a virtual machine or host computer?
A. Virtual switch
B. Virtual HBA
C. Virtual NIC
D. Storage virtualization
Correct Answer: D
Explanation
Storage virtualization consolidates multiple storage devices into a single unit and simplifies the
administration of common storage tasks.
A, B, and C are incorrect. Virtual switch, virtual HBA, and a virtual NIC can all be used to access shared
storage over the network, but they would not be used to create shared storage.
QUESTION 536
Which type of memory allows a virtual machine to start with a smaller amount of memory and increase it
based on the workload of the virtual machine?
A. Startup RAM
B. Static memory
C. Virtual memory
D. Dynamic memory
Correct Answer: D
Explanation
Dynamic memory allows you to assign a minimum and maximum amount of memory to a virtual machine.
This allows a virtual machine to consume memory dynamically based on its current workload.
A, B, and C are incorrect. The other memory options in the question do not allow the virtual machine to
increase its memory as needed since they are statically assigned.
QUESTION 537
Which component controls how the network traffic flows between the virtual machines and the host
computer and also how network traffic flows between the virtual machine and other network devices in the
organization?
A. Virtual NIC
B. Virtual storage
C. Virtual HBA
D. Virtual switch
Correct Answer: D
Explanation
The virtual switch is responsible for how the network traffic flows between virtual machines and the host
and between virtual machines and other network devices.
A, B, and C are incorrect. A virtual NIC allows you to connect to a virtual switch. A virtual HBA would allow
you to connect to a storage device. Virtual storage does not allow you to control how the virtual machine
connects with the network.
Benefits of Virtualization in a Cloud Environment
QUESTION 538
Which of the following allows you to scale resources up and down dynamically as required for a given
application?
A. Subnetting
B. Resource pooling
C. Elasticity
D. VLAN
Correct Answer: C
Explanation
Elasticity allows an organization to scale resources up and down as an application or service requires.
A, B, and D are incorrect. Subnetting is the practice of creating subnetworks, or subnets, which are logical
subdivisions of an IP network. A virtual local area network or VLAN is the concept of partitioning a physical
network to create separate independent broadcast domains that are part of the same physical network.
QUESTION 539
Which of the following data centers offers the same concepts as a physical data center with the benefits of
cloud computing?
A. Private data center
B. Public data center
C. Hybrid data center
D. Virtual data center
Correct Answer: D
Explanation
A virtual data center offers compute resources, network infrastructure, external storage, backups, and
security, just like a physical data center. A virtual data center also offers virtualization, pay-as-you-grow
billing, elasticity, and scalability.
A, B, and C are incorrect. The other options are definitions of cloud deployment and service models.
QUESTION 540
How does virtualization help to consolidate an organization’s infrastructure?
A. It allows a single application to be run on a single computer.
B. It allows multiple applications to run on a single computer.
C. It requires more operating system licenses.
D. It does not allow for infrastructure consolidation and actually requires more compute resources.
Correct Answer: B
Explanation
Virtualization allows an organization to consolidate its servers and infrastructure by allowing multiple virtual
machines to run on a single host computer.
A, C, and D are incorrect. These options would not help to consolidate an organization’s infrastructure.
QUESTION 541
Which of the following gives a cloud provider the ability to distribute resources on an as-needed basis to the
cloud consumer and in turn helps to improve efficiency and reduce costs?
A. Elasticity
B. Shared resources
C. Infrastructure consolidation
D. Network isolation
Correct Answer: B
Explanation
Shared resources give a cloud provider the ability to distribute resources on an as-needed basis to the
cloud consumer which helps to improve efficiency and reduce costs for an organization. Virtualization helps
to simplify the process of sharing compute resources.
A, C, and D are incorrect. Elasticity allows an organization to scale resources up and down as an
application or service requires but does not allow the cloud provider the ability to distribute resources as
needed. Infrastructure consolidation allows an organization to consolidate their physical servers into a
smaller virtualized data center but is not used to distribute resources automatically. Network isolation allows
you to isolate the network the virtual machine is connected to but has nothing to do with distributing
resources.
Virtual Resource Migrations
QUESTION 542
Your organization is planning on migrating their data center, and you as the administrator have been tasked
with reducing the footprint of the new data center by virtualizing as many servers as possible. A physical
server running a legacy application has been identified as a candidate for virtualization. Which of the
following methods would be used to migrate the server to the new data center?
A. V2V
B. V2P
C. P2P
D. P2V
Correct Answer: D
Explanation
P2V would allow you to migrate the physical server running the legacy application to a new virtual machine
in the new virtualized data center.
A, B, and C are incorrect. These options do not allow you to migrate the physical server running the legacy
application to a new virtual server.
QUESTION 543
You have been tasked with migrating a virtual machine to a new host computer. Which migration process
would be required?
A. V2V
B. V2P
C. P2P
D. P2V
Correct Answer: A
Explanation
V2V would allow you to migrate the virtual machine to a new virtual machine on the new host computer.
B, C, and D are incorrect. These options would not be the most efficient way to migrate a virtual machine to
a new host computer.
QUESTION 544
An application was installed on a virtual machine and is now having issues. The application provider has
asked you to install the application on a physical server. Which migration process would you use to test the
application on a physical server?
A. V2V
B. V2P
C. P2P
D. P2V
Correct Answer: B
Explanation
One of the primary reasons for using the V2P process is to migrate a virtual machine to a physical machine
to test an application on a physical server if requested by the application manufacturer.
A, C, and D are incorrect. These options do not allow you to migrate a virtual machine to a physical server.
QUESTION 545
You have been tasked with deploying a group of virtual machines quickly and efficiently with the same
standard configurations. What process would you use?
A. V2P
B. P2V
C. Virtual machine templates
D. Virtual machine cloning
Correct Answer: C
Explanation
Virtual machine templates would allow you to deploy multiple virtual machines and those virtual machines
would have identical configurations, which streamlines the process.
A, B, and D are incorrect. When you create a virtual machine clone, you are creating an exact copy of an
existing virtual machine. P2V and V2P do not allow you to deploy multiple standardized virtual machines.
QUESTION 546
Which of the following allows you to migrate a virtual machine’s storage to a different storage device while
the virtual machine remains operational?
A. Network isolation
B. P2V
C. V2V
D. Storage migration
Correct Answer: D
Explanation
Storage migration is the process of transferring data between storage devices and can be automated or
done manually and allows the storage to be migrated while the virtual machine continues to be accessible.
A, B, and C are incorrect. Network isolation allows you to isolate the network the virtual machine is
connected to. P2V and V2V migrate the entire virtual machine or physical server, not just the virtual
machine’s storage.
QUESTION 547
You need to create an exact copy of a virtual machine to deploy in a development environment. Which of
the following processes is the best option?
A. Storage migration
B. Virtual machine templates
C. Virtual machine cloning
D. P2V
Correct Answer: C
Explanation
When you create a virtual machine clone, you are creating an exact copy of an existing virtual machine.
A, B, and D are incorrect. Virtual machine templates provide a streamlined approach to deploying a fully
configured base server image or even a fully configured application server but do not create an exact copy
of a virtual machine. Storage migration migrates the virtual machine’s storage to another storage device; it
does not create an exact copy of the virtual machine. P2V would allow you to create a copy of a physical
machine as a virtual machine, not an exact copy of a virtual machine.
QUESTION 548
You are migrating a physical server to a virtual server. The server needs to remain available during the
migration process. What type of migration would you use?
A. Offline
B. Online
C. Hybrid
D. V2P
Correct Answer: B
Explanation
With an online migration the physical computer or source computer remains running and operational during
the migration.
A, C, and D are incorrect. An offline migration requires the server to be shut down before the migration
process can take place.
Migration Considerations
QUESTION 549
You notice that one of your virtual machines will not successfully complete an online migration to a
hypervisor host. Which of the following is most likely preventing the migration process from completing?
A. The virtual machine needs more memory than the host has available.
B. The virtual machine has exceeded the allowed CPU count.
C. The virtual machine does not have the proper network configuration.
D. The virtual machine license has expired.
Correct Answer: A
Explanation
During a P2V migration the host computer must support the source computer’s memory. More than likely
the host does not have enough available memory to support the import of the virtual machine in a migration
scenario.
B, C, and D are incorrect. These settings would need to be planned and thought out, but they would not
prevent a virtual machine from being migrated to a host computer.
QUESTION 550
After a successful P2V migration, which of the following tests should be completed on the new virtual
machine?
A. Testing is not required.
B. Remove all unnecessary software.
C. Verify the IP address, DNS, and other network configurations.
D. Run a monitoring program to verify compute resources.
Correct Answer: C
Explanation
After a successful migration, the network settings should be checked and verified before bringing the virtual
machine online.
A, B, and D are incorrect. Testing the virtual machine after a successful migration is something that should
always be done. Testing the performance of the virtual machine should be done after the network settings
have been configured and verified.
QUESTION 551
True or False. A physical-to-virtual migration should not be done during scheduled maintenance windows.
A. True
B. False
Correct Answer: B
Explanation
Migrating a physical server to a virtual machine should be done during planned and scheduled maintenance
hours.
A is incorrect. A migration of a physical-to-virtual server should not be done outside of scheduled
maintenance windows.
QUESTION 552
You are planning your migration to a virtual environment. Which of the following physical servers should be
migrated first? Choose two.
A. A development server
B. A server that is running a non-mission-critical application and is not heavily utilized day to day
C. A highly utilized database server
D. A server running a mission-critical application
Correct Answer: AB
Explanation
When planning a migration from a physical data center to a virtual data center, the first servers that should
be migrated are noncritical servers that are not heavily utilized. A development server would be a good
candidate since it is most likely not a mission-critical server.
C and D are incorrect. You would not want to migrate mission-critical or highly utilized servers before
migrating noncritical servers. This helps to prevent downtime of critical applications and provides a means
of testing the migration process and the virtual environment before migrating critical servers to the virtual
environment.
QUESTION 553
Which of the following protocols can be used to identify which operating system version is installed on a
virtual machine?
A. WMI
B. SMTP
C. SMS
D. IMAP
Correct Answer: A
Explanation
WMI provides an administrator a way to gather hardware information from multiple physical servers or
virtual servers and put that information into a centralized database.
B, C, and D are incorrect. Simple mail transfer protocol (SMTP) can send an e-mail when a certain
monitored event occurs. SMS is a text messaging service that allows an alert to be sent to a mobile device.
Internet message access protocol (IMAP) allows an e-mail client to access e-mail on a remote mail server.
QUESTION 554
Which of these can be used by both a cloud consumer and a cloud provider to give a visual picture of
performance metrics?
A. API
B. SNMP
C. Dashboard
D. SMTP
Correct Answer: C
Explanation
A dashboard is a great way for both the cloud consumer and cloud provider to access key metrics when it
comes to monitoring cloud resources. A dashboard can give a summary of the current usage of the cloud
resources in an easy-to-view format of charts and graphs.
A, B, and D are incorrect. An application programming interface (API) is a protocol that can be used as an
interface into a software component. SNMP is commonly supported on devices such as routers, switches,
printers, and servers and is used to monitor these devices for any issues or conditions that might arise, but
it does not provide performance metrics. Nor does SMTP, which is used to send e-mail alerts when certain
monitored events occur.
QUESTION 555
Which of the following utilizes UDP port 514 when collecting events?
A. SNMP
B. Syslog
C. WMI
D. Web services
Correct Answer: B
Explanation
Syslog provides a mechanism for a network device to send event messages to a logging server or syslog
server using UDP port 514 or TCP 514.
A, C, and D are incorrect. Simple network management protocol (SNMP) is one of the common protocols
used to manage and monitor an environment, but it does not utilize UDP port 514. WMI allows an
administrator to query and set information on a workstation, server, or application, but it does not use UDP
port 514. Web services provide a centralized console to view events but again would not use UDP port
514.
QUESTION 556
Which of the following protocols can be used to create scripts that can be run against target computers to
perform simple administrative tasks?
A. WMI
B. SMTP
C. SMS
D. IMAP
Correct Answer: A
Explanation
WMI allows you to write scripts to automate certain administrative tasks and run those scripts against
remote computers.
B, C, and D are incorrect. None of these options allow you to create scripts to automate specific
administrative tasks.
QUESTION 557
Which of the following protocols constantly executes a software component called an agent, which reports
information using the protocol back to a manager?
A. WMI
B. SMTP
C. SMS
D. SNMP
Correct Answer: D
Explanation
A monitoring solution that uses SNMP has an administrative computer, commonly referred to as a
manager, that monitors or manages a group of network devices. Each managed device constantly
executes a software component called an agent, that reports back to the manager.
A, B, and C are incorrect. WMI allows you to write scripts to automate certain administrative tasks and run
the scripts against remote computers. SMTP sends an e-mail alert when a certain monitored event occurs.
SMS allows you to send short text messages to alert about issues and does not report back to a manager.
QUESTION 558
Which of the following alerting methods allows a technician to receive an alert on a mobile device such as a
cell phone?
A. SMTP
B. SMS
C. SNMP
D. Syslog
Correct Answer: B
Explanation
SMS is a text messaging service that allows an alert to be sent to a mobile device.
A, C, and D are incorrect. SMTP can send an e-mail when a certain monitored event occurs, but it cannot
transmit to a cell phone or other mobile device. Syslog provides a mechanism for a network device to send
event messages to a logging server or syslog server using UDP port 514.
QUESTION 559
Which of the following alerting methods can be configured to send an e-mail when a certain alert is
triggered?
A. SMTP
B. SMS
C. SNMP
D. Syslog
Correct Answer: A
Explanation
Simple mail transfer protocol (SMTP) sends an e-mail alert when a certain monitored event occurs.
B, C, and D are incorrect. SMS is a text messaging service that allows an alert to be sent to a mobile
device. Syslog provides a mechanism for a network device to send event messages to a logging server or
syslog server using UDP port 514. SNMP does not allow an administrator to receive messages on a cell
phone.
QUESTION 560
Which of the following protocols allows for out-of-band management of a computer?
A. WMI
B. SMS
C. SNMP
D. IPMI
Correct Answer: D
Explanation
IPMI operates independently of the operating system. It provides out-of-band management and monitoring
of a system before the operating system is loaded, which allows BIOS settings to be remotely monitored or
configured.
A, B, and C are incorrect. WMI, SMS, and SNMP do not allow you to perform out-of-band management of a
device.
Remote-Access Tools
QUESTION 561
You receive an alert that a virtual machine is down. The server does not respond to a ping. What tool
should be used to troubleshoot the server if you were off-site?
A. Console port
B. SSH
C. Hypervisor console
D. SMTP
Correct Answer: B
Explanation
Secure shell (SSH) provides a secure way to remotely manage network devices, including hypervisor
hosts.
A, C, and D are incorrect. A console port would not allow management of the hypervisor host from an offsite
location. SMTP sends e-mail alerts in response to monitored events; it does not remotely manage
network devices. A hypervisor console would not be available since you are accessing the hypervisor host
from an off-site location.
QUESTION 562
Which of the following would you use to remotely access a virtualization host in a secure fashion?
A. Telnet
B. Ping
C. HTTPS
D. Console port
Correct Answer: C
Explanation
HTTPS gives you a way to access a virtualization host remotely in a secure fashion.
A, B, and D are incorrect. Telnet and Ping do not allow you to access a virtualization host remotely in a
secure fashion. A console port doesn’t allow you to access the host remotely.
QUESTION 563
You have been tasked with gathering a list of software installed on all the computers in your environment.
You want to gather this information remotely. Which of the following would you use to gather this
information?
A. WMI
B. SNMP
C. HTTP
D. Syslog
Correct Answer: A
Explanation
With WMI it is possible to query workstations remotely and gather a list of all the software installed on those
workstations.
B, C, and D are incorrect. HTTP does not allow you to remotely gather all the software installed on a
computer. Syslog provides a mechanism for a network device to send event messages to a logging server
or syslog server using UDP port 514 but will not allow you to query for installed software. SNMP collects
event messages from SNMP-enabled devices but does not query for installed software.
QUESTION 564
Which of the following protocols would be used to directly connect to a hypervisor host remotely to modify
operating system settings on the hypervisor host?
A. RDP
B. Console port
C. SMTP
D. HTTPS
Correct Answer: A
Explanation
The remote desktop protocol (RDP) lets you establish a remote connection directly to a hypervisor host. It
allows you to change system settings on the hypervisor host computer itself.
B, C, and D are incorrect. The console port gives you direct access to a hypervisor host but not remotely.
SMTP does not allow you to remotely connect to the hypervisor host to modify settings. HTTPS gives you a
web console that could access some management features of the hypervisor software but not the
hypervisor host machine.
QUESTION 565
Which of the following is a benefit of remote hypervisor administration?
A. Only being able to modify one hypervisor host at a time
B. Being able to remotely manage multiple hypervisor hosts from a single console
C. Not having access to a hypervisor host
D. Remotely accessing a hypervisor host has no benefit
Correct Answer: B
Explanation
The ability to remotely manage multiple hypervisor hosts from a single console from your workstation allows
for a quick and easy way to make changes to multiple hosts and is an important benefit of remote
hypervisor administration.
A, C, and D are incorrect. Modifying a single host remotely is not as big of an advantage as modifying
multiple hosts remotely, as it would require more administration to connect to each individual host computer
remotely to modify the same settings.
Host Resource Allocation
QUESTION 566
Which of the following would be considered a host compute resource?
A. Cores
B. Power supply
C. Processor
D. Bandwidth
Correct Answer: C
Explanation
The four compute resources used in virtualization are disk, memory, processor, and network. On a host,
these are available as the physical entities of hard disks, memory chips, processors, and network interface
cards (NICs).
A, B, and D are incorrect. Cores are a virtual compute resource. Power supplies, while utilized by hosts, are
not compute resources because they do not contribute resources toward the creation of virtual machines.
Bandwidth is a measurement of network throughput capability, not a resource itself.
QUESTION 567
Quotas are a mechanism for enforcing what?
A. Limits
B. Rules
C. Access restrictions
D. Virtualization
Correct Answer: A
Explanation
Quotas are rules that enforce limits on the resources that can be utilized for a specific entity on a system.
B, C, and D are incorrect. Quotas cannot be used to enforce rules or setup virtualization. Access
restrictions are security entities, not quantities that can be limited, and virtualization is the abstraction of
hardware resources, which has nothing to do with quotas.
QUESTION 568
How are quotas defined?
A. By management systems
B. According to service level agreements that are defined between providers and their customers
C. Through trend analysis and its results
D. With spreadsheets and reports
Correct Answer: B
Explanation
Quotas are defined according to service level agreements that are negotiated between a provider and its
customers.
A, C, and D are incorrect. Management systems and trend analysis provide measurement of levels of
capacity, and those levels are reported on using spreadsheets and reports, but these are all practices and
tools that are used once the quotas have already been negotiated.
QUESTION 569
When would a reservation be used?
A. When a maximum amount of resources needs to be allocated to a specific resource
B. When a minimum amount of capacity needs to be available at all times to a specific resource
C. When capacity needs to be measured and controlled
D. When planning a dinner date
Correct Answer: B
Explanation
Reservations should be utilized when there is a minimum amount of resources that needs to have
guaranteed capacity.
A, C, and D are incorrect. Dealing with maximum capacity instead of minimums is the opposite of a
reservation. Capacity should always be measured and controlled, but not all measurement and control of
capacity deals with reservations. Obviously, if you are planning for a dinner date you will want to make
reservations, but that has nothing to do with cloud computing.
Virtual Machine Resource Allocation
QUESTION 570
How does the hypervisor enable access for virtual machines to the physical hardware resources on a host?
A. Over Ethernet cables
B. By using USB 3.0
C. Through the system bus
D. By emulating a BIOS that abstracts the hardware
Correct Answer: D
Explanation
The host computer BIOS is emulated by the hypervisor to provide compute resources for a virtual machine.
A, B, and C are incorrect. These options do not allow a host computer to emulate compute resources and
distribute them among virtual machines.
QUESTION 571
What mechanism allows one core to handle all requests from a specific thread on a specific processor
core?
A. V2V
B. CPU affinity
C. V2P
D. P2V
Correct Answer: B
Explanation
CPU affinity allows all requests from a specific thread or process to be handled by the same processor
core.
A, C, and D are incorrect. You can use a V2V to copy or restore files and program from one virtual machine
to another. V2P allows you to migrate a virtual machine to a physical server. P2V allows you to migrate a
physical server’s operating system, applications, and data from the physical server to a newly created guest
virtual machine on a host computer.
QUESTION 572
In a scenario where an entity exceeds its defined quota, but is granted access to the resources anyway,
what must be in place?
A. Penalty
B. Hard quota
C. Soft quota
D. Alerts
Correct Answer: C
Explanation
Soft quotas enforce limits on resources, but do not restrict access to the requested resources when the
quota has been exceeded.
A, B, and D are incorrect. Penalties may be incurred if soft quotas are exceeded, but the quota must first be
in place. A hard quota denies access to resources after it has been exceeded. Alerts should be configured,
regardless of the quota type, to be triggered when the quota has been breached.
QUESTION 573
Which of the following must be licensed when running a virtualized infrastructure?
A. Hosts
B. Virtual machines
C. Both
D. Neither
Correct Answer: C
Explanation
Both hosts and guests must be licensed in a virtual environment.

A, B, and D are incorrect. Both hosts and guests must be licensed in a virtual environment.
QUESTION 574
What do you need to employ if you have a serial device that needs to be utilized by a virtual machine?
A. Network isolation
B. Physical resource redirection
C. V2V
D. Storage migration
Correct Answer: B
Explanation
Physical resource redirection enables virtual machines to utilize physical hardware as if they were physical
hosts that could connect to the hardware directly.
A, C, and D are incorrect. These options do not allow you to redirect a virtual machine to a physical port on
a host computer.
QUESTION 575
You need to divide your virtualized environment into groups that can be managed by separate groups of
administrators. Which of these tools can you use?
A. Quotas
B. CPU affinity
C. Resource pools
D. Licensing
Correct Answer: C
Explanation
Resource pools allow the creation of a hierarchy of virtual machine groups that can have different
administrative privileges assigned to them.
A, B, and D are incorrect. Quotas are employed to limit the capacity of a resource, CPU affinity is used to
isolate specific threads or processes to one processor core, and licensing has to do with the acceptable use
of software or hardware resources.
Optimizing Performance
QUESTION 576
Which tool allows guest operating systems to share noncritical memory pages with the host?
A. CPU affinity
B. Memory ballooning
C. Swap file configuration
D. Network attached storage
Correct Answer: B
Explanation
Memory ballooning allows guest operating systems to share noncritical memory pages with the host.
A, C, and D are incorrect. CPU affinity is used to isolate specific threads or processes to one processor
core. Swap file configuration is the configuration of a specific file to emulate memory pages as an overflow
for physical RAM. Network attached storage is a disk resource that is accessed across a network.
QUESTION 577
Which of these options is not a valid mechanism for improving disk performance?
A. Replacing rotational media with solid state media
B. Replacing rotational media with higher-speed rotational media
C. Decreasing disk quotas
D. Employing a different configuration for the RAID array
Correct Answer: C
Explanation
Decreasing disk quotas helps with capacity issues, but not with performance.
A, B, and D are incorrect. Changing from rotational to solid state media increases performance since it
eliminates the dependency on the mechanical seek arm to read or write. Upgrading rotational media to
higher rotational speed also speeds up both read and write operations. Changing the configuration of the
array to a different RAID level can also have a dramatic effect on performance.
Policies and Procedures
QUESTION 578
Which of the following defines the rule sets by which users and administrators must abide?
A. Procedures
C. Policies
D. Trending
Correct Answer: C
Explanation
Policies are defined as rule sets by which users and administrators must abide.
A, B, and D are incorrect. Procedures are prescribed methodologies by which activities are carried out in
the IT environment according to defined policies; change management is the process of making changes to
the IT environment from its design phase to its operations phase in the least impactful way; and trending is
the pattern of measurements over the course of multiple time periods.
QUESTION 579
Which of the following are objectives of change management?
A. Maximize business value
B. Ensure that all proposed changes are both evaluated and recorded
C. Identify configuration items (CIs)
D. Optimize overall business risk
Correct Answer: ABD

Explanation
Maximizing business value, ensuring that all changes are evaluated and recorded, and optimizing business
risk are all objectives of change management.
C is incorrect. Identification of configuration items is an objective of the configuration management
process.
QUESTION 580
Which of the following are objectives of configuration management?
A. Protect the integrity of CIs
B. Evaluate performance of all CIs
C. Maintain information about the state of all CIs
D. Maintain an accurate and complete CMS
Correct Answer: ACD

Explanation
The objectives of configuration management are identifying CIs, controlling CIs, protecting the integrity of
CIs, maintaining an accurate and complete CMS, and providing accurate configuration information when
needed.
B is incorrect. Evaluation of the performance of specific CIs is the responsibility of service operations, not
configuration management.
QUESTION 581
Which of the following terms best describes life cycle management?
A. Baseline
B. Finite
C. Linear
D. Continuum
Correct Answer: D
Explanation
Life cycle management is a continuum with feedback loops going back into itself to enable better
management and continual improvement.
A, B, and C are incorrect. Baselines are utilized for measurement but are not cyclical. By definition the word
“finite” implies that there is an ending, and life cycle management has no ends since it is continually
improving. Linear does not fit because there are many feedback loops and it doesn’t always progress
forward; rather, it frequently circles back.
QUESTION 582
Capacity management has responsibility for ensuring that the capacity of the IT service is optimally
matched to what?
A. Demand
B. Future trends
C. Procedures
D. Availability
Correct Answer: A
Explanation
Capacity management’s primary objective is to ensure that the capacity of an IT service is optimally
matched with its demand. Capacity should be planned to meet agreed upon levels, no higher and no lower.
Because controlling costs are a component of capacity management, designs that incorporate too much
capacity are just as bad as designs that incorporate too little capacity.
B, C, and D are incorrect. Future trends are extrapolations made from trending data captured in operations.
They provide inputs into capacity and availability planning but are not a good description for the entire life
cycle. Procedures are predefined sets of activities that resources utilize to carry out defined policies.
Availability is the ability of a configuration item to perform its defined functions when required.
QUESTION 583
What is the desired end result of life cycle management?
A. CAB
B. Continual service improvement
C. Service strategy
D. Service operation
Correct Answer: B
Explanation
The end result of each cycle within life cycle management is to identify opportunities for improvement that
can be incorporated into the service to make it more efficient, effective, and profitable.
A, C, and D are incorrect. CABs are utilized for the evaluation of a proposed change. Service strategy and
service operation are both phases in the life cycle.
QUESTION 584
Dieter is a systems administrator in an enterprise IT organization. The servers he is responsible for have
recently been the target of a malicious exploit, and the vendor has released a patch to protect against this
threat. If Dieter would like to deploy this patch to his servers right away without waiting for the weekly
change approval board meeting, what should he request to be convened?
A. ECAB
B. Maintenance window
C. Service improvement opportunity
D. CAB
Correct Answer: A
Explanation
Dieter would want to convene an emergency change advisory board (ECAB). The ECAB follows the same
procedures that a CAB follows in the evaluation of a change; it is just a subset of the stakeholders that
would usually convene for the review. Because of the urgency for implementation, convening a smaller
group assists in expediting the process.
B, C and D are incorrect. A maintenance window is an agreed upon, predefined time period during which
service interruptions are least impactful to the business. The requested change may or may not take place
during that time frame based on the urgency of the issue. Service improvement opportunities are suggested
changes that are logged in the service improvement register to be evaluated and implemented during the
next iteration of the life cycle. Life cycle iterations do not happen quickly enough for an emergency change
to be considered even as a short-term service improvement item. CAB is close to the right answer, but
based on the urgency of this request, Dieter likely could not wait for the next scheduled CAB meeting to
take place before he needed to take action. The risk of waiting would be greater than the risk of deploying
before the CAB convenes.
Systems Management Best Practices
QUESTION 585
What is the most important output from the service design phase?
A. CMDB
B. Service design package
C. CMS
D. Service portfolio
Correct Answer: B
Explanation
The most important piece of documentation produced in the service design phase is the service design
package (SDP), which includes documentation of the organization’s technical solutions, support processes,
and service level agreements (SLAs). The service design package is utilized as the primary input for the
service transition phase, which is when those services begin to produce value for the customer.
A, C, and D are incorrect. The configuration management database (CMDB) and the configuration
management (CMS) are both utilized in the service transition phase, not the service design phase. The
service portfolio is the key piece of documentation produced in the service strategy phase.
QUESTION 586
Which three items should be baselined for any IT service?
A. Performance
B. Maintenance
C. Availability
D. Capacity
Correct Answer: ACD

Explanation
Establishing baselines for performance, availability, and capacity is an important part of standardization
practice. These baselines are significant for ensuring proof of compliance and fulfillment of service level
agreements.
B is incorrect. Maintenance is an activity that is performed in order to prevent changes to the baseline state
of a CI. It does not itself need to be baselined.
QUESTION 587
When should maintenance windows be scheduled?
A. In the morning
B. In the evening
C. On weekends
D. When they will least impact their customers
Correct Answer: D
Explanation
A maintenance window is an agreed upon, predefined time period during which service interruptions are
least impactful to the business. This could fall at any time, and depends on the patterns of business activity
for that particular entity.
A, B, and C are incorrect. An IT organization should not define mornings, evenings, or weekends as
maintenance windows without first validating that time frame with its customers and making certain that it
falls during a period when business activity would least be affected by a service outage.
QUESTION 588
Dividing tasks and privileges required to perform a specific IT process among a number of administrators
instead of a single administrator would be defined as which of the following?
A. Penetration testing
B. Vulnerability assessment
D. Virtualization
Correct Answer: C
Explanation
Separation of duties is the process of segregating specific duties and dividing the tasks and privileges
required for a specific security process among multiple administrators.
A, B, and D are incorrect. A penetration test is the process of evaluating the security of the cloud
environment by simulating an attack on that environment from external and internal threats. A vulnerability
assessment looks at the potential impact of a successful attack as well as the vulnerability of the
environment. Virtualization is the process of creating a virtual version of a device or component, such as a
server, switch, or storage device.
QUESTION 589
Which configuration test measures the amount of time between a networked device’s request for data and
the network’s response?
A. Network bandwidth
B. Network latency
C. Application availability
D. Load balancing
Correct Answer: B
Explanation
Testing network latency measures the amount of time between a networked device’s request for data and
the network’s response. Testing network latency helps an administrator determine when a network is not
performing at an optimal level.
A, C, and D are incorrect. Network bandwidth is the measure of throughput and is impacted by latency.
Application availability is something that needs to be measured to determine the uptime for the application.
Load balancing allows you to distribute HTTP requests across multiple servers.
Troubleshooting and Tools
QUESTION 590
Which of the following command-line tools allows for the display of all active network connections and
network protocol statistics?
A. Netstat
B. Ping
C. Traceroute
D. Ifconfig
Correct Answer: A
Explanation
The netstat command can be used to display protocol statistics and all of the currently active TCP/IP
network connections, along with Ethernet statistics.
B, C, and D are incorrect. The ping utility is used to troubleshoot the reachability of a host on an IP network.
Traceroute is a network troubleshooting tool that is used to determine the path that an IP packet has to take
to reach a destination. Ifconfig is used to configure the TCP/IP network interface from the command line.
QUESTION 591
You need to verify the TCP/IP configuration settings of a network adapter on a virtual machine running
Microsoft Windows. Which of the following tools should you use?
A. Ping
B. ARP
C. Tracert
D. Ipconfig
Correct Answer: D
Explanation
Ipconfig is a Microsoft Windows command that displays the current TCP/IP network configuration settings
for a network interface.
A, B, and C are incorrect. The ping utility is used to troubleshoot the reachability of a host on an IP network.
ARP resolves an IP address to a physical address or MAC address. Tracert is a Microsoft Windows
network troubleshooting tool that is used to determine the path that an IP packet has to take to reach a
destination.
QUESTION 592
Which of the following tools can be used to verify if a host is available on the network?
A. Ping
B. ARP
C. Ipconfig
D. Ifconfig
Correct Answer: A
Explanation
The ping utility is used to troubleshoot the reachability of a host on an IP network. Ping sends an Internet
control message protocol (ICMP) echo request packet to a specified IP address or host and waits for an
ICMP reply.
B, C, and D are incorrect. ARP resolves an IP address to a physical address or MAC address. Ifconfig and
ipconfig display the current TCP/IP network configuration settings for a network interface.
QUESTION 593
Which tool allows you to query the domain name system to obtain domain name or IP address mappings
for a specified DNS record?
A. Ping
B. Ipconfig
C. Nslookup
D. Route
Correct Answer: C
Explanation
Using the nslookup command, it is possible to query the domain name system to obtain domain name or IP
address mappings for a specified DNS record.
A, B, and D are incorrect. The ping utility is used to troubleshoot the reachability of a host on an IP network.
The ipconfig command displays the current TCP/IP network configuration settings for a network interface.
The route command can view and manipulate the TCP/IP routing tables of operating systems.
QUESTION 594
Users are complaining that an application is taking longer than normal to load. You need to troubleshoot
why the application is experiencing startup issues. You want to gather detailed information while the
application is loading. What should you enable?
A. System logs
B. Verbose logging
C. Telnet
D. ARP
Correct Answer: B
Explanation
Verbose logging records more detailed information than standard logging and is recommended to
troubleshoot a specific problem.
A, C, and D are incorrect. System log files can store a variety of information, including device changes,
device drivers, system changes, and events, but would not provide detailed information on a particular
application. ARP resolves an IP address to a physical address or MAC address. Telnet allows a user to
connect to another computer and enter commands and the commands are executed as if they were
entered directly on the server console.
QUESTION 595
You need a way to remotely execute commands against a server that is located on the internal network.
Which tool can be used to accomplish this objective?
A. Ping
B. Dig
C. Traceroute
D. Telnet
Correct Answer: D
Explanation
Telnet allows you to connect to another computer and enter commands via the telnet program. The
commands will be executed as if you were entering them directly on the server console.
A, B, and C are incorrect. The ping utility is used to troubleshoot the reachability of a host on an IP network.
The dig command can be used to query domain name servers and can operate in interactive command-line
mode or batch query mode. Traceroute is a network troubleshooting tool that is used to determine the path
that an IP packet has to take to reach a destination.
QUESTION 596
You need to modify a routing table and create a static route. Which command-line tool can you use to
accomplish this task?
A. Ping
B. Traceroute
C. Route
D. Host
Correct Answer: C
Explanation
You can use the route command to view and manipulate the TCP/IP routing tables and create static
routes.
A, B, and D are incorrect. The ping utility is used to troubleshoot the reachability of a host on an IP network.
Traceroute is a network troubleshooting tool that is used to determine the path that an IP packet has to take
to reach a destination. The host utility can be used to perform DNS lookups.
Network Security: Best Practices
QUESTION 597
Which best practice configures host computers so that they are not vulnerable to attack?
A. Vulnerability assessment
B. Penetration test
C. Hardening
D. PKI
Correct Answer: C
Explanation
Hardening configures systems such that they are protected from compromise.
A, B, and D are incorrect. While vulnerability assessments identify security problems, they do not correct
them. Penetration tests simulate an attack, but do not configure machines to be protected from such
attacks. PKI is a hierarchy of trusted security certificates; it does not address configuration issues.
QUESTION 598
Which type of test simulates a network attack?
A. Vulnerability assessment
B. Establishing an attack baseline
C. Hardening
D. Penetration test
Correct Answer: D
Explanation
Penetration tests simulate a network attack.

A, B, and C are incorrect. Vulnerability assessments identify weaknesses but do not perform simulated
network attacks. While establishing a usage baseline is valid, establishing an attack baseline is not.
Hardening is the process of configuring a system to make it less vulnerable to attack; it does not simulate
such attacks.
QUESTION 599
You have been asked to harden a crucial network router. What should you do? (Choose two.)
A. Disable the routing of IPv6 packets
B. Change the default administrative password
C. Apply firmware patches
D. Configure the router for SSO
Correct Answer: BC
Explanation
Changing the default passwords and applying patches are important steps in hardening a device.
A and D are incorrect. Without more information, disabling IPv6 packet routing does not harden a router,
nor does configuring it for SSO.
Data Security
QUESTION 600
You are invited to join an IT meeting where the merits and pitfalls of cloud computing are being debated.
Your manager conveys her concerns of data confidentiality for cloud storage. What can be done to secure
data stored in the cloud?
A. Encrypt the data
B. Digitally sign the data
C. Use a stream cipher
D. Change default passwords
Correct Answer: A
Explanation
Encrypting data at rest protects the data from those not in possession of a decryption key.
B, C, and D are incorrect. Digital signatures verify data authenticity, but they don’t deal with the question of
confidentiality. Stream ciphers are best used for unpredictable variable-length network transmissions; a
block cipher would be better suited for file encryption. While changing default passwords is always relevant,
it does nothing to address the concern about data confidentiality.
QUESTION 601
Which of the following works best to encrypt variable-length data?
A. Block cipher
B. Symmetric cipher
C. Asymmetric cipher
D. Stream cipher
Correct Answer: D
Explanation
Stream ciphers encrypt data, usually a bit at a time, so this works well for data that is not a fixed length.
A, B, and C are incorrect. Symmetric and asymmetric ciphers do not apply in this context. Block ciphers are
generally better suited for data blocks of fixed length.
QUESTION 602
With PKI, which key is used to validate a digital signature?
A. Private key
B. Public key
C. Secret key
D. Signing key
Correct Answer: B
Explanation
The public key of the signer is used to validate a digital signature.

A, C, and D are incorrect. Private keys create, and don’t validate, digital signatures. A secret key is
synonymous with an asymmetric key; PKI is implied when discussing signatures. Signing keys, as they are
sometimes called, digitally sign data.
QUESTION 603
Which of the following is related to nonrepudiation?
A. Block cipher
B. PKI
C. Symmetric encryption
D. Stream cipher
Correct Answer: B
Explanation
PKI is related to nonrepudiation, which means that a verified digital signature proves the message came
from the listed party.
This is true because only the private key of the signing party could have created the validated signature.
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys,
enabling users and computers to both securely exchange data over networks such as the Internet and
verify the identity of the other party.
A, C, and D are incorrect. Block ciphers and stream ciphers are not related to nonrepudiation; they are
types of encryption methods.
Symmetric encryption excludes the possibility of a PKI, and PKI relates to nonrepudiation.
QUESTION 604
Sean configures a web application to allow content managers to upload files to the website.
What type of access control model is Sean using?
A. DAC
B. MAC
C. RBAC
Correct Answer: C
Explanation
Sean is using a role (content managers) to control who can upload files to the website.
This is role-based access control (RBAC).
A and B are incorrect. DAC allows data owners to grant permissions to users.
MAC uses data classification and other attributes so that computer systems can determine who should
have access to what.
QUESTION 605
You are the administrator of a Windows network.
When creating a new user account, you specify a security clearance level of top secret so that the user can
access classified files. What type of access control method is being used?
A. DAC
B. MAC
C. RBAC
Correct Answer: B
Explanation
Mandatory access control (MAC) uses attributes (such as “top secret”) that enable computer systems to
determine who should have access to what.
A and C are incorrect. DAC allows data owners to grant permissions to users. RBAC uses groups and roles
so that their members inherit permissions to resources.
QUESTION 606
True or False. DAC is suitable for large organizations.
A. True
B. False
Correct Answer: B
Explanation
False. Discretionary access control (DAC) allows data owners, at their discretion, to grant permissions to
users, but this is only viable with a small number of users.
A is incorrect because DAC is not suitable for large organizations. RBAC, which uses groups and roles so
that their members inherit permissions to resources, is better suited for large organizations.
QUESTION 607
Which of the following would be considered a cold site?
A. A site with no heating system
B. A site that has a replication enabled
C. A site that is fully functional and staffed
D. A site that provides only network connectivity and a physical location
Correct Answer: D
Explanation
A cold site does not include any backup copies of data from the organization’s original data center.
When an organization implements a cold site, they do not have readily available hardware at the site; it only
includes the physical space and network connectivity for recovery operations and it is the organization’s
responsibility to provide the hardware.
A, B, and C are incorrect. A site that has replication enabled would not be considered a cold site. Also, a
cold site would not be fully functional and staffed.
A cold backup site is little more than an appropriately configured space in a building.
Everything required to restore service to your users must be procured and delivered to the site before the
process of recovery can begin.
As you can imagine, the delay going from a cold backup site to full operation can be substantial.
Cold backup sites are the least expensive sites.
A warm backup site is already stocked with hardware representing a reasonable facsimile of that found in
your data center.
To restore service, the last backups from your off-site storage facility must be delivered, and bare metal
restoration completed, before the real work of recovery can begin.
Hot backup sites have a virtual mirror image of your current data center, with all systems configured and
waiting only for the last backups of your user data from your off-site storage facility. As you can imagine, a
hot backup site can often be brought up to full production in no more than a few hours.
A hot backup site is the most expensive approach to disaster recovery.
QUESTION 608
You are designing a disaster recovery plan that includes a multisite configuration. The backup site must
include all necessary hardware and current backups of the original site. Which type of site do you need to
design?
A. Cold site
B. Warm site
C. Hot site
D. Virtual site
Correct Answer: C
Explanation
A hot site is a duplicate of the original site of the organization and has readily available hardware and a
near-complete backup of the organization’s data. A hot site can contain a real-time synchronization
between the original site and the backup site and can be used to completely mirror the organization’s
original data center.
A, B, and D are incorrect. A cold site does not include any backup copies of data from the organization’s
original data center. A warm site is a combination of a cold site and a hot site and would not include a
current backup of the original site.
QUESTION 609
Which of the following is a documented set of procedures that defines how an organization recovers and
protects their IT infrastructure in the event of a disaster?
A. MTBF
B. MTTR
C. RPO
D. DRP
Correct Answer: D
Explanation
A DRP (disaster recovery plan) describes how an organization is going to deal with recovery in the event of
a disaster.
A, B, and C are incorrect. MTBF is the average time a hardware component will function before failing,
usually measured in hours. MTTR is the average time it takes to repair a hardware component. RPO is the
maximum amount of time that data might be lost due to a disaster.
QUESTION 610
Which term is used to describe the maximum amount of time that a system can be down after a failure or a
disaster occurs?
A. RPO
B. RTO
C. BCP
D. MTBF
Correct Answer: B
Explanation
RTO (recovery time objective) is the maximum amount of time a system can be down after a failure or
disaster.
A, C, and D are incorrect. RPO is the maximum amount of time that data might be lost due to a disaster. A
BCP is a documented set of procedures and information about the organization that is collected and
maintained so that the organization can continue operations in the event of a disaster. MTBF is the average
time a hardware component will function before failing, usually measured in hours.
QUESTION 611
An organization recently had a disaster and the data center failed over to the backup site. The original data
center has been restored and the administrator needs to migrate the organization back to the primary data
center. What process is the administrator performing?
A. Failover
B. Failback
C. DRP
D. RTO
Correct Answer: B
Explanation
Failback is the process of switching back to the primary site after the environment has been shifted to the
backup site.
A, C, and D are incorrect. Failover is the process of switching to a redundant system upon failure of the
primary system. A DRP is a documented set of procedures that defines how an organization can recover
and protect their IT infrastructure in the event of a disaster. RTO is the maximum amount of time a system
can be down after a failure or disaster.
QUESTION 612
Which of the following backup processes needs the last backup and all additional backups since that
backup to perform a restore?
A. Incremental
B. Differential
C. Full
D. Image
Correct Answer: A
Explanation
An incremental backup backs up the files that have changed since the last full or incremental backup and
requires all incremental backups to perform a restore.
B, C, and D are incorrect. A differential backup backs up all files that have changed since the last full
backup and requires the latest differential and the last full backup to perform a restore. A full backup is a
starting point for incremental and differential backups that can be restored independently and contains all
the information on the hard disk. An image is an exact copy of a system at the time the image was taken.
QUESTION 613
Which of the following backups could be restored without any additional backups?
A. Incremental
B. Differential
C. Full
D. Image
Correct Answer: C
Explanation
A full backup backs up the entire system, including everything on the hard drive. It does not require any
additional backups to perform a restore.
A, B, and D are incorrect. An incremental backup backs up the files that have changed since the last full or
incremental backup and requires all incremental backups to perform a restore. A differential backup backs
up all files that have changed since the last full backup and requires the last differential and the last full
backup to perform a restore. An image is just an exact copy of a system at the time the image was taken.
QUESTION 614
What is the easiest method for an administrator to capture the state of a virtual machine at a specific point
in time?
A. Backup
B. Snapshot
C. Image
D. Clone
Correct Answer: B
Explanation
Snapshots can be used capture the state of a virtual machine at a specific point in time. They can contain a
copy of current disk state as well as memory state.
A, C, and D are incorrect. A backup could be used to capture the state of a virtual machine if the
administrator used a full backup, but the process takes considerably more time to complete than a
snapshot and would not be the easiest method. An image is an exact copy of a system at the time the
image was taken and would take a considerable amount of time. A clone would copy the entire contents of
a disk to another disk but again would take a considerable amount of time, whereas a snapshot takes only
a few seconds or minutes to complete.
QUESTION 615
Which of the following processes allows a system to automatically switch to a redundant system in the
event of a disaster at the primary site?
A. Failback
B. DRP
C. Failover
D. Redundancy
Correct Answer: C
Explanation
Failover is the process of switching to a redundant system upon failure of the primary system.
A, B, and D are incorrect. Failback is the process of switching back to the primary site after the
environment has been shifted to the backup site. A DRP is a documented set of procedures that defines
how an organization can recover and protect their IT infrastructure in the event of a disaster. Redundancy is
used to protect a primary system from failure by performing the operations of a backup system.
High Availability
QUESTION 616
You have been tasked with distributing incoming HTTP requests to multiple servers in a server farm. Which
of the following is the easiest way to achieve that goal?
A. Mirror site
B. Fault tolerance
C. Redundancy
D. Load balancing
Correct Answer: D
Explanation
Load balancing distributes workloads across multiple computers to optimize resources and throughput and
to prevent a single device from being overwhelmed.
A, B, and C are incorrect. A mirror site is a duplicate website used to provide improved performance and
reduce network traffic. Fault tolerance involves adding multiple hardware components to the system so it
can continue to function in the event of a single component failure. Redundancy is used to protect a primary
system from failure by performing the operations of a backup system. None of these options deals with
balanced distribution of workloads.
QUESTION 617
When replicating data in a multisite configuration from the primary site to a backup site, which form of
synchronization requires the system to wait before proceeding with the next data write?
B. Synchronous replication
C. Failover
D. Mirror site
Correct Answer: B
Explanation
Synchronous replication replicates information over a network to a secondary device where the system
must wait for the replication to copy the data to the secondary device before proceeding.
A, C, and D are incorrect. Asynchronous replication replicates information over a network to secondary
devices where the system is not required to wait for the replication to copy the data to the secondary device
before proceeding. Failover is the process of switching to a redundant system upon failure of the primary
system. A mirror site is a duplicate website used to provide improved performance and reduce network
traffic.
QUESTION 618
Which of the following terms can be used to describe a system that is location independent and provides
failover?
A. Clustering
B. Load balancing
C. Geoclustering
D. Failover
Correct Answer: C
Explanation
Geoclustering uses multiple redundant systems that are located in different geographical locations to
provide failover and yet appear as a single highly available system.
A, B, and D are incorrect. Clustering connects computers together over a LAN, whereas geoclustering
enables connections over a WAN. Load balancing distributes workloads across multiple computers to
optimize resources and throughput and to prevent a single device from being overwhelmed. Failover is the
process of switching to a redundant system upon failure of the primary system.
QUESTION 619
1 What RAID type does not use parity and stores block data on multiple drives?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 6
Correct Answer: A
Explanation
RAID 0 does not use parity and stores data on multiple disks.
QUESTION 620
2 What is a common file structure found on Windows-based servers?
A. EXT
B. NTFS
C. EXT
D. VMFS
Correct Answer: B
Explanation
New Technology File System was developed for the Windows operating system.
QUESTION 621
3 What is used for out-of-band to access a Windows server?
A. IPMI
B. WMI
C. SSH
D. SWMP
Correct Answer: B
Explanation
The Windows Management Instrumentation Interface is an out-of-band method to manage Microsoft

Windows servers.
QUESTION 622
4 What refers to the maximum amount of lost data that can be tolerated in a disaster recovery scenario?
A. RTO
B. MTTR
C. MTBF
D. RPO
Correct Answer: D
Explanation
The recovery point object is the last point of known good data and is a measurement of data lost in a
disaster.
QUESTION 623
5 What protocol is used in a multipath storage implementation?
A. iSCSI
B. Fibre Channel
C. FCoE
D. NTFS
Correct Answer: B
Explanation
Multipath storage is an enhancement to a SAN that runs the Fibre Channel protocol.
QUESTION 624
6 To reduce the number of servers in a datacenter, which migration should be performed?
A. P2P
B. V2P
C. P2V
D. V2V
Correct Answer: C
Explanation
A physical-to-virtual server migration will allow multiple systems to run on a single bare-metal server, which
reduces the number of physical serves in a datacenter.
QUESTION 625
7 Your company has two cloud datacenters; one experiences an outage. However, the second datacenter
immediately takes over operations. What type of disaster recovery is this?
A. Warm site
B. Synchronous replication
C. Hot site
D. VM migration
Correct Answer: C
Explanation
A hot site has current data and a fully operational mirror of the primary site and can assume nearly
instantaneous operation should the primary go offline.
QUESTION 626
8 Vulnerabilities in applications and operating systems can be reduced by implementing what?
A. Cluster technology
B. Vertical scaling
C. ITMI
D. Patching
Correct Answer: D
Explanation
Regular patching of operating systems and applications can reduce your exposure to vulnerabilities.
QUESTION 627
9 You are required to enter a password and a token ID when signing into your cloud servers; what type of
authentication is this?
A. ACL
B. SSO
C. LDAP
D. Multifactor
Correct Answer: D
Explanation
Multifactor authentication requires two or more authentication types to log into a system.
QUESTION 628
10 What virtual services device provides Layer 2 support between networks in a virtualized cloud
deployment?
A. Virtual load balancer
B. Virtual router
C. Virtual switch
D. Virtual firewall
Correct Answer: C
Explanation
The vSwitch is a software implementation of a physical Layer 2 Ethernet switch and is commonly the
interconnection from a VM to the physical network.
QUESTION 629
11 Fibre Channel is used on what type of storage deployment?
A. NAS
B. SAN
C. DAS
D. iSCSI
Correct Answer: B
Explanation
The storage area network is supported by the Fibre Channel protocol.
QUESTION 630
12 When investigating a file corruption problem on a storage array, what should be checked first?
A. HBA
B. VSAN
C. Log files
D. LUN masking
Correct Answer: C
Explanation
Reviewing the log files when troubleshooting any issue is a good first step to determine where the problem
resides.
QUESTION 631
13 You plan on migrating from a vendor’s proprietary hypervisor to an open source solution. What type of
migration would need to be performed during testing?
A. V2V
B. V2P
C. P2V
D. Horizontal
Correct Answer: A
Explanation
A virtual-to-virtual machine migration would be required in this scenario.
QUESTION 632
14 A network encompassing the cloud datacenter is often referred to as a what?
A. MAN
B. WAN
C. LAN
D. SAN
Correct Answer: C
Explanation
A local area network is a high-speed data network encompassing a small geographical area such as a
building or datacenter.
QUESTION 633
15 Network delays accessing remote sites increase when Internet traffic is at a peak; what can be done to
correct the issue?
A. Decrease latency
B. Implement link aggregation
C. Increase bandwidth
D. Configure quality of service
Correct Answer: C
Explanation
The only long-term and effective method to correct network delays from saturated links is to increase the
bandwidth.
QUESTION 634
16 The process of mapping storage imitators to targets is referred to as?
A. Zoning
B. ACL
C. QOS
D. VSAN
Correct Answer: A
Explanation
SAN zoning is the mapping of the storage target and initiator for security and to prevent data integrity.
QUESTION 635
17 What process tracks servers from its initial deployment until it is removed from service?
C. CMDB
D. Configuration management
Correct Answer: B
Explanation
The life-cycle management process is the master record of a piece of equipment that tracks its deployment
from initial installation until the time it is decommissioned.
QUESTION 636
18 What remote access technology allows you to use a graphical interface with a mouse?
A. Console port
B. RDP
C. IPMI
D. SSH
Correct Answer: B
Explanation
Remote Desktop Protocol is a remote access technology that uses a graphical interface with a mouse.
QUESTION 637
19 A Type 1 hypervisor is identified by what characteristic?
A. Proprietary
B. Uses a bare-metal server
C. Open source
D. Runs on top of an operating system
Correct Answer: B
Explanation
A Type 1 hypervisor runs directly on top of a bare-metal server.
QUESTION 638
20 What cloud service offers computing resources only?
A. IaaS
B. PaaS
C. SaaS
D. XaaS
Correct Answer: A
Explanation
Infrastructure as a Service is a cloud service that is based on a computing platform offering.
QUESTION 639
21 Which drive type offers low latency for intensive read/write operations?
A. SAS
B. FC
C. SCSI
D. SSD
Correct Answer: D
Explanation
Solid-state drives offer low latency because they do not have a spinning mechanical disk.
QUESTION 640
22 Two load balancers are connected in a cluster for redundancy with both sharing the load; what is this
configuration called?
A. Hot site
B. Active-active
C. MPIO
D. Active-passive
Correct Answer: B
Explanation
When two devices are in a cluster sharing the workload, it is known as an active-active configuration.
QUESTION 641
23 What protocol uses port 53 as its default?
A. SSH
B. BGP
C. SSL
D. DNS
Correct Answer: D
Explanation
Domain name services use port 53 as the default.
QUESTION 642
24 The storage administrator allocates a 50 GB volume for a newly installed VM. What did the administrator
just create?
A. LUN
B. VSAN
C. DAS
D. VMFS
Correct Answer: A
Explanation
The storage administrator created a logical store unit on the controller to be used by the new virtual server.
QUESTION 643
25 All networking devices and servers in the cloud provider’s datacenter can send ongoing informational
data to what standard type of data collection server?
A. Trap
B. Syslog
C. Splunk
D. Snmp
Correct Answer: B
Explanation
The syslog server is the standard server type to collect logging information from many devices into a central
location.
QUESTION 644
26 Which cloud deployment model requires the customer to install their own hosts?
A. PaaS
B. IaaS
C. SaaS
D. CaaS
Correct Answer: B
Explanation
Infrastructure as a Service does not include the cloud service provider supplying the operating system
software.
QUESTION 645
27 What cloud service delivery model utilizes a company’s privately owned datacenter and a cloud
provider’s services?
A. Community
B. Private
C. Hybrid
D. Public
Correct Answer: C
Explanation
When more than one cloud service delivery type is utilized, it is an example of a hybrid cloud model.
QUESTION 646
28 A server’s network configuration is 172.16.20.133/24. What is the subnet mask?
A. 255.255.255.128
B. 255.255.255.0
C. 255.255.255.192
D. 255.255.64.0
Correct Answer: B
Explanation
A 24-bit subnet mask translates to 255.255.255.0.
QUESTION 647
29 A web application running in the cloud would be an example of what type of service?
A. IaaS
B. PaaS
C. SaaS
D. CaaS
Correct Answer: C
Explanation
A cloud provider offering web services would be an example of the Software as a Service cloud service
model.
QUESTION 648
30 The ARP request resolves the IP address to which of the following?
A. DHCP
B. netstat
C. MAC
D. World Wide Name
Correct Answer: C
Explanation
Address resolution resolves a logical IP address to a physical MAC address.
QUESTION 649
31 A data-intensive application is experiencing a slowdown is outside of its baseline measurements; what
could be causing the performance degradation?
A. Bursting
B. SAN retransmissions
C. Latency
D. Buffering
Correct Answer: C
Explanation
Disk latency can cause a slowdown in application performance. If the latency is outside of the benchmark
measurements in the baseline, then application performance issues can arise.
QUESTION 650
32 Two companies are collaborating on a project and sharing cloud-based applications. What solution will
allow them to share a common authentication and account attribute systems while maintaining their own
internal directory information secure?
A. Single sign-on
B. Federation
C. Two-factor authentication
D. Role based
Correct Answer: B
Explanation
Using the federation authentication approach can allow the required conditions in the question to be met.
QUESTION 651
33 What remote data transfer protocol is used to transmit sensitive data across the Internet?
A. SSH
B. HTTP
C. SFTP
D. TFTP
Correct Answer: C
Explanation
The Secure File Transfer Protocol is used to transfer encrypted files over the Internet.
QUESTION 652
34 Certificate management is implemented using what?
A. SNMP
B. PKI
C. IPsec
D. AES
Correct Answer: B
Explanation
A public key infrastructure is used for creating and managing security keys.
QUESTION 653
35 What should be checked before installing VMs on new server hardware?
A. HCL
B. IOPS
C. HPV`
D. CMDB
Correct Answer: A
Explanation
The server’s hardware compatibility list should be consulted for hypervisor compatibility information.
QUESTION 654
36 What can be disabled to prevent remote access to a system?
A. SMTP
B. DHCP
C. TCP/IP
D. SSH
Correct Answer: D
Explanation
Secure Shell provides command-line access to a remove device and should be disabled on devices that
need to be secured from remote access.
QUESTION 655
37 What can be implemented in the network to logically separate traffic?
A. HSRP
B. RIP`
C. LACP
D. VLAN
Correct Answer: D
Explanation
Virtual LANs can be configured on Ethernet switches to logically separate groups of users.
QUESTION 656
38 What is a recommended process to determine the need for patches to be installed on a server?
B. Penetration testing
C. Risk assessment
D. IDS/IPS logs
Correct Answer: C
Explanation
A risk assessment should be performed to determine the need and criticality of patches to be installed on a
server.
QUESTION 657
39 Which storage technology provides file-based access?
A. Fibre Channel
B. SCSI
C. SAN
D. NAS
Correct Answer: D
Explanation
Network attached storage is a file-based technology.
QUESTION 658
40 What is the best solution to minimize the impact of the loss of your primary datacenter?
A. Remote backups
B. Hot site
C. Horizontal scaling
D. Warm site
Correct Answer: B
Explanation
A hot site implementation offers the fastest restore time objective of all the solutions should the primary
location fail and a remote site must assume operations.
QUESTION 659
41 If one VM running on a hypervisor is consuming excess CPU cycles and causing performance issues for
the other VMs, what is a way to remedy this situation?
A. I/O throttling
B. Link aggregation
C. Install the VM on a new host
Correct Answer: C
Explanation
If the host server does not have the CPU resources for the VMs it is hosting, the VM should be moved to a
server with additional CPU resources.
QUESTION 660
42 When migrating to a cloud-based mail service, what authentication technique will cause the least
disruption?
A. Discretionary access
B. Multifactor
C. Single sign-on
D. Federation based
Correct Answer: C
Explanation
A single sign-on approach is the least disruptive since it allows the users to sign in one time and access
multiple applications and services.
QUESTION 661
43 What is a common protocol used to securely transmit data to the cloud from a remote site?
A. HTTP
B. SMTP
C. SFTP
D. SMNP
Correct Answer: C
Explanation
The Secure File Transfer Protocol provides for the encryption and transfer of data to the cloud from a
remote location.
QUESTION 662
44 When implementing a converged network fabric in the cloud datacenter, what protocol is used to
transfer storage data?
A. SCSI
B. Fibre channel
C. FCoE
D. WWN
Correct Answer: C
Explanation
Fibre Channel over Ethernet is used to transfer storage data over a converged Ethernet switching fabric.
QUESTION 663
45 What is the most effective way to measure changes in network activity over time?
A. NMaaS
B. Deviations
C. Baseline
D. SNMP
Correct Answer: C
Explanation
Baseline measurements should be taken and recorded to determine what is considered normal network
traffic and used as a reference for changes in network activity.
QUESTION 664
46 Your web server’s CPU spikes and a large amount of TCP requests are directed toward the server.
What is this a symptom of?
A. Obfuscation
C. Intrusion detection
D. SNMP
Correct Answer: B
Explanation
A denial-of-service attack will target a web service with a large amount of TCP/IP traffic to overwhelm it and
shut it down.
QUESTION 665
47 What is the best method of keeping copies of VM states when they are active?
A. Cloning
B. Snapshot
C. Replication
D. V2V
Correct Answer: B
Explanation
The snapshot approach is nondisruptive and is a backup of the virtual machines at the time the snapshot
was taken.
QUESTION 666
48 Hosting an instant messaging application in the cloud is an example of what type of cloud service?
A. IaaS
B. SaaS
C. CaaS
D. PaaS
Correct Answer: C
Explanation
This would best be described as a Communications as a Service offering.
QUESTION 667
49 You want to optimize your Internet-facing web servers. What solution would use the round-robin
approach?
A. IDS
B. IPS
C. Load balancing
Correct Answer: C
Explanation
A load balancer is used to optimize web services and uses many metrics, including round-robin.
QUESTION 668
50 When creating a new VM template for deployment, you are asked to harden the OS; what would be a
step in accomplishing this?
A. Implement zoning
B. Create ACLs
C. Change the admin/root account
D. Configure failback
Correct Answer: C
Explanation
Changing the default login is a step in hardening a guest OS.
QUESTION 669
51 What term describes a copy of data?
A. Replica
B. HA
C. Metadata
D. Multipath
Correct Answer: A
Explanation
A replica is a copy of existing data.
QUESTION 670
52 When a group of VMs are grouped together to share memory resources, it is an example of which of the
following?
A. Scaling
B. Contention
C. Resource pooling
D. LUN masking
Correct Answer: C
Explanation
Resource pooling is the sharing of server resources by a group of virtual machines.
QUESTION 671
53 An application that uses a backend database is being reported by network management as having
increasing response times. The VM was migrated to a new server with more CPU and memory, but the
problem still persists. What would most likely be causing the slow database response time?
A. Bandwidth
B. Application hot fixes
C. Disk latency
D. Synchronization overhead
Correct Answer: C
Explanation
In this scenario, disk latency would be most likely causing a database response delay.
QUESTION 672
54 A vendor’s application requires that it be run on one CPU. What should the cloud administer configure
when migrating the application to a virtual machine?
A. CPU affinity
B. Hyperthreading
C. CPU pooling
D. Physical resource allocation
Correct Answer: A
Explanation
CPU affinity can be configured to allow a specific virtual machine to only access a defined CPU core.
QUESTION 673
55 What is the preferred method to access your cloud servers remotely for administration?
A. RBAC
B. Multifactor authentication
C. IPsec
D. PKI
Correct Answer: C
Explanation
Using an IPsec encrypted connection for remote access ensures confidentiality.
QUESTION 674
56 You enter the support team’s phone numbers into the network management system. What service is
being used?
A. SNMP
B. Syslog
C. SMS
D. Federations
Correct Answer: C
Explanation
SMS or texting can be configured in the management system to provide alerts to alarms.
QUESTION 675
57 A new server platform is being installed. In order for the Type 1 hypervisors to use its full capabilities,
what must be configured?
A. MIBs
B. OIDs
C. IPMI
D. BIOS
Correct Answer: D
Explanation
The server’s BIOS should be configured to enable virtualization enhancements on the server.
QUESTION 676
58 What command-line utility should be used to troubleshoot remote access problems when trying to reach
a web server using its fully qualified domain name?
A. ping
B. tracert
C. nslookup
D. ifconfig
Correct Answer: C
Explanation
Nslookup is used to verify that the domain name is referencing the server’s correct IP address.
QUESTION 677
59 You want to install an application on a VM that requires a USB device for licensing; what should be
used?
A. Port mapping
B. BIOS
C. Resource pooling
Correct Answer: A
Explanation
Port mapping allows you to specify a physical server resource to a virtual resource.
QUESTION 678
60 When planning a disaster recovery plan, a specific application can be restored within three weeks. What
model is the most cost effective?
A. Hot site
B. Warm site
C. Cold site
D. HA site
Correct Answer: C
Explanation
The cold site model requires a longer RTO than hot or warm sites but is more cost effective. Three weeks
to restore the application would fit the cold site model.
QUESTION 679
61 When a systems admin modifies a security system by adding the deny any/any rule, the admin is
changing what security system?
A. SSL
B. ACL
C. CMDB
D. MIB
Correct Answer: B
Explanation
The ACL is an ordered list of permit and deny statements.
QUESTION 680
62 What cloud characteristic allows users to access your services via a smart phone, tablet, and laptop?
A. Geoclustering
B. SaaS
C. BPaaS
D. Ubiquitous access
Correct Answer: D
Explanation
Ubiquitous access allows users from many types of remote devices to access a cloud service.
QUESTION 681
63 You are asked to migrate sensitive customer data to the cloud. What should you investigate first?
A. Storage redundancy and synchronization
B. Encryption of data at rest
C. Service-level agreements
D. Regulations and laws
Correct Answer: D
Explanation
All regulations, laws, and industry restrictions to the data must be investigated before sensitive data can be
stored in the cloud.
QUESTION 682
64 Which technology allows you to make a secure connection over a public network?
A. SMTP
B. VPN
C. IPSec
D. AES
Correct Answer: B
Explanation
A virtual private network provides a secure connection across a public network such as the Internet.
QUESTION 683
65 What is installed on a guest server to access a remote network?
A. vNIC
B. HBA
C. LOM
D. NIC
Correct Answer: A
Explanation
A virtual network interface card is installed on the VM to provide network access.
QUESTION 684
66 You are designing a storage solution for your storage-intensive database hosted in the cloud. What is
the best solution for this type of application?
A. NAS
B. SAN
C. SSD
D. RAID
Correct Answer: C
Explanation
Solid-state drives offer the fastest read/write performance of all storage technologies.
QUESTION 685
67 Large file transfers that take a long time to complete over a WAN link are due to which of the following?
A. Multipathing
B. Bandwidth
C. Latency
D. Synchronization
Correct Answer: B
Explanation
WAN bandwidth determines the time needed to transfer files across a network.
QUESTION 686
68 What step should be taken when hardening a VM?
A. Configure SNMP
B. Install users tools
C. Deactivate default accounts
D. Install 3DES
Correct Answer: C
Explanation
All default user accounts should be disabled as part of the VM hardening process.
QUESTION 687
69 A sensitive web application uses SSL access. What should be configured on the Internet firewall to allow
secure access from your clients’ browsers?
A. Port 80
B. Port 53
C. Port 22
D. Port 443
Correct Answer: D
Explanation
Secure Sockets layer uses TCP port 443. The firewall must be configured to permit incoming Internet
connections to the web servers with the destination port of 443.
QUESTION 688
70 Reports are coming into the network operations center that an application is performing very slowly.
What can they use to troubleshoot this issue?
A. MTBF applications
B. IPMI
C. Monitoring tools
D. Resource virtualization utilities
Correct Answer: C
Explanation
Many network management and application monitoring applications have been developed to monitor and
troubleshoot performance related issues in the cloud.
QUESTION 689
71 In order to verify the security of the backend data from your Internet-facing web servers, what is the best
solution to assess the risk?
A. Review audit logs
B. Obfuscation
C. DDoS test
D. Penetration test
Correct Answer: D
Explanation
Penetration testing allows for a security assessment to be calculated and give the results of attempted
unauthorized remote access to the cloud applications.
QUESTION 690
72 Multipathing technology helps you achieve what high availability objective?
A. SNMP
B. Replication
C. Fault tolerance
D. Low latency
Correct Answer: C
Explanation
Multipathing is used to increase the fault tolerance of a network.
QUESTION 691
73 When encrypting data, what encryption technology is most likely to be used?
A. RC4
B. AES
C. RSA
D. DES
Correct Answer: B
Explanation
Advanced Encryption Standard is the most common encryption protocol is use today.
QUESTION 692
74 What common practice is implemented to protect server services?
A. Patching
B. IPMI
C. Clustering
D. ACL
Correct Answer: A
Explanation
Keeping servers and applications patched with the latest updates helps mitigate the risk of malicious
attacks.
QUESTION 693
75 What security feature can be used to harden a router from unauthorized access?
A. SNMP
B. ACL
C. IPS
D. VPN
Correct Answer: B
Explanation
Access control lists are implemented on switches and routers to restrict access to ports and protocols.
QUESTION 694
76 In an effort to prevent a large number of VMs from being deployed in the cloud, your financial officer has
decided to use what model so that each department can understand the costs associated with cloud
computing?
A. BPaaS
B. Chargeback
C. Hybrid community
D. Syslog
Correct Answer: B
Explanation
Using a chargeback model allows each group in a company to be assessed a charge for their cloud usage.
QUESTION 695
77 What can be used to access your cloud-based server if the LAN interface fails?
A. Console
B. VPN
C. SNMP
D. ACL
Correct Answer: A
Explanation
A serial console port is out of band from the Ethernet connection to the server and can be used to
communicate with the server even if the LAN interface is down.
QUESTION 696
78 Geoclustering helps mitigate what potential issue?
A. Global outages
B. Regional disruptions
C. DDoS
D. Hot site synchronization
Correct Answer: B
Explanation
Geoclustering disperses data across different geographical regions so that a disruption in one area will be
localized and not affect the other areas.
QUESTION 697
79 A load balancer is experiencing a memory leak issue and needs to be rebooted. The device is still
operational; what is the first step to be taken to resolve the issue?
A. Reboot the load balancer
B. Create a change request
C. Implement the back-out plan
D. Send out an emergency notification to the users
Correct Answer: B
Explanation
A change request would need to be created that outlines the issue, the plan to correct it, and the back-out
plan if there are issues.
QUESTION 698
80 Elasticity is similar to what cloud characteristic?
A. XaaS
B. Pay-as-you-grow
C. Cloud bursting
D. Hybrid computing
Correct Answer: B
Explanation
Being able to easily and quickly expand your cloud capacity is an example of elasticity and pay-as-yougrow.
QUESTION 699
81 A noncritical web server can be restored up to 24 hours after a failure. What type of disaster recover
objective is this?
A. RPO
B. RTO
C. MTBF
D. Failback
Correct Answer: B
Explanation
The recovery time objective metric outlines the maximum time that a service can be down before being
restored.
QUESTION 700
82 Your network management application is reporting high swap file utilization on a virtual machine. What is
the best solution to correct this situation?
A. Use SSD drives for the swap file
B. Allocate additional virtual memory
C. Increase swap file size
D. Restart memory ballooning
Correct Answer: B
Explanation
The best solution to correct excessive swap file utilization is to increase the virtual memory allocated to the
VM.
QUESTION 701
83 What would you use to prevent a ping of death attack on your cloud-based web servers?
A. Firewall
B. IDS
C. HA load balancer
D. DDoS
Correct Answer: A
Explanation
A firewall can be configured to prevent a ping of death attack from reaching internal cloud servers.
QUESTION 702
84 Your Internet-facing web servers are approaching 95 percent utilization and you are planning to add
capacity. You decide to add three additional web servers; what type of expansion model are you
implementing?
A. Vertical scaling
B. Horizontal scaling
C. Cloud bursting
D. Elasticity
Correct Answer: B
Explanation
Horizontal scaling refers to adding additional servers instead of expanding the capacity on a single server
with the vertical scaling model.
QUESTION 703
85 A cloud provider offers a customized service to the healthcare industry. What best describes this type of
cloud deployment?
A. Multi-tenant
B. Community
C. Hybrid
D. Public
Correct Answer: B
Explanation
A community cloud offering groups companies that have similar cloud-hosting requirements.
QUESTION 704
86 What does the cloud consumer reference to track ongoing cloud performance and operations?
A. Federation
B. Syslog
C. SNMP
D. Dashboard
Correct Answer: D
Explanation
The dashboard is a graphical interface used as a centralized reference of cloud operations.
QUESTION 705
87 Which cloud deployment model would best be suited for your company’s email services?
A. IaaS
B. PaaS
C. SaaS
D. BPaaS
Correct Answer: C
Explanation
Cloud-based hosted applications such as email are an example of Software as a Service.
QUESTION 706
88 What two components are required in a Fibre Channel zone?
A. HBA
B. Initiator
C. Target
D. VSAN
Correct Answer: BC
Explanation
Zoning restricts specific initiators to connect to specified storage targets.
QUESTION 707
89 When migrating operations to the cloud, which of the following will allow cost savings?
B. Hybrid access
C. Shared resources
Correct Answer: C
Explanation
By sharing computing resources hosted by the cloud provider, cost savings can be realized.
QUESTION 708
90 You are asked to organize the data on your SAN in a searchable list of relevant data; which technology
will allow you to do that?
A. Object ID
B. Metadata
C. Replicas
D. BLOB
Correct Answer: B
Explanation
Metadata is data used to describe the data contained in a file.
QUESTION 709
91 After you create a DNS A record, you wish to verify the IP to fully qualified domain mapping; which tool
could you use?
A. ARP
B. nslookup
C. tracert
D. ipconfig
Correct Answer: B
Explanation
An nslookup of the domain name will verify the hostname-to–IP address mapping.
QUESTION 710
92 If you need to connect to a Windows virtual server to troubleshoot a storage issue, which technology is
best suited for this?
A. WMI
B. RDP
C. SNMP
D. SCSI
Correct Answer: B
Explanation
The Remote Desktop Protocol allows remote connectivity to the Windows Server desktop interface.
QUESTION 711
93 Your company hosts cloud services in its own datacenter but has decided to use a public cloud when
additional capacity is required. What type of cloud deployment is this?
A. Public
B. Private
C. Community
D. Hybrid
Correct Answer: D
Explanation
A combination of cloud deployments is referred to as a hybrid cloud environment.
QUESTION 712
94 You suspect that there has been an unauthorized access in your hybrid cloud deployment. What controls
would you use in your investigation?
A. Log files
B. Zoning
C. Multifactor authentication
D. Mandatory access control
Correct Answer: A
Explanation
Log files keep a record of ongoing activity and can be searched when investigating anomalies.
QUESTION 713
95 You are connecting multiple servers to a Fibre Channel network; what must you use to provide data
integrity?
A. Port masking
B. Multipathing
C. LUN masking
D. RAID arrays
Correct Answer: C
Explanation
LUN masking ensures that only specific SAN initiators and targets are able to connect to each other.
QUESTION 714
96 What storage implementation uses switches?
A. VRRP
B. SCSI
C. SAN
D. DAS
Correct Answer: C
Explanation
A storage area network uses Fibre Channel switches.
QUESTION 715
97 You are running Windows and decide to start a Linux operating system on your computer. What type of
virtualization are you using?
A. Bare metal
B. Open source
C. Type 1
D. Type 2
Correct Answer: D
Explanation
A Type 2 hypervisor runs as an application on an existing operating system.
QUESTION 716
98 Your switch’s Gigabit Ethernet uplink is saturated. Which technology can be used to increase the
bandwidth?
A. Multipath
B. VLAN’s
C. NAT
D. Link aggregation
Correct Answer: D
Explanation
Link aggregation takes multiple links and combines them into a single logical link.
QUESTION 717
99 If you need to establish a secure connection between locations in your hybrid cloud, which technology is
best suited for this?
A. VPN
B. IPSec
C. PKI
D. RSA
Correct Answer: A
Explanation
A virtual private network connection is used to create a secure connection between locations.
QUESTION 718
100 Your manager asks you to provide redundancy using only two disks. Which technology would you
implement?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 6
Correct Answer: B
Explanation
RAID 1 provides file mirroring using only two disks.
QUESTION 719
A company has decided to reduce their datacenter size.
An administrator for the company has been tasked to virtualize many of the company's servers.
Which of the following should the administrator perform to accomplish this goal?
A. P2V
B. P2P
C. V2P
D. V2V
Correct Answer: A
Explanation
· live migration
Live migration is the movement of a virtual machine from one physical host to another while continuously
powered-up.
physical to virtual (P2V)
Physical to virtual (P2V) is a term that refers to the migration of an operating system (OS), application
programs and data from a computer's main hard disk to a virtual machine.
· PlateSpin
PlateSpin is a company that provides tools to help with server virtualization, including physical-to-virtual
migrations and server workload management.
Virtual to physical (V2P)
Virtual to physical (V2P) is a term that refers to the migration of an operating system (OS), application
programs and data from a virtual machine or disk partition to a computer's main hard disk.
· Virtual to virtual (V2V)
Virtual to virtual (V2V) is a term that refers to the migration of an operating system (OS), application
programs and data from a virtual machine or disk partition to another virtual machine or disk partition.
QUESTION 720
Which of the following technologies would MOST likely be used for personal use to virtualize a desktop?
A. Type II
B. Type I
C. RAID 5
D. RAID 0
Correct Answer: A
Explanation
Explanation:
Type 1 hypervisor - enables hardware virtualization
Type 2 hypervisor - runs atop existing OSes.
QUESTION 721
In which of the following cloud services will the customer be responsible for securing provisioned hosts?
A. PaaS
B. IaaS
C. SaaS
D. DaaS
Correct Answer: B
Explanation
Explanation
SaaS (Software as a Service)
SaaS is software on-demand.
Users can subscribe to rent finished, centrally hosted software on a pay-as-you-go basis.
SaaS Is basically on-demand software for end users.
One advantage for end users is that does not have to update software ever, on cloud it is always running
the latest version.
PaaS (Platform as a Service)
As a resource for developers, PaaS provides the hardware and software infrastructure needed to create,
run and manage custom-built applications.
These platforms are scalable, flexible, and rented on a pay-as-you-go basis.
As a result, PaaS frees users from having to install in-house hardware and software to develop or run a
new application.
Increases developer productivity and utilization rates while also decreasing an application’s time-to-market
IaaS (Infrastructure as a Service)
Purchased in a similar way to utilities, like electricity and water, IaaS is virtual hardware companies can
purchase instead of owning and operating their own data centres.
IaaS provides self-service access to remote data center infrastructures that can be used for virtual server
space, bandwidth, IP addresses, storage, or network connections.
Physically, these resources are usually drawn from a distributed network of servers, which the cloud
provider is responsible for maintaining.
However, unlike SaaS and PaaS, users are responsible for managing and upgrading applications,
middleware, and operating systems.
MaaS (Monitoring as a Service)
MaaS is a framework of tools and applications that monitor specific aspects of services, servers, systems
or applications in the cloud.
The primary use is data collection about performance and real-time functioning of IT components.
CaaS (Communications as a Service)
Communications as a Service (CaaS) is an outsourced enterprise communications solution that can be
leased from a single vendor.
Such communications can include voice over IP (VoIP or Internet telephony), instant messaging (IM),
collaboration and videoconference applications using fixed and mobile devices.
BaaS (Backend as a Service)
Is an approach to cloud computing that provides a backend for applications (mostly mobile).
They provide an API and tools for different computer languages to integrate with their backend.
They also provide additional services like storage, Analytics, Push notifications, dashboards, social
integration.
Somehow it is similar to SaaS, but BaaS is mostly targeted at developers, where SaaS is targeted at end
users.
DaaS (Desktop as a Service)
Also called remote desktop, DaaS is a cloud service that allows users to remotely access their desktops
from a number of devices.
Usually is a cloud service in which the back-end of a virtual desktop infrastructure (VDI) is hosted by a
cloud service provider.
DaaS provides continuity between many devices, and is often used by companies with employees who
work remotely and/or BYOD.
BPaaS (Business process as a service)
It is a term for a specific kind of Web-delivered or cloud hosting service that benefits an enterprise by
assisting with business objectives. In the general sense, a business process is simply a task that must be
completed to benefit business operations. Using the term (BPaaS) implies that the business process is
being automated through a remote delivery model.
iPaas (Integration Platform as a Service)
When companies use multiple SaaS, PaaS, and IaaS from different providers, they encounter a problem of
integration.
These IT systems cannot communicate with one another and data cannot be shared seamlessly across the
cloud ecosystem.
Used to solve this issue, iPaaS is a platform that integrates cloud applications with one another and the
company’s pre-existing software systems.
XaaS (Anything as a Service)
The acronym XaaS (often pronounced “zass”), is a collective term that refers to the services that are
available across the internet, rather than being provided onsite or locally.
XaaS is at the core of cloud computing.
The most common examples of XaaS are: SaaS, IaaS, MaaS, CaaS, PaaS or any combination of these
services.
XaaS services are usually controlled by a service level agreement (SLA), where the client and vendor work
together to agree how the services will be provided.
CAMP (Cloud Application Management for Platforms)
Designed to facilitate interoperability between cloud environments, CAMP simplifies the management of
multiple cloud applications.
Because every PaaS includes its own API (application programming interface) to upload, configure, and
monitor applications used on that platform, when PaaS systems from different vendors are used in
conjunction, the APIs conflict. CAMP was produced as a collaboration between leading PaaS providers to
resolve the incompatibilities between their platforms.
MDM (Mobile Device Management)
A cloud service primarily driven by the growing workplace trend of BYOD (bring your own device), MDM
distributes applications, data, and configurations to a variety of devices (including smartphones, tablets,
laptops, desktop computers, and mobile printers). MDM thereby facilitates compatibility and security in
distributed networks, such as company networks where employees work remotely on a variety of devices
using different operating systems.
HPC (High Performance Computing)
HPC means aggregating computing power in the cloud in order to create a virtual supercomputer used to
solve large, complex problems.
HPC refers to systems that function at over 10^12 operations per second.
QUESTION 722
An administrator is tasked to reduce the company's datacenter power utilization.
Currently there are 500 physical servers in the datacenter and 600 virtual servers with five additional
available host servers.
Which of the following should the administrator perform?
A. Migrate servers using V2V technology
B. Perform an offline migration of virtual servers
C. Migrate servers using V2P technology
D. Migrate servers using P2V technology
Correct Answer: D
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 723
Which of the following uses the business model of shared resources in a cloud environment?
A. Elasticity
B. Self-serve
C. Cloud bursting
D. Multi-tenancy
Correct Answer: D
Explanation
Explanation
The term "software multitenancy" refers to a software architecture in which a single instance of software
runs on a server and serves multiple tenants. A tenant is a group of users who share a common access
with specific privileges to the software instance. With a multitenant architecture, a software application is
designed to provide every tenant a dedicated share of the instance - including its data, configuration, user
management, tenant individual functionality and non-functional properties. Multitenancy contrasts with multiinstance
architectures, where separate software instances operate on behalf of different tenants.
To employ new technologies effectively, such as cloud computing, organizations must understand what
exactly they're getting.
With this in mind, the National Institute of Standards and Technology has issued its 16th and final
version of The NIST Definition of Cloud Computing.
The special publication includes the five essential characteristics of cloud computing:
1 - On-demand self-service:
A consumer can unilaterally provision computing capabilities, such as server time and network storage, as
needed automatically without requiring human interaction with each service provider.
2 - Broad network access:
Capabilities are available over the network and accessed through standard mechanisms that promote use
by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops and workstations).
3 - Resource pooling:
The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model,
with different physical and virtual resources dynamically assigned and reassigned according to consumer
demand. There is a sense of location independence in that the customer generally has no control or
knowledge over the exact location of the provided resources but may be able to specify location at a higher
level of abstraction (e.g., country, state or datacenter).
Examples of resources include storage, processing, memory and network bandwidth.
4 - Rapid elasticity:
Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly
outward and inward commensurate with demand. To the consumer, the capabilities available for
provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
5 - Measured service:
Cloud systems automatically control and optimize resource use by leveraging a metering capability at some
level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth and active user
accounts). Resource usage can be monitored, controlled and reported, providing transparency for the
provider and consumer.
SP 800-145 also defines four deployment models:
private
community
public
hybrid
- that together categorize ways to deliver cloud services.
Multi-tenancy
multiple customers share adjacent resources in the cloud with their peers, it´s the basis of public cloud
infrastructures.
With multi-tenancy, there is an inherent increase in operational expenditures, which can be mitigated by
certain hardware configurations and software solutions, such as application and server profiles.
QUESTION 724
Which of the following is used to locate a specific area of storage in a cloud environment?
A. Object ID
B. SAN
C. Replicas
D. Metadata
Correct Answer: A
Explanation
•Volume storage (block storage) Includes volumes/data stores attached to IaaS instances, usually a
virtual hard drive. Should provide redundancy
•Object storage: Example: Dropbox. Used for write-once, read many; not suitable for applications like
databases
QUESTION 725
An administrator deployed a DaaS cloud delivery model for a financial institution and implemented a data
encryption technology using AES cryptography.
Which of the following should the administrator implement NEXT?
A. Access controls
B. RC5
C. SSL
D. Zoning
Correct Answer: A
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 726
Which of the following storage technologies is file-based?
A. WAN
B. DAS
C. SAN
D. NAS
Correct Answer: D
Explanation
Explanation
The two most popular storage system technologies are file level storage and block level storage.
File level storage is seen and deployed in Network Attached Storage (NAS) systems.
Block level storage is seen and deployed in Storage Area Network (SAN) storage.
File Level Storage – This storage technology is most commonly used for storage systems, which is found
in hard drives, NAS systems and so on. In this File Level storage, the storage disk is configured with a
protocol such as NFS or SMB/CIFS and the files are stored and accessed from it in bulk.
The File level storage is simple to use and implement.
It stores files and folders and the visibility is the same to the clients accessing and to the system which
stores it.
This level storage is inexpensive to be maintained, when it is compared to its counterpart i.e. block level
storage.
Network attached storage systems usually depend on this file level storage.
File level storage can handle access control, integrate integration with corporate directories; and so on.
“Scale Out NAS” is a type of File level storage that incorporates a distributed file system that can scale a
single volume with a single namespace across many nodes.
Scale Out NAS File level storage solutions can scale up to several petabytes all while handling thousands
of clients.
As capacity is scaled out, performance is scaled up.
Block Level Storage – In this block level storage, raw volumes of storage are created and each block can
be controlled as an individual hard drive.
These Blocks are controlled by server based operating systems and each block can be individually
formatted with the required file system.
Block level storage is usually deployed in SAN or storage area network environment.
This level of storage offers boot-up of systems which are connected to them.
Block level storage can be used to store files and can work as storage for special applications like
databases, Virtual machine file systems and so on.
Block level storage data transportation is much efficient and reliable.
Block level storage supports individual formatting of file systems like NFS, NTFS or SMB (Windows) or
VMFS (VMware) which are required by the applications.
Each storage volume can be treated as an independent disk drive and it can be controlled by external
server operating system.
Block level storage uses iSCSI and FCoE protocols for data transfer as SCSI commands act as
communication interface in between the initiator and the target.
QUESTION 727
Which of the following RAID configuration would be used to accomplish disk mirroring with two disks?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 10
Correct Answer: B
Explanation
Explanation
RAID 0 – striping
RAID 1 – mirroring
RAID 5 – striping with parity
RAID 6 – striping with double parity
RAID 10 – combining mirroring and striping
QUESTION 728
An employee is asked to run an instance of a Linux OS while booted up in a Windows OS.
Which of the following types of virtualization would be used to meet this requirement?
A. Type I
B. Type II
C. Bare Metal
D. Native
Correct Answer: B
Explanation
Explanation
There are two types of hypervisors: Type 1 and Type 2.
Type 1 hypervisors
run directly on the system hardware.
They are often referred to as a "native" or "bare metal" or "embedded" hypervisors in vendor literature.
Type 2 hypervisors
run on a host operating system.
When the virtualization movement first began to take off, Type 2 hypervisors were most popular.
Administrators could buy the software and install it on a server they already had.
Type 1 hypervisors are gaining popularity because building the hypervisor into the firmware is proving to be
more efficient.
QUESTION 729
A small startup wins a contest giving them advertising time during a major sporting event.
Which of the following cloud characteristics should be in place to handle the possible spike in demand?
A. Shared disk space
B. Elasticity
C. Scalability
D. Shared memory
Correct Answer: B
Explanation
Explanation
private
community
public
hybrid
Multi-tenancy
infrastructures.
QUESTION 730
Which of the following is true about a Type II hypervisor?
A. It requires a primary hypervisor to function properly.
B. It implements stronger security controls than a Type I supervisor at the same patch level.
C. It provides slower performance than a Type I hypervisor installed on the same hardware.
D. It provides direct hardware access through the use of specialized drivers.
Correct Answer: C
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 731
A technician wants to configure a server for storage redundancy so that if any two of the four drives fail, the
server is still operational.
Which of the following should the technician configure?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 6
Correct Answer: D
Explanation
Explanation
RAID 0 – striping
QUESTION 732
A company has five servers and wishes to consolidate into a single physical server.
Which of the following migration methods would accomplish this?
A. P2P
B. V2P
C. V2V
D. P2V
Correct Answer: D
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 733
Which of the following cloud services provides billing, payroll, contract management, and human resource
management functions?
A. CaaS
B. SaaS
C. BPaaS
D. DaaS
Correct Answer: C
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 734
Which of the following hypervisor types runs on a host operating system that provides virtualization
services, including memory management and device support?
A. Type II hypervisor
B. Proprietary hypervisor
C. Type I hypervisor
D. Open source hypervisor
Correct Answer: A
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 735
An administrator is tasked to perform a P2V migration of a critical application.
Which of the following steps should the administrator perform FIRST before the migration?
A. Harden the operating system
B. Migrate the server in a development environment
C. Contact the vendor for compatibility requirements
D. Establish a performance baseline
Correct Answer: C
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 736
Which of the following BEST defines RAID 4?
A. RAID 4 allows two failed drives.
B. RAID 4 requires a minimum of 4 disks.
C. RAID 4 has a dedicated parity drive.
D. RAID 4 is less secure than RAID 5.
Correct Answer: C
Explanation
Explanation
RAID 0 – striping
QUESTION 737
Which of the following attributes BEST describes "elasticity" in cloud computing? (Select TWO).
A. Universal access
B. Multi-tenancy
C. Portability
D. Cost effectiveness
E. Scalable
F. Off premises
Correct Answer: DE
Explanation
Explanation
private
community
public
hybrid
Multi-tenancy
infrastructures.
QUESTION 738
A datacenter migration is taking place and the administrator has been tasked with reducing the footprint of
the new datacenter by virtualizing as many servers as possible.
A physical server has been flagged as a candidate for relocation to the new data center.
Which of the following methods would be the FIRST method for relocating the server to the new data
center?
A. V2V
B. V2P
C. P2V
D. P2P
Correct Answer: C
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 739
A system administrator is testing various types of software within VMs on a local workstation while surfing
the Internet on a host.
Which of the followingBEST describes the hypervisor architecture that the administrator is using?
A. Type II
B. Type I
C. Open source
D. Proprietary
Correct Answer: A
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 740
A catastrophic disk failure occurred on a company's critical database. After a technician performs a full
system restore, one of the business units realizes that the
current backup does not hold fresh enough information. Which of the following should the company revise?
A. RTO
B. MTTR
C. RPO
D. MTBF
Correct Answer: C
Explanation
Recovery Point Objective (RPO) refers to the point in time in the past to which you will recover.
The RPO will be the point to which you will have all data up to that point recovered.
The gap between the disaster and the RPO will likely be lost as a result of the disaster.
Recovery Time Objective (RTO) refers to the point in time in the future at which you will be up and running
again.
On the timeline, RTO is the point in the future at which you will be back up and running full speed ahead.
The gap between the disaster and the RTO is the timeframe for which your app will be down and nonfunctioning.
QUESTION 741
Which of the following cloud models would be used when implementing a company's email system in the
cloud?
A. PaaS
B. IaaS
C. SaaS
D. XaaS
Correct Answer: C
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 742
A company just received a shipment of brand new blade servers and an administrator has been tasked with
virtualizing the blade fabric switches.
Which of the following would be used to accomplish this?
A. iSNS
B. V2P
C. P2V
D. NPIV
Correct Answer: D
Explanation
· live migration
powered-up.
· PlateSpin
N_Port ID virtualization (NPIV)
is a technology that defines how multiple virtual servers can share a single physical Fibre Channel port
identification (ID).
NPIV allows a single host bus adaptor (HBA) or target port on a storage array to register multiple World
Wide Port Names (WWPNs) and N_Port identification numbers. This allows each virtual server to present
a different world wide name to the storage area network (SAN), which in turn means that each virtual server
will see its own storage -- but no other virtual server's storage.
QUESTION 743
Which of the following hypervisors will allocate resources MORE efficiently?
A. Type I
B. Proprietary
C. Type II
D. Open source
Correct Answer: A
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 744
Which of the following virtualization implementations yields the HIGHEST performance of the same
hardware configuration?
A. CPU emulation
B. Type I
C. Memory ballooning
D. Type II
Correct Answer: B
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 745
A cloud based global multiplayer game is an example of which of the following?
A. CaaS
B. SaaS
C. PaaS
D. IaaS
Correct Answer: B
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 746
A start-up company has recently gone public and is experiencing unexpected growth.
Which of the following cloud service models would allow the company to provide internal email quickly to
new employees?
A. PaaS
B. CaaS
C. SaaS
D. IaaS
Correct Answer: C
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 747
Which of the following is the BEST answer for implementing a feature that will remove a single point of
failure between a SAN and host?
A. MPLS
B. MTBF
C. MTU
D. MPIO
Correct Answer: D
Explanation
Explanation
In computer storage, multipath I/O is a fault-tolerance and performance-enhancement technique that
defines more than one physical path between the CPU in a computer system and its mass-storage devices
through the buses, controllers, switches, and bridge devices connecting them.
As an example, a SCSI hard disk drive may connect to two SCSI controllers on the same computer, or a
disk may connect to two Fibre Channel ports. Should one controller, port or switch fail, the operating system
can route the I/O through the remaining controller, port or switch transparently and with no changes visible
to the applications, other than perhaps resulting in increased latency.
Multipath software layers can leverage the redundant paths to provide performance-enhancing features,
including dynamic load balancing, traffic shaping, automatic path management, and dynamic
reconfiguration.
QUESTION 748
Which of the following is the BEST classification for a hosted IP phone PBX?
A. BPaaS
B. SaaS
C. XaaS
D. CaaS
Correct Answer: D
Explanation
Explanation
Communication as a Service (CaaS), enables the consumer to utilize Enterprise level VoIP, VPNs, PBX
and Unified Communications without the costly investment of purchasing, hosting and managing the
infrastructure. With the service provider responsible for the management and running of these services
also, the other advantage the consumer has is that they needn’t require their own trained personnel,
bringing significant OPEX as well as CAPEX costs.
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 749
A VM that is generally used for development is tested quarterly on other hypervisors to validate sideways
compatibility.
Which of the following migrations does this describe?
A. Online
B. V2P
C. V2V
D. P2V
Correct Answer: C
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 750
Which of the following is an example of a customer solely renting computing resources?
A. IaaS
B. CaaS
C. DaaS
D. PaaS
Correct Answer: A
Explanation
Explanation
the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 751
Which of the following is true about Type I hypervisors?
A. They run on bare metal hardware
B. They are open source only
C. They depend on an underlying OS
D. They are proprietary only
Correct Answer: A
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 752
Which of the following technologies should be used to reduce the disk footprint of a VM?
A. Defragmentation
B. Full disk encryption
C. Thin-provisioning
D. NTFS compression
Correct Answer: C
Explanation
Explanation
In computing, thin provisioning involves using virtualization technology to give the appearance of having
more physical resources than are actually available. If a system always has enough resource to
simultaneously support all of the virtualized resources, then it is not thin provisioned. The term thin
provisioning is applied to disk layer in this article, but could refer to an allocation scheme for any resource.
For example, real memory in a computer is typically thin-provisioned to running tasks with some form of
address translation technology doing the virtualization. Each task acts as if it has real memory allocated.
The sum of the allocated virtual memory assigned to tasks typically exceeds the total of real memory.
The efficiency of thin or thick/fat provisioning is a function of the use case, not of the technology. Thick
provisioning is typically more efficient when the amount of resource used very closely approximates to the
amount of resource allocated. Thin provisioning offers more efficiency where the amount of resource used
is much smaller than allocated, so that the benefit of providing only the resource needed exceeds the cost
of the virtualization technology used.
Just-in-time allocation differs from thin provisioning. Most file systems back files just-in-time but are not thin
provisioned. Overallocation also differs from thin provisioning; resources can be over-allocated /
oversubscribed without using virtualization technology, for example overselling seats on a flight without
allocating actual seats at time of sale, avoiding having each consumer having a claim on a specific seat
number.
Thin provisioning is a mechanism that applies to large-scale centralized computer disk-storage systems,
SANs, and storage virtualization systems. Thin provisioning allows space to be easily allocated to servers,
on a just-enough and just-in-time basis. Thin provisioning is called "sparse volumes" in some contexts.
QUESTION 753
A hypervisor host that has two fibre-channel ports needs to be connected to a storage array that has four
fibre-channel ports.
How many zones should be created for maximum redundancy?
A. 1
B. 2
C. 4
D. 8
Correct Answer: B
Explanation
Explanation
Soft Zones
Soft zoning means that the switch will place WWNs of devices in a zone, and it doesn't matter what port
they're connected to.
Hard Zones
Hard zones are more like VLANs in the Ethernet world. You place the port into a zone, and anything
connecting to that port is in the zone, or zones, which are configured for that port.
Zones are partitions, similar to VLANs. Ports or WWNs can live in multiple zones at the same time.
Soft zones enforce partitioning based on WWN, and they're difficult to manage if fiber moves to a new
port.
Hard zones are port-based: you can keep track of what node is attached where. Hybrid zones exist on
some switches, for the paranoid: "WWN C must live on this port."
A World Wide Name (WWN) or World Wide Identifier (WWID) is a unique identifier used in storage
technologies including Fibre Channel, Advanced Technology Attachment (ATA) or Serial Attached SCSI
(SAS).
A WWN may be employed in a variety of roles, such as a serial number or for addressability; for example,
in Fibre Channel networks, a WWN may be used as a WWNN (World Wide Node Name) to identify an
endpoint, or a WWPN (World Wide Port Name) to identify an individual port on a switch. Two WWNs which
do not refer to the same thing should always be different even if the two are used in different roles, i.e. a
role such as WWPN or WWNN does not define a separate WWN space. The use of burned-in addresses
and specification compliance by vendors is relied upon to enforce uniqueness.
QUESTION 754
In which of the following situations would a network administrator optimize a company's WAN?
A. High amounts of packet loss on a switch port
B. CPU utilization on a switch is at 95%
C. Installed new local application on a private network
D. Contracted with a SaaS provider to provide a new application
Correct Answer: D
Explanation

the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 755
A financial storage system will be required by law to retain copies of checks for up to two years.
Which of the following would be suited to meet this requirement?
A. SSD
B. USB drive
C. FCIP
D. CAS
Correct Answer: D
Explanation
Explanation
Content-addressable storage, also referred to as associative storage or abbreviated CAS, is a
mechanism for storing information that can be retrieved based on its content, not its storage location. It is
typically used for high-speed storage and retrieval of fixed content, such as documents stored for
compliance with government regulations. Roughly speaking, content-addressable storage is the
permanent-storage analogue to content-addressable memory.
QUESTION 756
An administrator has enabled NPIV and has configured the SAN for SAN boot; however, SAN boot fails
intermittently.
Which of the following, if configured incorrectly, could cause the issue?
A. LUN Masking
B. Storage cluster
C. Zoning
D. WWPN
Correct Answer: D
Explanation
Explanation
NPIV or N_Port ID Virtualization is a Fibre Channel feature whereby multiple Fibre Channel node port
(N_Port) IDs can share a single physical N_Port.
World Wide Port Name, WWPN, or WWpN, is a World Wide Name assigned to a port in a Fibre Channel
fabric.
Used on storage area networks, it performs a function equivalent to the MAC address in Ethernet protocol,
as it is supposed to be a unique identifier in the network.
A WWPN is a World Wide Port Name; a unique identifier for each Fibre Channel port presented to a
Storage Area Network (SAN).
Each port on a Storage Device has a unique and persistent WWPN.
A World Wide Node Name, WWNN, or WWnN, is a World Wide Name assigned to a node (an endpoint, a
device) in a Fibre Channel fabric.
It is valid for the same WWNN to be seen on many different ports (different addresses) on the network,
identifying the ports as multiple network interfaces of a single network node.
QUESTION 757
Which of the following is used for keeping track of all logical and physical data?
A. BSD
B. Flat File Systems
C. Non Journaling File System
D. Journaling File System
Correct Answer: D
Explanation
Explanation
A journaling file system is a file system that keeps track of changes not yet committed to the file system's
main part by recording the intentions of such changes in a data structure known as a "journal", which is
usually a circular log. In the event of a system crash or power failure, such file systems can be brought back
online more quickly with a lower likelihood of becoming corrupted.
Depending on the actual implementation, a journaling file system may only keep track of stored metadata,
resulting in improved performance at the expense of increased possibility for data corruption. Alternatively,
a journaling file system may track both stored data and related metadata, while some implementations
allow selectable behavior in this regard.
QUESTION 758
A storage array is shared with other departments.
An administrator would like to ensure that no other department performs backups on the LUNs.
Which of the following could be used to mitigate this? (Select TWO).
A. VTL
B. Licensing
C. ACLs
D. Compression
E. RBAC
Correct Answer: CE
Explanation
Explanation
ACL - Access Control List
RBAC - Role Based Access Control
QUESTION 759
An administrator allocates 50GB on a SAN for use by a server.
Which of the following describes what the administrator has just created?
A. Virtual SAN
B. Storage array
C. VMFS
D. LUN
Correct Answer: D
Explanation
Explanation
In a SAN fabric, LUN storage is essential to the configuration of the environment and its performance. A
LUN is a unique identifier given to separate devices, or logical units, so they can be accessed by a SCSI,
iSCSI or Fibre Channel protocol. LUNs are key to disk array configuration because disks are typically
defined in sets of RAID groups to protect against failure; however, those RAID groups can't be presented to
the host. By assigning LUNs, all or a portion of a RAID group's capacity can be presented to the host as
individual, mountable volumes.
QUESTION 760
Anne, an administrator, receives an alert indicating a disk failure on a highly available server with a local
RAID 5 array.
When checking the server, Anne confirms a flashing amber light on one of the disks.
Which of the following is the correct procedure for replacing this drive?
A. Remove the old drive, reboot the server, and access the RAID controller. Rebuild the array to RAID 6,
and then add the new drive for parity.
B. Remove the old disk while the server is powered on and operational and replace with a new drive.
C. Remove the old drive, reboot the server, and access the RAID controller. Rebuild the array to RAID 1,
and then add the new drive for parity.
D. Power off the server and replace with a new drive.
Correct Answer: B
Explanation
Explanation
RAID 0 – striping
QUESTION 761
Two independent organizations want to share authentication and other employees' attributes to leverage a
central online collaboration tool for a common project.
Which of the following will allow the two companies to keep their internal authentication system while
allowing visibility into the other company's employees' attributes?
A. Role-based access control
B. Federation
C. Single sign-on
D. Multi-factor authentication
Correct Answer: B
Explanation
Federated identity management (FIM) is an arrangement that can be made among multiple enterprises
that lets subscribers use the same identification data to obtain access to the networks of all enterprises in
the group.
The use of such a system is sometimes called identity federation.
In cloud computing, the fundamental problem is that multiple organizations are now managing the identity
and access management to resources, which can greatly complicate the process. For example, imagine
having to provision the same user on dozens—or hundreds—of different cloud services.
Federation is the primary tool used to manage this problem, by building trust relationships between
organizations and enforcing them through standards-based technologies.
QUESTION 762
A company with an online store website has migrated the website and store database information to a cloud
provider.
The company wants to ensure credit cards used for online store purchases are processed such that local
compliance regulations are met.
Which of the following is used by a third party to verify the cloud vendor is meeting the compliance
standards?
A. Replication consistency
B. Penetration test
C. Bandwidth assessment
D. Application delivery
Correct Answer: B
Explanation
Vulnerability assessment and penetration testing play a significant role and support security of applications
and systems prior to an application going into and while in a production environment.
Vulnerability assessments or vulnerability scanning look to identify and report on known vulnerabilities in a
system. Depending on the approach you take, such as automated scanning or a combination of techniques,
the identification and reporting of a vulnerability should be accompanied by a risk rating, along with potential
exposures.
Most often, vulnerability assessments are performed as white-box tests, where the assessor knows that
application and the environment the application runs in.
Penetration testing is a process used to collect information related to system vulnerabilities and exposures,
with the view to actively exploit the vulnerabilities in the system.
QUESTION 763
A system administrator can no longer easily control a remote hypervisor because the workstation's mouse
is broken. Which of the following remote
access tools is the system administrator using?
A. Local console port
B. RDP
C. Telnet
D. SSH
Correct Answer: B
Explanation
Explanation
RDP= Remote Desktop Connection is the only option mouse dependent.
All other options are CLI
QUESTION 764
Which of the following BEST describes the process of mapping storage initiators to targets?
B. Zoning
C. LUN masking
D. Obfuscation
Correct Answer: B
Explanation
Explanation
In a storage area network (SAN), zoning is the allocation of resources for device load balancing and for
selectively allowing access to data only to certain users.
Essentially, zoning allows an administrator to control who can see what in a SAN.
QUESTION 765
Which of the following cloud services provides application isolation?
A. DaaS
B. BPaaS
C. CaaS
D. SaaS
Correct Answer: D
Explanation

the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 766
The IT department has had problems coping with the demand of service provisioning and deprovisioning.
If the IT department implements a cloud computing platform, which of the following would improve their
productivity?
A. On-demand self-service
B. Multi-tenancy
C. Scalability
D. Elasticity
Correct Answer: A
Explanation
Explanation
private
community
public
hybrid
Multi-tenancy
infrastructures.
QUESTION 767
A company wants to streamline their reporting tools.
They have decided to implement a third party SaaS cloud reporting tool to process additional data, but will
continue to process confidential data internally.
Which of the following deployment models is BEST suited for the company?
A. Shared
B. Private
C. Hybrid
D. Community
Correct Answer: C
Explanation
Explanation
NIST SP 800-145 defines four deployment models:
private
community
public
hybrid
QUESTION 768
Which of the following would be the FIRST choice to encrypt a laptop hard drive?
A. DES
B. TDE
C. AES
D. SSL
Correct Answer: C
Explanation
Explanation
Advanced Encryption Standard (AES)
The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to
protect classified information and is implemented in software and hardware throughout the world to encrypt
sensitive data.
QUESTION 769
Which of the following refers to the maximum amount of data that can be lost due to a system failure?
A. MTBF
B. RTO
C. MTTR
D. RPO
Correct Answer: D
Explanation
Explanation
DRaaS solutions are, “a predetermined set of processes offered by a third-party vendor to help an
enterprise develop and implement a disaster recovery plan.”
Each DRaaS offering you look at will define in their Service Level Agreement (SLA) what their promised
RPO and RTO are.
Recovery Point Objective (RPO) refers to the point in time in the past to which you will recover.
The RPO will be the point to which you will have all data up to that point recovered.
The gap between the disaster and the RPO will likely be lost as a result of the disaster.
Recovery Time Objective (RTO) refers to the point in time in the future at which you will be up and running
again.
On the timeline, RTO is the point in the future at which you will be back up and running full speed ahead.
The gap between the disaster and the RTO is the timeframe for which your app will be down and nonfunctioning.
QUESTION 770
A company that provides IaaS to small business organizations needs to allow customers to control the
power state of their virtual machines.
Which of the following should be implemented to accomplish this task?
A. Grant limited access to the hypervisor management interface
B. Grant limited access to the host power managing infrastructure
C. Allow Wake-on-LAN packets on the firewall
D. Configure customer's VMs to be in an always-on state
Correct Answer: A
Explanation
Explanation
Power Management options are not available on every guest operating system. Wake on LAN supports
only Windows guest operating systems and is not available on Vlance NICs, or when a Flexible NIC is
operating in Vlance mode (that is, the current VMware Tools are not installed on the guest operating
system).
Wake on LAN can resume virtual machines that are in an S1 sleep state only. It cannot resume suspended,
hibernated, or powered off virtual machines.
QUESTION 771
Which of the following, in conjunction with IPSec, can be configured to provide secure access to files on a
NAS?
A. iSCSI
B. CIFS
C. FCoE
D. SSH
Correct Answer: B
Explanation
Explanation
Short for Common Internet File System, a protocol that defines a standard for remote file access using
millions of computers at a time. With CIFS, users with different platforms and computers can share files
without having to install new software.
CIFS runs over TCP/IP but uses the SMB (Server Message Block) protocol found in Microsoft Windows for
file and printer access; therefore, CIFS will allow all applications, not just Web browsers, to open and share
files across the Internet.
With CIFS, changes made to a file are simultaneously saved on both the client and server side.
QUESTION 772
A system administrator is planning storage infrastructure to store backup copies of virtual machines that are
at least 5GB in size.
Which of the following file systems can be used in this scenario? (Select TWO).
A. SMB
B. RAW
C. EXT
D. FAT
E. NTFS
Correct Answer: CE
Explanation
QUESTION 773
Which of the following can be used to enable out-of-band management of a Windows-based host?
A. IPMI
B. WMI
C. SMTP
D. SNMP
Correct Answer: A
Explanation
The Intelligent Platform Management Interface (IPMI)

It is a set of computer interface specifications for an autonomous computer subsystem that provides
management and monitoring capabilities independently of the host system's CPU, firmware (BIOS or UEFI)
and operating system. IPMI defines a set of interfaces used by system administrators for out-of-band
management of computer systems and monitoring of their operation. For example, IPMI provides a way to
manage a computer that may be powered off or otherwise unresponsive by using a network connection to
the hardware rather than to an operating system or login shell.
Windows Management Instrumentation (WMI) consists of a set of extensions to the Windows Driver
Model that provides an operating system interface through which instrumented components provide
information and notification. WMI is Microsoft's implementation of the Web-Based Enterprise Management
(WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force
(DMTF).
QUESTION 774
Which of the following cloud services would MOST likely be used to deliver web applications?
A. IaaS
B. DaaS
C. SaaS
D. PaaS
Correct Answer: C
Explanation

the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 775
Which of the following RAID levels spreads blocks of a file across multiple disks without parity?
A. 0
B. 1
C. 3
D. 5
Correct Answer: A
Explanation
Explanation
RAID 0 – striping
QUESTION 776
Which of the following may be used prior to encryption of information stored in a database if only weak
encryption algorithms are allowed?
A. LUN Masking
B. Obfuscation
C. Access Control Lists
D. Hashing
Correct Answer: B
Explanation
•Masking/Obfuscation
is the process of hiding, replacing or omitting sensitive information from a specific dataset. For instance,
masking all but last 4 digits of SSN
•Data Anonymization
is the process of either encrypting or removing personally identifiable information from data sets, so that the
people whom the data describe remain anonymous
•Tokenization:
Public cloud service can be integrated and paired with a private cloud that stores sensitive data. The data
sent to the public cloud is altered and contains a reference to the data residing the in the private cloud.
Encoding
is to transform data so that it can be properly consumed;
binary data being sent over the email or web page.
Primary goal is to not keep information secret but to ensure proper ability to be consumed.
Encryption
is to transform data and keep it secret from others.
Using ciphertext, algorithm they take 'sent data' and turn it into plaintext consumable data.
Hashing
serves the purpose of integrity which allows to know if your data has been changed.
Technically speaking, hashing take arbitrary input and produces fixed-length strings that follow attributes in/
out.
Obfuscation
is making something harder to understand, usually for the purposes of making it more difficult to attack or
copy.
QUESTION 777
A technician has recently virtualized an older business critical fax server.
The fax application relies on a proprietary fax modem and it is not working anymore.
Which of the following has the technician failed to do?
A. Proper P2V migration
B. Establish requirements
C. Performance baseline
D. Virtual storage migration
Correct Answer: B
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 778
A system administrator is creating images of the physical servers on the network to create multiple VMs.
Which of the following is this process called?
A. V2P
B. P2V
C. V2V
D. P2P
Correct Answer: B
Explanation
· live migration
powered-up.
· PlateSpin
QUESTION 779
Which of the following would physically block access to a zone from any device outside of the zone?
A. Hard zoning
B. Soft zoning
C. Access control lists
D. LUN masking
Correct Answer: A
Explanation
Soft Zoning vs. Hard Zoning

Soft zoning is zoning which is implemented in software.
Soft zoning uses filtering implemented in fibre channel switches to prevent ports from being seen from
outside of their assigned zones. The security vulnerability in soft zoning is that the ports are still accessible
if the user in another zone correctly guesses the fibre channel address.
Soft zone concept is that the enforcement relies on the WWN of the node in the fabric.
Soft Zoning means that the FC switch will place a host WWN in a zone, without dealing with the port
numbers they’re connected to in the FC switch.
Pros:
You can Connect to any port on the switch
Cons:
you will need to know to which port the host is connected to for maintenance purposes
Hard zoning is zoning which is implemented in hardware.
Hard zoning physically blocks access to a zone from any device outside of the zone.
Usually hard zoning is used when using VLANs. You would associate a port into a zone
QUESTION 780
An administrator is working on a guest operating system and needs access to the CD-ROM drive from the
host operating system to install a driver.
Which of the following describes what the administrator should use to accomplish this goal?
A. Remote hypervisor access
B. Resource redirection
C. Resource pooling
D. Dynamic resource allocation
Correct Answer: B
Explanation
Explanation
Physical resource redirection allows ports on a server to be mapped to a virtual machine to mount
interfaces such as USB, serial, and parallel ports.
QUESTION 781
The corporate security department is recommending that the administrator deploys Type I hypervisor
versus Type II.
Which of the following is a security concern in regards to deploying a Type II hypervisor?
A. Human error
B. Performance benchmarks
C. Additional software
D. Administration time
Correct Answer: C
Explanation
Explanation
Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 782
An administrator is tasked with encrypting all Personally Identifiable Information (PII) within a cloud based
database.
Which of the following types of encryption will ensure that ONLY this type of information is encrypted while
the rest of the database remains unencrypted?
A. File and folder encryption
B. Transport encryption
C. Hard drive encryption
D. Table encryption
Correct Answer: D
Explanation
Explanation
Table encryption allows you to encrypt tables or materialized views with sensitive data without the
performance impact that encrypting the entire database might cause. When table encryption is enabled,
table pages for the encrypted table, associated index pages, and temporary file pages are encrypted. The
transaction log pages that contain transactions on encrypted tables are also encrypted.
QUESTION 783
Which of the following ciphers consists of independent keys providing a key length of 168 bits?
A. 3DES
B. RC6
C. RC5
D. AES
Correct Answer: A
Explanation
Introduced in 1998, 3DES, also known as Triple DES, Triple DEA, TDEA, or the Triple Data Encryption
Algorithm, is a cryptographic cipher. It is a symmetric-key block cipher, meaning that the same key is used
to encrypt and decrypt data in fixed-length groups of bits called blocks.
It is called "Triple DES" because it applies the DES cipher three times when encrypting data. When DES
was originally developed in 1976, it used a key size of 56 bits, which was a sufficient level of security to
resist brute-force attacks. Since then computers have become cheaper and more powerful, enabling the
3DES algorithm to apply DES three times consecutively; essentially stopping brute-force on modern
computers.
QUESTION 784
A company wants to migrate its critical application to a public cloud but the security administrator is
concerned with the application's data confidentiality requirements.
Which of the following can be done to review if the appropriate management security controls are in place
at the provider?
A. Penetration testing
B. Vulnerability assessment
C. Performance and application testing
D. Policy and procedure audit
Correct Answer: D
Explanation
Policy and procedure audit provide stakeholders with an assessment of the effectiveness of the cloud
computing service provider’s internal controls and security, identify internal control deficiencies within the
customer organization and its interface with the service provider and provide audit stakeholders with an
assessment of the quality of and their ability to rely upon the service provider’s attestations regarding
internal controls.
QUESTION 785
A storage system that retains data in a flat address space is known as:
A. A hierarchical file system.
B. A NAS.
C. A DAS.
D. An OSD.
Correct Answer: D
Explanation
Explanation
OSD - Object Based Storage Devices store that data in the form of objects.
it uses flat address space that enables storage of large number of objects, an object contains used data
related metadata and other attributes.
Each object has a unique object Id generated using specialized algorithm
QUESTION 786
Which of the following service delivery models is MOST likely targeted towards an end-user?
A. SaaS
B. IaaS
C. DBaaS
D. BPaaS
Correct Answer: A
Explanation

the latest version.
new application.
integration.
users.
integration.
cloud ecosystem.
services.
QUESTION 787
Which of the following is LEAST suitable for online storage platforms?
A. SSD
B. SAN
C. VTL
D. NAS
Correct Answer: C
Explanation
Explanation
A virtual tape library (VTL) is a storage system consisting of hard disk drives (HDDs) that looks and acts
like a physical tape library.
VTLs are typically used for backup and data archiving purposes. The array of disks is presented to the
backup software as tape. Data is written sequentially, just as it would be as if it were being written to
rotating tape, but can be written and read more quickly because disk is the underlying media. In addition to
providing faster backup and recovery times, VTLs are scalable, can reduce operating costs and are
compatible with other storage features such as deduplication.
QUESTION 788
Which of the following access control methods would be BEST suited in a peer-to-peer network?
A. RBAC
B. MAC
C. DAC
D. SSO
Correct Answer: C
Explanation
Explanation
In computer security, discretionary access control (DAC) is a type of access control defined by the
Trusted Computer System Evaluation Criteria[1] "as a means of restricting access to objects based on the
identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a
subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to
any other subject (unless restrained by mandatory access control)".
Discretionary access control is commonly discussed in contrast to mandatory access control (MAC,
sometimes termed non-discretionary access control). Occasionally a system as a whole is said to have
"discretionary" or "purely discretionary" access control as a way of saying that the system lacks mandatory
access control. On the other hand, systems can be said to implement both MAC and DAC simultaneously,
where DAC refers to one category of access controls that subjects can transfer among each other, and
MAC refers to a second category of access controls that imposes constraints upon the first.
QUESTION 789
Which of the following are VM template hardening techniques? (Select TWO).
A. Joining a domain
B. IP address configuration
C. Deactivating default accounts
D. OS patching
E. Disabling all ports and services
Correct Answer: CD
Explanation
Explanation
security tips to hardening
Patch the Operating System
Patch Third Party Applications
Disable Remote Root Access
Disable Root Console Access
Restrict Root Privileges
Enable and Configure Firewall
Encrypt Network Transmissions
Two Factor Authentication
Security-Enhanced Linux (SELinux)
Reduce Attack Surface
Log Review
Limit SSH Access
Physical Security
Securing the BIOS
Securing the Boot Loader
Encrypt Data
Centralized Authentication
Enforce Strong Passwords
Password Aging
Account Lockout
Using SSH Keys
Host Based Intrusion Detection System (HIDS)
Virus/Malware Scanning
QUESTION 790
Clients of a cloud provider are able to access their information from a smart phone, tablet, and PC.
Which of the following characteristics of a cloud does this describe?
A. Ubiquitous access
B. Federated access
C. Resource pooling
D. Multi-tenancy
Correct Answer: A
Explanation
Explanation
Ubiquitous Access
Ubiquitous Access represents the ability for a cloud service to be widely accessible.
Establishing ubiquitous access for a cloud service can require support for a range of devices, transport
protocols, interfaces, and security technologies.
To enable this level of access generally requires that the cloud service architecture be tailored to the
particular needs of different cloud service consumers.
QUESTION 791
The actual data within an object store is called the:
A. Blob
B. Extended metadata
C. Object ID
D. Metadata
Correct Answer: A
Explanation
Explanation
BLOB (binary large object)
In computers, a BLOB (binary large object), pronounced BLAHB and sometimes spelled in all lower case, is
a large file, typically an image or sound file, that must be handled (for example, uploaded, downloaded, or
stored in a database) in a special way because of its size. According to Eric Raymond, the main idea about
a BLOB is that the handler of the file (for example, the database manager) has no way of understanding the
file in order to figure out how to deal with it - it might as well be a large piece of coal, but there it is and now
what? Other sources emphasize that the term was coined to refer to big data objects and to connote the
problems they sometimes present in handling them. One application that deals with BLOBs is the database
storage of large multimedia objects, such as films and television programs.
QUESTION 792
An administrator has received a request for a disaster recovery solution that will allow the company to bring
the payroll system up within two to three weeks of a disaster being declared.
Which of the following would meet the MINIMUM requirements of this objective?
A. Cold site
B. Warm site
C. Satellite site
D. Hot site
Correct Answer: A
Explanation
There are three different types of backup sites:

Cold backup sites
A cold backup site is little more than an appropriately configured space in a building. Everything required to
restore service to your users must be procured and delivered to the site before the process of recovery can
begin. As you can imagine, the delay going from a cold backup site to full operation can be substantial.
Warm backup sites
your data center. To restore service, the last backups from your off-site storage facility must be delivered,
and bare metal restoration completed, before the real work of recovery can begin.
Hot backup sites
QUESTION 793
An administrator is building a VM for a department whose requirements mandate that a particular vendor's
application run on one physical processor.
In order to ensure that this requirement is met while ensuring optimal performance, which of the following
should the administrator configure?
A. Memory affinity
B. Licensing
C. CPU hyperthreading
D. CPU affinity
Correct Answer: D
Explanation
CPU affinity enables binding a process or multiple processes to a specific CPU core in a way that the
processes will run from that specific core only. When trying to perform performance testing on a host with
many cores, it is wise to run multiple instances of a process, each one on different core. This enables
higher CPU utilization.
QUESTION 794
Which of the following is a type of hypervisor that runs on another operating system instead of running
directly on the host's hardware?
A. Type II
B. Indirect access
C. Direct access
D. Type I
Correct Answer: A
Explanation
types of hypervisors: Type 1 and Type 2.

Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 795
Which of the following is a disk interface type that has the BEST performance?
A. NAS
B. SAN
C. SAS
D. SSD
Correct Answer: C
Explanation
serial-attached SCSI (SAS)

Serial-attached SCSI (SAS) is a method used in accessing computer peripheral devices that employs a
serial (one bit at a time) means of digital data transfer over thin cables. The method is specified in the
American National Standard Institute (ANSI) standard called Serial-attached SCSI (Small Computer System
Interface), also known as ANSI/INCITS 376-2003. In the business enterprise, serial-attached SCSI is
especially of interest for access to mass storage devices, particularly external hard drives and magnetic
tape drives
QUESTION 796
An administrator needs to provide Internet access to all internal systems using a single IP address.
Which of the following should the administrator implement?
A. NAT
B. Virtual switching
C. VLAN tagging
D. PAT
Correct Answer: D
Explanation
Explanation:
Network Address Translation (NAT) and Port Address Translation (PAT) are both defined in RFC 2766.
In a nutshell Network Address Translation (NAT) provides a one-to-one translation from IP Address to
IP address. This is commonly used in an organization that wants to give an internal system access to the
Internet with a single public IP address translating to a single IP address in the private address space.
In a Port Address Translation (PAT) there is a many-to-one relationship. This is commonly used on a
firewall when a corporation wants all IP addresses in its internal network to use a single IP address. For
example, a company may want all PCs that browse the Internet to show the same IP address. The firewall
will be setup to use PAT to achieve this.
QUESTION 797
Which of the following should an administrator perform to harden a VM that has been provisioned in a
public cloud environment before deploying the system?
A. Defrag system
B. Update drivers
C. Disable firewall
D. Patch system
Correct Answer: D
Explanation
Explanation
Hardening activities include:
Keeping security patches updated
Installing firewall
Closing certain ports
Not allowing file sharing among programs
Installing virus and spyware protection
Creating strong passwords
Keeping a backup
Disabling cookies
Using encryption when possible
QUESTION 798
Which of the following solutions primarily relies on private cloud resources but may use public cloud
resources based on capacity requirements?
A. Rapid deployment
B. Cloud bursting
C. Multi-tenancy
D. Pay-as-you-grow
Correct Answer: B
Explanation
Explanation
Cloud bursting is an application deployment model in which an application runs in a private cloud or data
center and bursts into a public cloud when the demand for computing capacity spikes. The advantage of
such a hybrid cloud deployment is that an organization only pays for extra compute resources when they
are needed.
QUESTION 799
Which of the following can be used to encrypt data at rest on a VM located in the cloud?
A. AES
B. SSL
C. TLS
D. VPN
Correct Answer: A
Explanation
Explanation
Data at rest in information technology means inactive data that is stored physically in any digital form (e.g.
databases, data warehouses, spreadsheets, archives, tapes, off-site backups, mobile devices etc.).
Data at rest is used as a complement to the terms data in use and data in transit which together define the
three states of digital data
The encryption of data at rest should only include strong encryption methods such as AES or RSA.
Data in use is an information technology term referring to active data which is stored in a non-persistent
digital state typically in computer random access memory (RAM), CPU caches, or CPU registers.
Data in transit is defined into two categories, information that flows over the public or untrusted network
such as the internet and data which flows in the confines of a private network such as a corporate or
enterprise Local Area Network (LAN).
Client/Application Encryption: Data is encrypted on the endpoint or server before being sent across
the network or is already stored in a suitable encrypted format. This includes local client (agent-based)
encryption (e.g., for stored files) or encryption integrated in applications.
Link/Network Encryption: Standard network encryption techniques including SSL, VPNs, and SSH.
Can be hardware or software. End to end is preferable but may not be viable in all architectures.
Proxy Based Encryption: Data is transmitted to a proxy appliance or server, which encrypts before
sending further on the network. Often a preferred option for integrating into legacy applications but is
not generally recommended.
QUESTION 800
Which of the following can be used to protect data integrity when information is being written to a SAN from
multiple clients?
A. Port Zoning
B. SAN Zoning
C. LUN Masking
D. Multipathing
Correct Answer: C
Explanation
LUN masking is a further constraint added to LUN zoning to ensure that only devices authorized to access
a specific server can access the corresponding port.
A logical unit number (LUN) is a unique identifier that designates individual hard disk devices or grouped
devices for address by a protocol associated with a SCSI, iSCSI, Fibre Channel (FC) or similar interface.
LUNs are central to the management of block storage arrays shared over a storage area network (SAN).
LUN masking subdivides access to a given port. Then, even if several LUNs are accessed through the
same port, the server masks can be set to limit each server's access to the appropriate LUNs. LUN
masking is typically conducted at the host bus adapter (HBA) or switch level.
QUESTION 801
Which of the following describes the access control method where data owners authorize who is granted
access to their files?
A. Mandatory access control
B. Role-based access control
C. Access control list
D. Discretionary access control
Correct Answer: D
Explanation
Discretionary access controls differ from mandatory access controls by giving users the ability to grant or
assign rights to objects and make decisions for themselves as compared to the centrally controlled method
used by mandatory access controls.
QUESTION 802
Which of the following should be installed on VMs to report and take action against potential threats?
A. NIDS
B. HIPS
C. NIPS
D. HIDS
Correct Answer: B
Explanation
Explanation
A host intrusion prevention system (HIPS) is an approach to security that relies on third-party software
tools to identify and prevent malicious activities.
Host-based intrusion prevention systems are typically used to protect endpoint devices. Once malicious
activity is detected, the HIPS tool can take a variety of actions, including sending an alarm to the computer
user, logging the malicious activity for future investigation, resetting the connection, dropping malicious
packets and blocking subsequent traffic from the suspect IP address. Some host intrusion prevention
systems allow users to send logs of malicious activity and fragments of suspicious code directly to the
vendor for analysis and possible identification.
QUESTION 803
A small business is moving ten physical servers to the cloud. Which of the following should the cloud
provider implement to ensure that all ten servers
can dynamically share memory resources with other tenants as needed while not interfering with the other
tenants?
A. Soft limits
B. Load balancing
C. Resource pooling
D. Caching
Correct Answer: C
Explanation
Explanation
private
community
public
hybrid
Multi-tenancy
infrastructures.
QUESTION 804
A catastrophic disk failure occurred on a company's critical database.
After a technician performs a full system restore, one of the business units realizes that the current backup
does not hold fresh enough information.
Which of the following should the company revise?
A. RTO
B. MTTR
C. RPO
D. MTBF
Correct Answer: C
Explanation
RPO: Recovery Point Objective

Recovery Point Objective (RPO) describes the interval of time that might pass during a disruption before
the quantity of data lost during that period exceeds the Business Continuity Plan’s maximum allowable
threshold or “tolerance.”
RTO: Recovery Time Objective
The Recovery Time Objective (RTO) is the duration of time and a service level within which a business
process must be restored after a disaster in order to avoid unacceptable consequences associated with a
break in continuity. In other words, the RTO is the answer to the question: “How much time did it take to
recover after notification of business process disruption?“
QUESTION 805
In order to enhance security on a SAN, which of the following should be configured?
A. ZFS
B. LUN
C. VSAN
D. Zoning
Correct Answer: D
Explanation
zoning
In a storage area network (SAN), zoning is the allocation of resources for device load balancing and for
selectively allowing access to data only to certain users. Essentially, zoning allows an administrator to
control who can see what in a SAN.
Zoning is done using a structure similar to that of a computer file system. A zone is the equivalent of a
folder or directory. Zoning can be either hard or soft. In hard zoning, each device is assigned to a particular
zone, and this assignment does not change. In soft zoning, device assignments can be changed by the
network administrator to accommodate variations in the demands on different servers in the network.
The user of zoning is said to minimize the risk of data corruption, help secure data against hackers, slow
the spread of viruses and worms, and minimize the time necessary for servers to reboot. However, zoning
can complicate the scaling process if the number of users and servers in a SAN increases significantly in a
short period of time.
QUESTION 806
A system administrator wants to create a mitigation strategy to quickly roll back a virtual image after
applying the latest updates.
Which of the following would the administrator utilize?
A. File backup
B. Snapshot
C. Offline backup
D. Image backup
Correct Answer: B
Explanation
A snapshot captures the entire state of the virtual machine at the time you take the snapshot.
Snapshots are useful when you need to revert repeatedly to the same state but you don't want to create
multiple virtual machines.
A snapshot includes the following information:
Contents of the virtual machine’s memory
Virtual machine settings
State of all the virtual machine’s virtual disks
QUESTION 807
Which of the following access control types allows users to assign security attributes to objects such as files
and directories?
A. Role based
B. Mandatory
C. Discretionary
D. Rule set based
Correct Answer: C
Explanation
Discretionary access controls differ from mandatory access controls by giving users the ability to grant or
assign rights to objects and make decisions for themselves as compared to the centrally controlled method
used by mandatory access controls.
QUESTION 808
Which of the following will provide the MOST network address information possible for a system that
belongs to a tenant in a private cloud?
A. ipconfig
B. telnet
C. traceroute
D. nslookup
Correct Answer: A
Explanation
IPConfig is a command-line tool that displays the current configuration of the installed IP stack on a
networked computer.
When used with the /all switch, it displays a detailed configuration report for all interfaces, including any
configured WAN miniports (typically used for remote access or VPN connections). Output can be redirected
to a file and pasted into other documents.
QUESTION 809
Which of the following is a MINIMUM requirement for VM online migration?
A. Same CPU family between source and target hosts.
B. Same network equipment between source and target hosts.
C. Same hardware vendor for the datacenter.
D. Same hypervisor versions between source and target hosts.
Correct Answer: A
Explanation
Virtual machines cannot be live migrated or saved and restored across virtualization hosts that use
processors from different CPU manufacturers. For example, you cannot move running virtual machines or
virtual machine saved state from a host with Intel processors to a host with AMD processors. If you must
move a virtual machine in this case, the virtual machine must first be shut down, then restarted on the new
host.
Instruction set architecture (ISA) extensions are optimizations and features that are introduced by
processor manufacturers. These features often improve performance or security by using specialized
hardware for a particular task. For example, many media applications make use of processor features to
speed up vector calculations. These features are rarely required for applications to run; they simply boost
performance.
The feature set that is available on a processor varies depending on its make, model, and age. Operating
systems and application software typically enumerate the system’s processor feature set and capabilities
when they are first launched. Software doesn’t expect the available processor features to change during
their lifetime—and of course, this could never happen when running on a physical computer because
processor features are static.
However, virtual machine mobility features allow a running virtual machine to be migrated to a new
virtualization host. If software in the virtual machine has detected and started using a particular processor
feature, and it gets moved to a new virtualization host that lacks that capability, the software is likely to fail.
This could result in the virtual machine crashing.
QUESTION 810
Ubiquitous access to cloud computing means:
A. access by any person
B. access by any device through any network connection
C. access by authorized personnel only
D. international access across country borders
Correct Answer: B
Explanation
Ubiquitous Access represents the ability for a cloud service to be widely accessible. Establishing ubiquitous
access for a cloud service can require support for a range of devices, transport protocols, interfaces, and
security technologies. To enable this level of access generally requires that the cloud service architecture
be tailored to the particular needs of different cloud service consumers.
QUESTION 811
Which of the following access control methods could allow for a network user to sign onto their corporate
network and their supplier's network portal
without having to enter their ID and password more than once?
A. Discretionary access control
B. Mandatory access control
C. Role-based access control
D. Federated access control
Correct Answer: D
Explanation
the group.
QUESTION 812
Which of the following is MOST important when working in highly available virtual environments?
A. Storage VLAN
B. Virtual network
C. Wide area network
D. Heartbeat VLAN
Correct Answer: D
Explanation
In computer clusters, heartbeat network is a private network which is shared only by the cluster nodes, and
is not accessible from outside the cluster. It is used by cluster nodes in order to monitor each node's status
and communicate with each other.
QUESTION 813
Network statistics show that the 1Gbps switch port used for storage traffic is fully saturated. Which of the
following switch technologies can be used to
provide twice the bandwidth?
A. NAT
B. Multipathing
C. Link aggregation
D. VLAN
Correct Answer: C
Explanation
Link aggregation is a way of bundling a bunch of individual (Ethernet) links together so they act like a single
logical link.
If you have a switch with a whole lot of Gigabit Ethernet ports, you can connect all of them to another device
that also has a bunch of ports and balance the traffic among these links to improve performance.
Another important reason for using link aggregation is to provide fast and transparent recovery in case one
of the individual links fails.
Individual packets are kept intact and sent from one device to the other over one of the links. In fact, the
protocol usually tries to keep whole sessions on a single link. A packet from the next conversation could go
over a different link.
The idea is to achieve improved performance by transmitting several packets simultaneously down different
links. But standard Ethernet link aggregation never chops up the packet and sends the bits over different
links.
The official IEEE standard for link aggregation used to be called 802.3ad, but is now 802.1AX, as I will
explain later. However, several vendors have also developed their own proprietary variants.
Common link aggregation terminology
A lot of potentially confusing terms appear in any discussion of link aggregation. So let’s quickly review
them before digging a bit further into the technology.
A group of ports combined together is called a link aggregation group, or LAG.
Different vendors have their own terms for the concept. A LAG can also be called a port-channel, a bond,
or a team.
The rule that defines which packets are sent along which link is called the scheduling algorithm.
The active monitoring protocol that allows devices to include or remove individual links from the LAG is
called Link Aggregation Control Protocol (LACP).
QUESTION 814
A technician wants to remotely gather a list of all the software running on the client PCs throughout the
organization. Which of the following should be
used to gather this information?
A. WMI
B. SQL
C. Syslog
D. SNMP
Correct Answer: A
Explanation
Windows Management Instrumentation (WMI) is the Microsoft implementation of Web-Based Enterprise

Management (WBEM), which is an industry initiative to develop a standard technology for accessing
management information in an enterprise environment. WMI uses the Common Information Model (CIM)
industry standard to represent systems, applications, networks, devices, and other managed components.
CIM is developed and maintained by the Distributed Management Task Force (DMTF).
QUESTION 815
Which of the following describes federated access control?
A. Secure Sockets Layer
B. Trusted
C. Digital Identity
D. Federated Communication
Correct Answer: B
Explanation
the group.
QUESTION 816
An administrator has implemented a self-service provisioning portal in the company and has associated a
cost to CPU, memory, storage, and OS type.
Which of the following cloud computing options has been configured?
A. Cloud bursting
B. Chargeback
C. Multi-tenancy
D. Reservations
Correct Answer: B
Explanation
Chargeback involves accounting and departmental billing for computing resources consumed. It allows for
budgeting of computing expenses at the departmental or division level and is a service offered by cloud
providers that enables consumers to track usage and accounts for who is using the cloud services. It allows
visibility into which individuals or departments are actually using the service and for accounting departments
to track billing of cloud services.
are needed.
QUESTION 817
Which of the following would BEST ensure uninterrupted communication from the storage controller to the
SAN?
A. QoS
B. Multipathing
C. Zoning
D. Flow control
Correct Answer: B
Explanation
Multipathing allows you to have more than one network path between the source and destination devices.
Multipathing allows for fault tolerance and increased reliability as well as additional bandwidth. Should a
switch or link fail, the network would be resilient and survive, with the remaining links assuming the traffic
load.
QUESTION 818
Several clients hosted on a cluster, is BEST referred to as:
A. IaaS.
B. PaaS.
C. multi-tenancy.
D. on-premise hosting.
Correct Answer: C
Explanation
Multitenancy allows a resource to be segmented to serve multiple tenants. This is a very cost-effective
approach where the cost of the resource and its maintenance is shared among multiple customers.
QUESTION 819
Which of the following terms would describe a cloud characteristic that hosts separate customers on
shared infrastructure?
A. Flexible
B. Fractured
C. Diversified
D. Multi-tenancy
Correct Answer: D
Explanation
Multitenancy allows a resource to be segmented to serve multiple tenants. This is a very cost-effective
approach where the cost of the resource and its maintenance is shared among multiple customers.
QUESTION 820
A company needs to have a system that allows for high availability access to data for users. Which of the
following terms BEST describes how a
storage engineer would design the system to allow for that level of redundancy?
A. Dual homing
B. Traffic shaping
C. Network binding
D. Multipathing
Correct Answer: D
Explanation
load.
QUESTION 821
A company has two datacenters in different cities.
When one of the datacenters loses power, there is near instant failover to the other datacenter.
This is an example of which of the following?
A. Warm site
B. Hot site
C. Offsite storage
D. Backup
Correct Answer: B
Explanation

Cold backup sites
Warm backup sites
Hot backup sites
QUESTION 822
The Chief Information Officer (CIO) tells the IT department that all non business critical production
applications can be down for no more than 48 hours.
Which of the following has the CIO defined?
A. Failback
B. RPO
C. RTO
D. Failover
Correct Answer: C
Explanation

QUESTION 823
An administrator receives an automated text that indicates a server hosting a critical app is unavailable.
Upon further review, the server needs to be restored from backup.
Which of the following defines the amount of time a restore cannot exceed?
A. Failback
B. Failover
C. RTO
D. RPO
Correct Answer: C
Explanation

QUESTION 824
Which of the following offers 128, 192, and 256 bit encryption?
A. AES
B. DES
C. RC4
D. RC5
Correct Answer: A
Explanation
AES is the Advanced Encryption Standard. It is a symmetrical block cipher that has options to use three
lengths, including 128, 192, and 256 bits. With encryption, the longer the key length, the harder and longer
it will be to break the encryption. AES 256 is a very secure standard, and it would take an extremely long
time and a lot of processing power to even come close to breaking the code. The very long 256-bit key is
used to encrypt and decrypt traffic, and the same key is used in both directions. AES also implements
multiple hash functions to further protect and encrypt the data. AES has been approved and adopted by
many governments, including the United States and Canada, to encrypt sensitive data. AES has also been
adopted as a standard by the National Institute of Standards and Technology.
QUESTION 825
A company has hired a new Chief Security Officer (CSO).
While reviewing the company's RAID levels on business critical data volumes, the CSO has decided to
change the RAID level to allow for the best protection against number of disk failures.
Which of the following RAID levels will accomplish this?
A. RAID 0+1
B. RAID 1+0
C. RAID 1
D. RAID 6
Correct Answer: D
Explanation
Explanation
RAID 0 – striping
QUESTION 826
Elasticity is closely related to which of the following cloud characteristics?
A. On-demand
B. Pay-as-you-grow
C. Chargeback
D. On-premise hosting
Correct Answer: B
Explanation
Explanation
private
community
public
hybrid
Multi-tenancy
infrastructures.
QUESTION 827
Several servers are connected to a SAN using three storage devices and FCoE for transmissions.
These servers only need to access one SAN device.
All servers, the SAN, and the HBA are virtualized.
Which of the following should be used to ensure access is controlled appropriately between devices?
(Select TWO).
A. LUN Masking
B. Hard Zoning
C. Supernetting
D. Soft Zoning
E. Subnetting
Correct Answer: AD
Explanation
Soft Zoning vs. Hard Zoning
Soft zoning is zoning which is implemented in software.
Soft zoning uses filtering implemented in fibre channel switches to prevent ports from being seen from
outside of their assigned zones. The security vulnerability in soft zoning is that the ports are still accessible
if the user in another zone correctly guesses the fibre channel address.
Soft zone concept is that the enforcement relies on the WWN of the node in the fabric.
Soft Zoning means that the FC switch will place a host WWN in a zone, without dealing with the port
numbers they’re connected to in the FC switch.
Pros:
You can Connect to any port on the switch
Cons:
you will need to know to which port the host is connected to for maintenance purposes
Hard zoning is zoning which is implemented in hardware.
Hard zoning physically blocks access to a zone from any device outside of the zone.
Usually hard zoning is used when using VLANs. You would associate a port into a zone
QUESTION 828
An administrator is configuring access to hypervisors that will allow them to connect in the event that the
management network is down.
This type of access is referred to as:
A. Secure shell.
B. NIC teaming.
C. Out-of-band.
D. Serial port mapping.
Correct Answer: C
Explanation
In computer networks, out-of-band management involves the use of a dedicated channel for managing
network devices. This allows the network operator to establish trust boundaries in accessing the
management function to apply it to network resources. It also can be used to ensure management
connectivity (including the ability to determine the status of any network component) independent of the
status of other in-band network components.
QUESTION 829
Which of the following would be considered a cold site?
A. A site that has air conditioning available, but no heat
B. A duplicate site that has replication enabled
C. A site that has telecommunications and network available
D. A site that is completely functional and staffed
Correct Answer: C
Explanation

Cold backup sites
Warm backup sites
Hot backup sites
QUESTION 830
Which of the following may be used to provide certificate management within an organization?
A. SSH
B. IPSec
C. Kerberos
D. PKI
Correct Answer: D
Explanation
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys,
enabling users and computers to both securely exchange data over networks such as the Internet and
verify the identity of the other party.
Without PKI, sensitive information can still be encrypted (ensuring confidentiality) and exchanged, but there
would be no assurance of the identity (authentication) of the other party. Any form of sensitive data
exchanged over the Internet is reliant on PKI for security.
Elements of PKI
A typical PKI consists of hardware, software, policies and standards to manage the creation, administration,
distribution and revocation of keys and digital certificates. Digital certificates are at the heart of PKI as they
affirm the identity of the certificate subject and bind that identity to the public key contained in the certificate.
QUESTION 831
Which of the following provides a company with the BEST equipment to minimize downtime in the event of
catastrophic damage to their main datacenter?
A. Warm site
B. Offsite storage
C. Hot site
D. Cold site
Correct Answer: C
Explanation
Cold backup sites
Warm backup sites
Hot backup sites
QUESTION 832
Which of the following is a file transfer protocol that would be MOST appropriate for transferring sensitive
data?
A. Telnet
B. TFTP
C. HTTPS
D. SFTP
Correct Answer: D
Explanation
The SSH File Transfer Protocol (SFTP) is a network protocol that provides file access, file transfer, and
file management functionalities over secure connection. It was designed by the Internet Engineering Task
Force (IETF) as an extension of the Secure Shell protocol (SSH) version 2.0 to provide secure file transfer
capability.
QUESTION 833
Which of the following storage technologies uses file level access?
A. NAS
B. iSCSI
C. SAN
D. FCoE
Correct Answer: A
Explanation
The two most popular storage system technologies are file level storage and block level storage.
File level storage is seen and deployed in Network Attached Storage (NAS) systems.
Block level storage is seen and deployed in Storage Area Network (SAN) storage.
File Level Storage – This storage technology is most commonly used for storage systems, which is found
in hard drives, NAS systems and so on. In this File Level storage, the storage disk is configured with a
protocol such as NFS or SMB/CIFS and the files are stored and accessed from it in bulk.
The File level storage is simple to use and implement.
It stores files and folders and the visibility is the same to the clients accessing and to the system which
stores it.
This level storage is inexpensive to be maintained, when it is compared to its counterpart i.e. block level
storage.
Network attached storage systems usually depend on this file level storage.
File level storage can handle access control, integrate integration with corporate directories; and so on.
“Scale Out NAS” is a type of File level storage that incorporates a distributed file system that can scale a
single volume with a single namespace across many nodes.
Scale Out NAS File level storage solutions can scale up to several petabytes all while handling thousands
of clients.
As capacity is scaled out, performance is scaled up.
Block Level Storage – In this block level storage, raw volumes of storage are created and each block can
be controlled as an individual hard drive.
These Blocks are controlled by server based operating systems and each block can be individually
formatted with the required file system.
Block level storage is usually deployed in SAN or storage area network environment.
This level of storage offers boot-up of systems which are connected to them.
Block level storage can be used to store files and can work as storage for special applications like
databases, Virtual machine file systems and so on.
Block level storage data transportation is much efficient and reliable.
Block level storage supports individual formatting of file systems like NFS, NTFS or SMB (Windows) or
VMFS (VMware) which are required by the applications.
Each storage volume can be treated as an independent disk drive and it can be controlled by external
server operating system.
Block level storage uses iSCSI and FCoE protocols for data transfer as SCSI commands act as
communication interface in between the initiator and the target.
QUESTION 834
Which of the following are SAN protocols? (Select TWO).
A. Fibre Channel
B. iSNS
C. NFS
D. iSCSI
E. TCP/IP
F. CIFS
Correct Answer: AD
Explanation
Storage area networks (SANs) are partially defined by their interconnection scheme -- Fibre Channel or
iSCSI.
FC technology is clearly the most popular approach for enterprise data center storage area networks. FC
supports communication between servers and storage devices at 2 Gbps, though 4 Gbps implementations
are now common, and 10 Gbps implementations are expected in the future.
iSCSI is an emerging Internet Engineering Task Force standard that allows SCSI commands to support
data storage and retrieval over Ethernet networks that include LANs, WANs and the Internet.
QUESTION 835
Which of the following is often used by a certificate to keep the contents of the page confidential?
A. 3DES
B. AES
C. RSA
D. RC4
Correct Answer: C
Explanation
RSA (Rivest–Shamir–Adleman) is one of the first public-key cryptosystems and is widely used for secure
data transmission. In such a cryptosystem, the encryption key is public and it is different from the decryption
key which is kept secret (private).
QUESTION 836
A bare metal hypervisor runs:
A. On a virtual database server.
B. On a virtual machine.
C. Directly on a physical machine.
D. On top of another operating system.
Correct Answer: C
Explanation

Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 837
Which of the following is a boot type that requires a NIC when provisioning a hypervisor on bare metal?
A. SCSI
B. PXE
C. IDE
D. ISO
Correct Answer: B
Explanation
Preboot eXecution Environment (PXE, sometimes pronounced as pixie) specification describes a

standardized client-server environment that boots a software assembly, retrieved from a network, on PXEenabled
clients. On the client side it requires only a PXE-capable network interface controller (NIC), and
uses a small set of industry-standard network protocols such as DHCP and TFTP.
QUESTION 838
A storage administrator has just partitioned storage to several of the servers.
Another layer of security has been added to the storage access to complement the fabric zoning.
Which of the following layers of security did the administrator implement on the storage array?
A. Disk encryption
B. CHAP authentication
C. LUN masking
D. End-to-end encryption
Correct Answer: C
Explanation
QUESTION 839
Multipathing achieves which of the following high availability objectives? (Select TWO).
A. Redundancy
B. Site mirroring
C. Fault tolerance
D. Recovery point objective
E. Replication
Correct Answer: AC
Explanation
load.
QUESTION 840
Which of the following cryptographic technologies is MOST likely to be used to protect data at rest?
A. IPSEC
B. SSL/TLS
C. AES
D. RSA
Correct Answer: C
Explanation
QUESTION 841
A system administrator has been tasked with increasing redundancy after a hard drive failure caused
significant productivity loss for a company.
The administrator suggests creating several routes to reach the storage array.
Which of the following is the administrator suggesting to solve this issue?
A. Virtual LUN
B. Virtual NIC
C. Multipathing
D. Zoning
Correct Answer: C
Explanation
load.
QUESTION 842
Which of the following tools is used to manage virtual servers?
A. Performance monitor
B. Host bus adapter
C. Hypervisor guest tools
D. Network sniffer
Correct Answer: C
Explanation
After the VM is installed on the hypervisor, additional drivers and utilities, known as guest tools, are installed
on the VM. These tools are provided by the hypervisor software vendor to optimize the interaction between
the VM and the hypervisor and eliminate compatibility issues. They also allow enhanced file sharing,
mouse, sound, graphics, and networking performance. Guest tools also allow virtual drives to run on the
virtual machines. This allows the VM to mount drive devices such as CD ROM and USB drives. Also, by
installing the guest tools, VM management is enhanced and additional services such as cut and paste are
added.
QUESTION 843
Which of the following would MOST likely require a cold migration?
A. Moving VMs between hosts on different continents
B. Moving VMs between hosts with different RAM configurations
C. Moving VMs between hosts with different CPU architectures
D. Moving VMs between hosts in different network segments
Correct Answer: C
Explanation
Virtual machines cannot be live migrated or saved and restored across virtualization hosts that use
processors from different CPU manufacturers. For example, you cannot move running virtual machines or
virtual machine saved state from a host with Intel processors to a host with AMD processors. If you must
move a virtual machine in this case, the virtual machine must first be shut down, then restarted on the new
host.
Instruction set architecture (ISA) extensions are optimizations and features that are introduced by
processor manufacturers. These features often improve performance or security by using specialized
hardware for a particular task. For example, many media applications make use of processor features to
speed up vector calculations. These features are rarely required for applications to run; they simply boost
performance.
The feature set that is available on a processor varies depending on its make, model, and age. Operating
systems and application software typically enumerate the system’s processor feature set and capabilities
when they are first launched. Software doesn’t expect the available processor features to change during
their lifetime—and of course, this could never happen when running on a physical computer because
processor features are static.
However, virtual machine mobility features allow a running virtual machine to be migrated to a new
virtualization host. If software in the virtual machine has detected and started using a particular processor
feature, and it gets moved to a new virtualization host that lacks that capability, the software is likely to fail.
This could result in the virtual machine crashing.
QUESTION 844
An enterprise hypervisor offers which of the following benefits over a workstation hypervisor?
A. Ability to create templates
B. Ability to provision more than 2 vCPUs
C. Snapshots
D. Live storage migration
Correct Answer: D
Explanation
What makes a hypervisor “enterprise”? All of the most popular offerings can be deployed by small or large
businesses alike and provide a range of control options for IT. To earn the epithet of enterprise, however,
there’s a common trio of characteristics: bare metal deployment, robust support, along with the ability to
utilize resources efficiently.
At a minimum for successful live migration of virtual machines to be possible:
The source and destination host must both be members of the same cluster, ensuring CPU
compatibility between them.
The source and destination host must have a status of Up.
The source and destination host must have access to the same virtual networks and VLANs.
The source and destination host must have access to the data storage domain on which the virtual
machine resides.
There must be enough CPU capacity on the destination host to support the virtual machine's
requirements.
There must be enough RAM on the destination host that is not in use to support the virtual machine's
requirements.
In addition, for best performance, it is recommended that the storage and management networks should be
split to avoid network saturation. Virtual machine migration involves transferring large amounts of data
between hosts.
QUESTION 845
Which of the following is used to handle non-sensitive information in a datacenter and can be moved to the
public cloud to free up local resources and meet high demands?
A. Chargeback
B. Cloud bursting
C. Automation
D. Rapid deployment
Correct Answer: B
Explanation
are needed.
QUESTION 846
An IT professional is considering the migration of an on-line store to the cloud due to high variation in
demand.
Which of the following cloud characteristics is key?
A. Elasticity
B. Security
C. Scalability
D. Standardization
Correct Answer: A
Explanation
QUESTION 847
Which of the following can be used to encrypt data at rest on a VM located in the cloud?
A. AES
B. SSL
C. TLS
D. VPN
Correct Answer: A
Explanation
QUESTION 848
Which of the following is true about a Type II hypervisor?
A. It requires a primary hypervisor to function properly.
B. It implements stronger security controls than a Type I supervisor at the same patch level.
C. It provides slower performance than a Type I hypervisor installed on the same hardware.
D. It provides direct hardware access through the use of specialized drivers.
Correct Answer: C
Explanation

Type 1 hypervisors
Type 2 hypervisors
more efficient.
QUESTION 849
In a discretionary mode, which of the following entities is authorized to grant information access to other
people?
A. Manager
B. Group leader
C. Security manager
D. User
Correct Answer: D
Explanation
COMMENTS: Discretionary control is the most common type of access control mechanism implemented in
computer systems today.
The basis of this kind of security is that an individual user, or program operating on the user's behalf, is
allowed to specify explicitly the types of access other users (or programs executing on their behalf) may
have to information under the user's control.
Discretionary security differs from mandatory security in that it implements the access control decisions of
the user.
Mandatory controls are driven by the results of a comparison between the user's trust level or clearance
and the sensitivity designation of the information.
QUESTION 850
Which DES mode of operation is best suited for database encryption?
A. Cipher Block Chaining (CBC) mode
B. Cycling Redundancy Checking (CRC) mode
C. Electronic Code Book (ECB) mode
D. Cipher Feedback (CFB) mode
Correct Answer: C
Explanation
COMMENTS: The DES algorithm in Electronic Codebook (ECB) mode is used for DEK and MIC encryption
when symmetric key management is employed. The character string "DES-ECB" within an encapsulated
PEM header field indicates use of this algorithm/mode combination. A compliant PEM implementation
supporting symmetric key management shall support this algorithm/mode combination. This mode of DES
encryption is the best suited for database encryption because of its low overhead.
ECB Mode has some weakness, here they are:
1. ECB Mode encrypts a 64-bit block independently of all other 64-bit blocks
2. Given the same key, identical plaintext will encrypt the same way
3. Data compression prior to ECB can help (as with any mode)
4. Fixed block size of 64 bits therefore incomplete block must be padded
QUESTION 851
Within the realm of IT security, which of the following combinations best defines risk?
A. Threat coupled with a breach.
B. Threat coupled with a vulnerability.
C. Vulnerability coupled with an attack.
D. Threat coupled with a breach of security.
Correct Answer: B
Explanation
COMMENTS: This is the main concept, when we talk about a possible risk we always have a possible
vulnerability in the system attacked.
This vulnerability can make a threat to be successful.
We can say that the level of risk can be measures through the level of vulnerabilities in our current systems
and the ability of the attackers to exploit them to make a threat successful.
QUESTION 852
Which of the following would be the best reason for separating the test and development environments?
A. To restrict access to systems under test.
B. To control the stability of the test environment.
C. To segregate user and development staff.
D. To secure access to systems under development.
Correct Answer: B
Explanation
This is the right answer, with a separation of the two environments (Test and development), we can get a
more stable and more "in control" environment,
Since we are making tests in the development environment, we don't want our production processes there,
we don't want to experiment things in our production processes.
With a separation of the environments we can get a more risk free production environment and more
control and flexibility over the test environment for the developers.
QUESTION 853
Which of the following statements pertaining to dealing with the media after a disaster occurred and
disturbed the organizations activities is incorrect?
A. The CEO should always be the spokesperson for the company during a disaster.
B. The disaster recover plan must include how the media is to be handled during the disaster.
C. The organization's spokesperson should report bad news before the press gets a hold of it through
another channel.
D. An emergency press conference site should be planned ahead.
Correct Answer: A
Explanation
COMMENTS: This is not a good practice, we cannot involves the CEO of the company to deal with the
media in every case we have a disaster, depending on the severity of the disaster we can make the CEO
talk, but the best practice in the real world is to have a well-known person with that role, with special
speaking capabilities and knowledge about press methods. In general, the CEO always gets news of what
happened, and he decides the company politics, then another designed employee (Usually from the
disaster recovery team) deals with the media.
QUESTION 854
A Business Impact Analysis (BIA) does not:
A. Recommend the appropriate recovery solution.
B. Determine critical and necessary business functions and their resource dependencies.
C. Identify critical computer applications and the associated outage tolerance.
D. Estimate the financial impact of a disruption.
Correct Answer: A
Explanation
COMMENTS: Remember that when we talk about a BIA (Business Impact Analysis), we are analyzing and
identifying possible issues about our infrastructure, in this kind of analysis we don't make suggestions about
what to do to recover from them. This is not an action plan, It's an analysis about the business, the process
that it relays on, the level of the systems and a estimative of the financial impact, or in other words, how
much many we loose with our systems down.
QUESTION 855
Which access control model enables the owner of the resource to specify what subjects can access
specific resources?
A. Discretionary Access Control
B. Mandatory Access Control
C. Sensitive Access Control
D. Role -based Access Control
Correct Answer: A
Explanation
COMMENTS: Discretionary Access Control (DAC) is used to control access by restricting a subject's
access to an object. It is generally used to limit a user's access to a file. In this type of access control it is
the owner of the file who controls other users' accesses to the file. Using a DAC mechanism allows users
control over access rights to their files. When these rights are managed correctly, only those users
specified by the owner may have some combination of read, write, execute, etc. permissions to the file.
QUESTION 856
At which of the following phases of a software development life cycle are security and access controls
normally designed?
A. Coding
B. Product design
C. Software plans and requirements
D. Detailed design
Correct Answer: D
Explanation
Security controls and access controls are normally designed in the "Detailed" phase of design.
In this phase you have the design of many of the security features of your development like authentication,
confidentiality functionality, non repudiation capabilities.
In this phase you can also define what is going to be the access control method for the software, we can
make it discretionary (less restrictive), mandatory (more restrictive), role based and others.
QUESTION 857
Which type of control would password management classify as?
A. Compensating control
B. Detective control
C. Preventive control
D. Technical control
Correct Answer: C
Explanation
Preventive technical controls are used to prevent unauthorized personnel or programs from gaining remote
access to computing resources.
Examples of these controls include:
· Access control software.
· Antivirus software.
· Library control systems.
· Passwords and Password management.
· Smart cards.
· Encryption.
· Dial-up access control and callback systems.
About Passwords:
Passwords are used to verify that the user of an ID is the owner of the ID.
The ID-password combination is unique to each user and therefore provides a means of holding users
accountable for their activity on the system.
Fixed passwords that are used for a defined period of time are often easy for hackers to compromise;
therefore, great care must be exercised to ensure that these passwords do not appear in any dictionary.
Fixed passwords are often used to control access to specific data bases. In this use, however, all persons
who have authorized access to the data base use the same password; therefore, no accountability can be
achieved. Currently, dynamic or one-time passwords, which are different for each log-on, are preferred over
fixed passwords. Dynamic passwords are created by a token that is programmed to generate passwords
randomly.
The management of those passwords is part of Preventive control.
QUESTION 858
Due care is not related to:
A. Good faith
B. Prudent man
C. Profit
D. Best interest
Correct Answer: C
Explanation
COMMENTS: This is obviously a term not related to Profit, a "due" is not going to give us profit, its going to
give us the opposite. Its always a good practice to pay your due.
This can be learned in the real life. A Prudent man always pays its due, also a Good faith men pays them.
This term is not related to profit.
QUESTION 859
A password that is the same for each log-on session is called a?
A. "one-time password"
B. "two-time password"
C. static password
D. dynamic password
Correct Answer: C
Explanation
COMMENTS: A Static password is one that remains the same until its changed. Its like the password that
we use in the operating systems, you set it, and then you always use the same password to logon to the
system for the time of the session. This password will give us access to the system and will be the vehicle
to create our access token in a successful way to get our privileges. A one-time password is only valid for
one use, dynamic ones change every certain condition is met, and two-time passwords can only be used
two times. We can provide certain times of access with this kind of passwords.
QUESTION 860
Which of the following backup methods is most appropriate for off-site archiving?
A. Incremental backup method.
B. Off-site backup method.
C. Full backup method.
D. Differential backup method.
Correct Answer: C
Explanation
COMMENTS: Since we want to maintain the backups offsite, its always better to send FULL-Backups
because they contain a consistent base of the system. We perform the beginning of a restore through a full
backup. Remember that the backups stored offsite are in most cases in a secure place, full backup in there
are a best practice for any network administrator. With incremental or differential backups we don't have all
we need to restore a system to a consistent state. We need to start from the full backup. "Offsite Backup" is
not a valid backup method.
QUESTION 861
Which of the following is not a weakness of symmetric cryptography?
A. Limited security
B. Key distribution
C. Speed
D. Scalability
Correct Answer: C
Explanation
COMMENTS: In secret key cryptography, a single key is used for both encryption and decryption. The
sender uses the key (or some set of rules) to encrypt the plaintext and sends the cipher text to the receiver.
The receiver applies the same key (or rule set) to decrypt the message and recover the plaintext. Because
a single key is used for both functions, secret key cryptography is also called symmetric encryption. With
this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that,
in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.
Symmetric encryption is around 1000 times faster than Asymmetric encryption, the second is commonly
used just to encrypt the keys for Symmetric Cryptography.
QUESTION 862
Which of the following attacks could be the most successful when the security technology is properly
implemented and configured?
A. Logical attacks
B. Physical attacks
C. Social Engineering attacks
D. Trojan Horse attacks
Correct Answer: C
Explanation
Social Engineering attacks - In computer security systems, this type of attack is usually the most
successful, especially when the security technology is properly implemented and configured.
Usually, these attacks rely on the faults in human beings. An example of a social engineering attack has a
hacker impersonating a network service technician.
The serviceman approaches a low-level employee and requests their password for network servicing
purposes.
With smartcards, this type of attack is a bit more difficult.
Most people would not trust an impersonator wishing to have their smartcard and PIN for service purposes.
QUESTION 863
What are the benefits of job rotation?
A. All of the choices.
B. Trained backup in case of emergencies.
C. Protect against fraud.
D. Cross training to employees.
Correct Answer: A
Explanation
Job assignments should be changed periodically so that it is more difficult for users to collaborate to
exercise complete control of a transaction and subvert it for fraudulent purposes. This principle is effective
when used in conjunction with a separation of duties. Problems in effectively rotating duties usually appear
in organizations with limited staff resources and inadequate training programs. Rotation of duties will protect
you against fraud; provide cross training to your employees, as well as assuring trained backup in case of
emergencies.
QUESTION 864
In order to avoid mishandling of media or information, you should consider to use:
A. Labeling
B. Token
C. Ticket
D. SLL
Correct Answer: A
Explanation
In order to avoid mishandling of media or information, proper labeling must be used.

All tape, floppy disks, and other computer storage media containing sensitive
information must be externally marked with the appropriate sensitivity classification.
All tape, floppy disks, and other computer storage media containing unrestricted
information must be externally marked as such.
All printed copies, printouts, etc., from a computer system must be clearly labeled
with the proper classification.
QUESTION 865
A method for a user to identify and present credentials only once to a system is known as:
A. SEC
B. IPSec
C. SSO
D. SSL
Correct Answer: C
Explanation
Single Sign-On (SSO) - This is a method for a users to identify and present credentials
only once to a system. Information needed for future system access to resources is
forwarded by the initial System.
BENEFITS
More efficient user log-on process
Users select stronger passwords
Inactivity timeout and attempt thresholds applied uniformly closer to user point of entry
Improved timely disabling of all network/computer accounts for terminated users
QUESTION 866
Which of the following correctly describe the features of SSO?
A. More efficient log-on.
B. More costly to administer.
C. More costly to setup.
D. More key exchanging involved.
Correct Answer: A
Explanation
Single Sign-On (SSO) - This is a method for a users to identify and present credentials
only once to a system. Information needed for future system access to resources is
forwarded by the initial System.
BENEFITS
More efficient user log-on process
Users select stronger passwords
Inactivity timeout and attempt thresholds applied uniformly closer to user point of entry
Improved timely disabling of all network/computer accounts for terminated users
QUESTION 867
What is a protocol used for carrying authentication, authorization, and configuration information between a
Network Access Server and a shared Authentication Server?
A. IPSec
B. RADIUS
C. L2TP
D. PPTP
Correct Answer: B
Explanation
RADIUS is a protocol for carrying authentication, authorization, and configuration

information between a Network Access Server, which desires to authenticate its links
and a shared Authentication Server. RADIUS is a standard published in RFC2138 as
mentioned above.
QUESTION 868
Information security is the protection of data. Information will be protected mainly based on:
A. Its sensitivity to the company.
B. Its confidentiality.
C. Its value.
D. All of the choices.
Correct Answer: D
Explanation
Information security is the protection of data against accidental or malicious

disclosure, modification, or destruction. Information will be protected based on its
value, confidentiality, and/or sensitivity to the company, and the risk of loss or
compromise. At a minimum, information will be update-protected so that only authorized
individuals can modify or erase the information.
QUESTION 869
Making sure that the data is accessible when and where it is needed is which of the following?
A. Confidentiality
B. Integrity
C. Acceptability
D. Availability
Correct Answer: D
Explanation
COMMENTS: This is one of the pillars of network security.

We can say that the data is available if we can access to it when we need it.
This what is referred in the question,
Availability refers to get access to data when and where you need it.
Confidentiality deals with encryption and data protection against third party interception.
Integrity deals with digital signatures and assures that the data has not changed.
Acceptability is not a related term.
QUESTION 870
Business continuity plan development depends most on?
A. Directives of Senior Management
B. Business Impact Analysis (BIA)
C. Scope and Plan Initiation
D. Skills of BCP committee
Correct Answer: B
Explanation
COMMENTS: Business continuity is of course a vital activity.

However, prior to the creation of a business continuity plan, it is essential to consider the potential impacts
of disaster and to understand the underlying risks.
It is now widely accepted that both business impact analysis and risk analysis are vital components of the
business continuity process.
However, many organizations are unsure of how to approach these important disciplines.
BIA is important because it provides management level analysis by which an organization assesses the
quantitative (financial) and qualitative (non-financial) impacts, effects and loss that might result if the
organization were to suffer a Business Continuity E/I/C.
The findings from a BIA are used to make decisions concerning Business Continuity Management strategy
and solutions.
QUESTION 871
Related to information security, availability is the opposite of which of the following?
A. Delegation
B. Distribution
C. Documentation
D. Destruction
Correct Answer: D
Explanation
COMMENTS: This is the correct term, remember that Availability refers to get access to data when and
where you need it.
When we talk about destruction, we are saying the opposite, if your information is destroyed, you cant
access to it neither when or where you want it.
Delegation deals with permissions, distribution deals with deployment and documentation deals with
information and how to´s.
The term we are looking here is definitively "destruction".
QUESTION 872
RAID Software can run faster in the operating system because neither use the hardware-level parity drives
by?
A. Simple striping or mirroring.
B. Hard striping or mirroring.
C. Simple hamming code parity or mirroring.
D. Simple striping or hamming code parity.
Correct Answer: A
Explanation
COMMENTS: This is true, if we do not use parity in our RAID implementation, like RAID 1 (Mirroring) or
RAID 0 (Stripping) we can improve performance because the CPU does not need waste cycles to make
the parity calculations. For example this can be achieved in Windows 2000 server through the use of RAID
0 (No fault tolerance, just stripping in 64kb chunks) or RAID 1 (Mirroring through a file system driver). This
is not the case of RAID 5 that actually use parity to provide fault tolerance.
QUESTION 873
The guarantee that the message sent is the message received, and that the message was not intentionally
or unintentionally altered is?
A. Integrity
B. Confidentiality
C. Availability
D. Identity
Correct Answer: A
Explanation
COMMENTS: Here are 2 definitions for Data Integrity:

1. The condition existing when data is unchanged from its source and has not been accidentally or
maliciously modified, altered, or destroyed.
2. The condition in which data are identically maintained during any operation, such as transfer, storage,
and retrieval.
Availability refers to get access to data when and where you need it. Confidentiality deals with encryption
and data protection against third party interception. Identity deals with authentication.
QUESTION 874
In order to ensure the privacy and integrity of the data, connections between firewalls over public networks
should use?
A. Screened subnets
B. Digital certificates
C. Encrypted Virtual Private Networks
D. Encryption
Correct Answer: C
Explanation
COMMENTS: This is the Answer, since firewall does not mean "VPN" we have to select "Encrypted Virtual
Private Networks".
With a VPN and encryption we can provide secure communication in a transparent way for the users
between the endpoints achieving "Confidentiality".
This confidentiality is achieved through encryption, and this encryption relies on encryption algorithms like
AES, DES, CAST and others.
Screened Subnet are not related to secure data over public networks, it's a place to put our network
services accessible from the outside.
Digital certificates do not provide confidentiality, they only provide integrity.
QUESTION 875
Which of the following groups represents the leading source of computer crime losses?
A. Hackers
B. Industrial saboteurs
C. Foreign intelligence officers
D. Employees
Correct Answer: D
Explanation
COMMENTS: This can be checked at the computer crime static's on the web. Most of the attacks, actually
70% of them, come from inside the company, and 80% of them from employees of it. This is a reality, when
we protect our infrastructure be sure to give great importance to internal security, we don't when is one of
the company employees going to make a strike. Hackers are also important, but less than our own
employees.
QUESTION 876
Which of the following steps should be performed first in a business impact analysis (BIA)?
A. Identify all business units within the organization.
B. Evaluate the impact of disruptive events.
C. Estimate the Recovery Time Objectives (RTO).
D. Evaluate the criticality of business functions.
Correct Answer: A
Explanation
COMMENTS: Remember that when we talk about a BIA (Business Impact Analysis), we are analyzing and
identifying possible issues about our infrastructure. It's an analysis about the business, the process that it
relays on, the level of the systems and a estimative of the financial impact, or in other words, how much
many we loose with our systems down. The first step on it should always be the identifying of the business
units in the company. You can then go to other requirements like estimate losses and downtime costs.
QUESTION 877
Which of the following embodies all the detailed actions that personnel are required to follow?
A. Standards
B. Guidelines
C. Procedures
D. Baselines
Correct Answer: C
Explanation
COMMENTS: As stated in the dictionary, here are 3 definitions of procedure:

1. A manner of proceeding; a way of performing or effecting something: standard procedure.
2. A series of steps taken to accomplish an end: a medical procedure; evacuation procedures.
3. A set of established forms or methods for conducting the affairs of an organized body such as a
business, club, or government.
Its pretty visible that this is the term we are looking for as stated in the questions, you can check your
CISSP documentation too.
QUESTION 878
Which of the following is the most reliable, secure means of removing data from magnetic storage media
such as a magnetic tape, or cassette?
A. Degaussing
B. Parity Bit Manipulation
C. Certification
D. Buffer overflow
Correct Answer: A
Explanation
COMMENTS: An alternating current (AC) bulk eraser (degausser) is used for complete erasure of data and
other signal on magnetic media. Degaussing is a process where magnetic media is exposed to a powerful,
alternating magnetic field. Degaussing removes any previously written data, leaving the media in a
magnetically randomized (blank) state. The degausser must subject the media to an alternating magnetic
field of sufficient intensity to saturate the media and then by slowly withdrawing or reducing the field leaves
the magnetic media in a magnetically neutral state.
QUESTION 879
The IS security analyst's participation in which of the following system development life cycle phases
provides maximum benefit to the organization?
A. System requirements definition.
B. System design.
C. Program development.
D. Program testing.
Correct Answer: A
Explanation
COMMENTS: The System Requirements definition phase of the development life cycle is the most
influenced by a Security analyst, because in this phase all the requirements, including security ones, of the
system to be development are set. In this phase, the Security analyst can see and taste the environment
and provide feedback in relation to the requirements of the sys tem in that environment to provide security.
QUESTION 880
Controls are implemented to?
A. Eliminate risk and reduce the potential for loss.
B. Mitigate risk and eliminate the potential for loss.
C. Mitigate risk and reduce the potential for loss.
D. Eliminate risk and eliminate the potential for loss.
Correct Answer: C
Explanation
COMMENTS: That's the essence of Controls, you put them in your environment to minimize the impact of a
potential loss, with them you can also mitigate the risk and obtain the first through this. Controls are a very
good practice to secure an environment, they should be considered by any security professional, CISSP or
not, the risk should be minimized as much as you can.
QUESTION 881
This backup method must be made regardless of whether Differential or Incremental methods are used.
A. Full Backup Method
B. Incremental backup method
C. Differential backup method
D. Tape backup method
Correct Answer: A
Explanation
COMMENTS: Since the "Full" backup method provides a baseline for our systems for Restore, the full
backup must be done at least once regardless of the method you are using. Its very common to use full
backups in combination with incremental or differential ones to decrease the backup time (however you
increment the restore time), but there is no way to maintain a system only with incremental or differential
backups. You always need to begin from your restore baseline, the Full Backup.
QUESTION 882
What security model is dependant on security labels?
A. Discretionary access control
B. Label-based access control
C. Mandatory access control
D. Non-discretionary access control
Correct Answer: C
Explanation
COMMENTS: With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the category of a resource,
and no one may grant a right of access that is explicitly forbidden in the access control policy. This kind of
access control method is based on Security labels. It is important to note that mandatory controls are
prohibitive (i.e., all that is not expressly permitted is forbidden).
QUESTION 883
Which type of control is concerned with avoiding occurrences of risks?
A. Deterrent controls
B. Detective controls
C. Preventive controls
D. Compensating controls
Correct Answer: C
Explanation
COMMENTS: Preventive controls deals with the avoidance of risk through the diminution of probabilities. Is
like the example we read earlier about the dogs. Just to remember, Since we want to prevent something
from happening, we can go out and buy some Guard dogs to make the job. You are buying them because
you want to prevent something from happening. The intruder will see the dogs and will maybe go back, this
prevents an attack, this dogs are a form of preventive control.
QUESTION 884
Which of the following is responsible for the most security issues?
A. Outside espionage
B. Hackers
C. Personnel
D. Equipment failure
Correct Answer: C
Explanation
COMMENTS: As I stated earlier in the comments, the great part of the attacks to companies comes from
the personnel. Hackers are out there and attack some targets, but should never forget that your worst
enemy can be inside of your company. Is for that that we usually implement IDS and profundity security. It's
a very good practice to install Host based IDS to limit the ability of internal attackers through the machines.
Another problem with personal is the ignorance, there are time that they just don't know what they are
doing, and certainly are violating the security policy.
QUESTION 885
Who should determine the appropriate access control of information?
A. Owner
B. User
C. Administrator
D. Server
Correct Answer: A
Explanation
All information generated, or used must have a designated owner. The owner must
determine appropriate sensitivity classifications, and access controls. The owner must
also take steps to ensure the appropriate controls for the storage, handling,
distribution, and use of the information in a secure manner.
QUESTION 886
What principle requires that a user be given no more privilege then necessary to perform a job?
A. Principle of aggregate privilege.
B. Principle of most privilege.
C. Principle of effective privilege.
D. Principle of least privilege.
Correct Answer: D
Explanation
As described at http://hissa.nist.gov/rbac/paper/node5.html, the principle of least

privilege has been described as important for meeting integrity objectives. The
principle of least privilege requires that a user be given no more privilege than
necessary to perform a job.
QUESTION 887
To ensure least privilege requires that __________ is identified.
A. what the users privilege owns
B. what the users job is
C. what the users cost is
D. what the users group is
Correct Answer: B
Explanation
Ensuring least privilege requires identifying what the user's job is, determining the
minimum set of privileges required to perform that job, and restricting the user to a
domain with those privileges and nothing more. By denying to subjects transactions that
are not necessary for the performance of their duties, those denied privileges couldn't
be used to circumvent the organizational security policy. Although the concept of least
privilege currently exists within the context of the TCSEC, requirements restrict those
privileges of the system administrator. Through the use of RBAC, enforced minimum
privileges for general system users can be easily achieved.
QUESTION 888
Enforcing minimum privileges for general system users can be easily achieved through the use of:
A. TSTEC
B. RBAC
C. TBAC
D. IPSEC
Correct Answer: B
Explanation
Ensuring least privilege requires identifying what the user’s job is, determining the
minimum set of privileges required to perform that job, and restricting the user to a
domain with those privileges and nothing more. By denying to subjects transactions that
are not necessary for the performance of their duties, those denied privileges couldn’t
be used to circumvent the organizational security policy. Although the concept of least
privilege currently exists within the context of the TCSEC, requirements restrict those
privileges of the system administrator. Through the use of RBAC, enforced minimum
privileges for general system users can be easily achieved.
QUESTION 889
What process determines who is trusted for a given purpose?
A. Identification
B. Authorization
C. Authentication
D. Accounting
Correct Answer: B
Explanation
Authorization determines who is trusted for a given purpose. More precisely, it

determines whether a particular principal, who has been authenticated as the source of
a request to do something, is trusted for that operation. Authorization may also
include controls on the time at which something can be done (e.g. only during working
hours) or the computer terminal from which it can be requested (e.g. only the one on
the system administrator desk).
QUESTION 890
Which of the following should NOT be logged for performance problems?
A. CPU load.
B. Percentage of use.
C. Percentage of idle time.
D. None of the choices.
Correct Answer: D
Explanation
The level of logging will be according to your company requirements. Below is a list of items that could be
logged, please note that some of the items may not be applicable to all operating systems. What is being
logged depends on whether you are looking for performance problems or security problems. However you
have to be careful about performance problems that could affect your security.
QUESTION 891
Which of the following should be logged for security problems?
A. Use of mount command.
B. Percentage of idle time.
C. Percentage of use.
Correct Answer: A
Explanation
The level of logging will be according to your company requirements. Below is a list of items that could be
logged, please note that some of the items may not be applicable to all operating systems. What is being
logged depends on whether you are looking for performance problems or security problems. However you
have to be careful about performance problems that could affect your security.
Percentage of idle time and percentage of use might be useful in capacity planning, in which you determine
what computing resources you will need to handle future needs, but they are not generally related to
security problems.
QUESTION 892
To ensure dependable and secure logging, logging information traveling on the network should be:
A. Stored
B. Encrypted
C. Isolated
D. Monitored
Correct Answer: B
Explanation
The following pre-requisite must be met to ensure dependable and secure logging: All computers must
have their clock synchronized to a central timeserver to ensure accurate time on events being logged. If
possible all logs should be centralized for easy analysis and also to help detect patterns of abuse across
servers. Logging information traveling on the network must be encrypted if possible. Log files are stored
and protected on a machine that has a hardened shell. Log files must not be modifiable without a trace or
record of such modification.
QUESTION 893
The activity that consists of collecting information that will be used for monitoring is called:
A. Logging
B. Troubleshooting
C. Auditing
D. Inspecting
Correct Answer: A
Explanation
Logging is the activity that consists of collecting information that will be used for monitoring and auditing.
Detailed logs combined with active monitoring allow detection of security issues before they negatively
affect your systems.
QUESTION 894
How often should logging be run?
A. Once every week.
B. Always
C. Once a day.
D. During maintenance.
Correct Answer: B
Explanation
Usually logging is done 24 hours per day, 7 days per week, on all available systems and services except
during the maintenance window where some of the systems and services may not be available while
maintenance is being performed.
QUESTION 895
With Discretionary access controls, who determines who has access and what privilege they have?
A. End users.
B. None of the choices.
C. Resource owners.
D. Only the administrators.
Correct Answer: C
Explanation
Discretionary access controls can extend beyond limiting which subjects can gain what type of access to
which objects. Administrators can limit access to certain times of day or days of the week. Typically, the
period during which access would be permitted is 9 a.m. to 5 p.m. Monday through Friday. Such a limitation
is designed to ensure that access takes place only when supervisory personnel are present, to discourage
unauthorized use of data. Further, subjects' rights to access might be suspended when they are on
vacation or leave of absence. When subjects leave an organization altogether, their rights must be
terminated rather than merely suspended. Under this type of control, the owner determines who has access
and what privilege they have. If the end users of resources had control of who had access and what
privileges they have, they would be able to access any resource, because they'd have the ability to change
access controls at will. If only the administrators controlled access to resources, it would be a major job duty
(as well as a bureaucratic bottleneck for users) that would take time away from other administrative
activities.
QUESTION 896
What defines an imposed access control level?
A. MAC
B. DAC
C. SAC
D. CAC
Correct Answer: A
Explanation
MAC is defined as follows in the Handbook of Information Security Management: With

mandatory controls, only administrators and not owners of resources may make decisions
that bear on or derive from policy. Only an administrator may change the category of a
resource, and no one may grant a right of access that is explicitly forbidden in the
access control policy.
QUESTION 897
Under MAC, who can change the category of a resource?
A. All users.
B. Administrators only.
C. All managers.
Correct Answer: B
Explanation
MAC (Mandatory Access Control) is defined as follows in the Handbook of Information Security
Management: With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the category of a resource,
and no one may grant a right of access that is explicitly forbidden in the access control policy.
If All users or All managers, could change the category of a resource, then the access control would not be
mandatory.
QUESTION 898
Under MAC, who may grant a right of access that is explicitly forbidden in the access control policy?
A. None of the choices.
B. All users.
C. Administrators only.
D. All managers.
Correct Answer: A
Explanation
MAC is defined as follows in the Handbook of Information Security Management:

With mandatory controls, only administrators and not owners of resources may make decisions that bear
on or derive from policy.
Only an administrator may change the category of a resource, and no one may grant a right of
access that is explicitly forbidden in the access control policy.
QUESTION 899
You may describe MAC as:
A. Opportunistic
B. Prohibitive
C. None of the choices.
D. Permissive
Correct Answer: B
Explanation
It is important to note that mandatory controls are prohibitive (i.e., all that is not expressly permitted is
forbidden), not permissive. Only within that context do discretionary controls operate, prohibiting still more
access with the same exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It requires labeling.
QUESTION 900
Under MAC, which of the following is true?
A. All that is expressly permitted is forbidden.
B. All that is not expressly permitted is forbidden.
C. All that is not expressly permitted is not forbidden.
Correct Answer: B
Explanation
QUESTION 901
Under MAC, a clearance is a:
A. Sensitivity
B. Subject
C. Privilege
D. Object
Correct Answer: C
Explanation
QUESTION 902
Under MAC, a file is a(n):
A. Privilege
B. Subject
C. Sensitivity
D. Object
Correct Answer: D
Explanation
QUESTION 903
Under MAC, classification reflects:
A. Sensitivity
B. Subject
C. Privilege
D. Object
Correct Answer: A
Explanation
QUESTION 904
MAC is used for:
A. Defining imposed access control level.
B. Defining user preferences.
D. Defining discretionary access control level.
Correct Answer: A
Explanation
As the name implies, the Mandatory Access Control defines an imposed access control level. MAC is
defined as follows in the Handbook of Information Security Management: With mandatory controls, only
administrators and not owners of resources may make decisions that bear on or derive from policy. Only an
administrator may change the category of a resource, and no one may grant a right of access that is
explicitly forbidden in the access control policy.
QUESTION 905
With MAC, who may make decisions that bear on policy?
A. None of the choices.
B. All users.
C. Only the administrator.
D. All users except guests.
Correct Answer: C
Explanation
As the name implies, the Mandatory Access Control defines an imposed access control level.
MAC is defined as follows in the Handbook of Information Security Management:
With mandatory controls, only administrators and not owners of resources may make decisions that bear
on or derive from policy.
Only an administrator may change the category of a resource, and no one may grant a right of access that
is explicitly forbidden in the access control policy.
QUESTION 906
With MAC, who may NOT make decisions that derive from policy?
A. All users except the administrator.
B. The administrator.
C. The power users.
D. The guests.
Correct Answer: A
Explanation
As the name implies, the Mandatory Access Control defines an imposed access control level. MAC is
defined as follows in the Handbook of Information Security Management: With mandatory controls, only
administrators and not owners of resources may make decisions that bear on or derive from policy. Only an
administrator may change the category of a resource, and no one may grant a right of access that is
explicitly forbidden in the access control policy.
QUESTION 907
Under the MAC control system, what is required?
A. Performance monitoring
B. Labelling
C. Sensing
D. None of the choices
Correct Answer: B
Explanation
QUESTION 908
Access controls that are not based on the policy are characterized as:
A. Secret controls
B. Mandatory controls
C. Discretionary controls
D. Corrective controls
Correct Answer: C
Explanation
Access controls that are not based on the policy are characterized as discretionary controls by the US
government and as need-to-know controls by other organizations. The latter term connotes least privilege -
those who may read an item of data are precisely those whose tasks entail the need.
QUESTION 909
Which of the following are the components of the Chinese wall model?
A. Conflict if interest classes.
B. All of the choices.
C. Subject
D. Company Datasets.
Correct Answer: B
Explanation
The model has the following component:

COMPONENT EXAMPLE
Subject Analyst
Object Data item for a single client
Company Datasets Give for each company its own company dataset
Conflict of interest classes Give for each object companies that have a conflict of interest
Labels Company dataset + conflict of interest class
Sanitized information No access restriction
QUESTION 910
Which of the following correctly describe the difference between identification and authentication?
A. Authentication is a means to verify who you are, while identification is what you are authorized to
perform.
B. Identification is a means to verify who you are, while authentication is what you are authorized to
perform.
C. Identification is another name of authentication.
D. Identification is the child process of authentication.
Correct Answer: D
Explanation
Authentication is not what you are authorized to perform, this is authorization.

Identification is who you say you are, authentication is the validaton of it.
QUESTION 911
Identification and authentication are the keystones of most access control systems.
Identification establishes:
A. Authentication
B. Accountability
C. Authorization
Correct Answer: B
Explanation
Identification is a means to verify who you are.

Authentication is what you are authorized to perform, access, or do.
User identification enables accountability.
It enables you to trace activities to individual users that may be held responsible for their actions.
Identification usually takes the form of Logon ID or User ID.
Some of the Logon ID characteristics are: they must be unique, not shared, and usually non descriptive of
job function.
QUESTION 912
Identification usually takes the form of:
A. Login ID.
B. User password.
D. Passphrase
Correct Answer: A
Explanation
Identification is a means to verify who you are. Authentication is what you are authorized to perform,
access, or do. User identification enables accountability. It enables you to trace activities to individual users
that may be held responsible for their actions. Identification usually takes the form of Logon ID or User ID.
Some of the Logon ID characteristics are: they must be unique, not shared, and usually non descriptive of
job function
QUESTION 913
Authentication is typically based upon:
A. Something you have.
B. Something you know.
C. Something you are.
Correct Answer: D
Explanation
Authentication is a means of verifying the eligibility of an entity to receive specific categories of information.
The entity could be individual user, machine, or software component. Authentication is typically based upon
something you know, something you have, or something you are.
QUESTION 914
A password represents:
A. Something you have.
C. All of the choices.
D. Something you are.
Correct Answer: B
Explanation
The canonical example of something you know is a password or pass phrase. You might type or speak the
value. A number of schemes are possible for obtaining what you know. It might be assigned to you, or you
may have picked the value yourself. Constraints may exist regarding the form the value can take, or the
alphabet from which you are allowed to construct the value might be limited to letters only. If you forget the
value, you may not be able to authenticate yourself to the system.
QUESTION 915
A smart card represents:
A. Something you are.
C. Something you have.
Correct Answer: C
Explanation
Another form of authentication requires possession of something such as a key, a smart card, a disk, or
some other device. Whatever form it takes, the authenticating item should be difficult to duplicate and may
require synchronization with systems other than the one to which you are requesting access. Highly secure
environments may require you to possess multiple things to guarantee authenticity.
QUESTION 916
Retinal scans check for:
A. Something you are.
B. Something you have.
C. Something you know.
Correct Answer: A
Explanation
Something you are is really a special case of something you have.

The usual examples given include fingerprint, voice, or retinal scans.
QUESTION 917
Which of the following is the most commonly used check on something you know?
A. One time password
B. Login phrase
C. Retinal
D. Password
Correct Answer: D
Explanation
Passwords even though they are always mentioned as being unsecured, necessary evils, that put your
infrastructure at risk, are still commonly used and will probably be used for quite a few years. Good
passwords can provide you with a good first line of defense. Passwords are based on something the user
knows. They are used to authenticate users before they can access specific resources.
QUESTION 918
DAC are characterized by many organizations as:
A. Need-to-know controls
B. Preventive controls
C. Mandatory adjustable controls
D. None of the choices
Correct Answer: A
Explanation
Access controls that are not based on the policy are characterized as discretionary controls by the US
government and as need-to-know controls by other organizations. The latter term connotes least privilege -
those who may read an item of data are precisely those whose tasks entail the need.
QUESTION 919
Which of the following correctly describe DAC?
A. It is the most secure method.
B. It is of the B2 class.
C. It can extend beyond limiting which subjects can gain what type of access to which objects.
D. It is of the B1 class.
Correct Answer: C
Explanation
With DAC, administrators can limit access to certain times of day or days of the week. Typically, the period
during which access would be permitted is 9 a.m. to 5 p.m. Monday through Friday. Such a limitation is
designed to ensure that access takes place only when supervisory personnel are present, to discourage
unauthorized use of data. Further, subjects' rights to access might be suspended when they are on
vacation or leave of absence. When subjects leave an organization altogether, their rights must be
terminated rather than merely suspended.
QUESTION 920
Raid that functions as part of the operating system on the file server
A. Software implementation
B. Hardware implementation
C. Network implementation
D. Netware implementation
Correct Answer: A
Explanation
COMMENTS: This kind of RAID is totally depended on the operating system, this is because the server
does not have any special hardware - RAID controller in the board. This kind of RAID implementation
usually degrades performance because it takes many CPU cycles. A very common example of software
RAID is the support for it on Windows 2000 Server, where you can create RAID 0,1 and 5 through
heterogeneous disks, you can even make a RAID between one SCSI and one EIDE disk. The software
implementation is hardware independent always that the disks are recognized by the Operating System.
QUESTION 921
During which phase of an IT system life cycle are security requirements developed?
A. Operation
B. Initiation
C. Development
D. Implementation
Correct Answer: C
Explanation
COMMENTS: The System Development Life Cycle is the process of developing information systems
through investigation, analysis, design, implementation, and maintenance. The System Development Life
Cycle (SDLC) is also known as Information Systems Development or Application Development. If you take
a look at the standard IT system life cycle chart, you will see that everything that deals with security
requirements is done at the "development" stage. In this stage you can create the access controls, the form
of authentication to use and all the other security requirements.
QUESTION 922
Non-Discretionary Access Control. A central authority determines what subjects can have access to certain
objects based on the organizational security policy. The access controls may be based on?
A. The societies role in the organization.
B. The individual's role in the organization.
C. The group-dynamics as they relate to the individual's role in the organization.
D. The group-dynamics as they relate to the master-slave role in the organization.
Correct Answer: B
Explanation
COMMENTS: An access control model defines a computer and/or network system's rules for user access
to information resources. Access control models provide confidentiality, integrity and also provide
accountability through audit trails. An audit trail documents the access of an object by a subject with a
record of what operations were performed. Operations include: read, write, execute and own. Non-
Discretionary Access Control is usually role -based, centrally administered with authorization decisions
based on the roles individuals have within an organization (e.g. bank teller, loan officer, etc. in a banking
model). A system's security administrator grants and/or revokes system privileges based on a user's role.
This model works well for corporations with a large turnover of personnel.
QUESTION 923
What attack involves actions to mimic one's identity?
A. Brute force
B. Exhaustive
C. Social engineering
D. Spoofing
Correct Answer: D
Explanation
Spoofing is an attack in which one person or process pretends to be a person or process

that has more privileges. For example, user A can mimic behavior to make process B
believe user A is user C. In the absence of any other controls, B may be duped into
giving to user A the data and privileges that were intended for user C.
QUESTION 924
What attack takes advantage of operating system buffer overflows?
A. Spoofing
B. Brute force
C. DoS
D. Exhaustive
Correct Answer: C
Explanation
Denial of Service is an attack on the operating system or software using buffer

overflows. The result is that the target is unable to reply to service requests. This
is too a large an area of information to try to cover here, so I will limit my
discussion to the types of denial of service (DoS)
QUESTION 925
What attack is primarily based on the fragmentation implementation of IP and large ICMP packet size?
A. Exhaustive
B. Brute force
C. Ping of Death
D. Spoofing
Correct Answer: C
Explanation
Ping of Death -- This exploit is based on the fragmentation implementation of IP

whereby large packets are reassembled and can cause machines to crash. 'Ping of Death
takes advantage of the fact that it is possible to send an illegal ICMP Echo packet
with more than the allowable 65, 507 octets of data because of the way fragmentation is
performed. A temporary fix is block ping packets. Ideally, an
QUESTION 926
Which of the following will you consider as a program that monitors data traveling over a network?
A. Smurfer
B. Sniffer
C. Fragmenter
D. Spoofer
Correct Answer: B
Explanation
A sniffer is a program and/or device that monitor data traveling over a network.
Sniffers can be used both for legitimate network management functions and for stealing
information off a network. Unauthorized sniffers can be extremely dangerous to a
network's security because they are virtually impossible to detect
QUESTION 927
What technology is being used to detect anomalies?
A. IDS
B. FRR
C. Sniffing
D. Capturing
Correct Answer: A
Explanation
Intrusion Detection is a quickly evolving domain of expertise. In the past year we have
seen giant steps forward in this area. We are now seeing IDS engines that will detect
anomalies, and that have some built-in intelligence. It is no longer a simple game of
matching signatures in your network traffic.
QUESTION 928
IDSs verify, itemize, and characterize threats from:
A. Inside your organization's network.
B. Outside your organization's network.
C. Outside and inside your organization's network.
D. The Internet.
Correct Answer: C
Explanation
IDSs verify, itemize, and characterize the threat from both outside and inside your
organization's network, assisting you in making sound decisions regarding your
allocation of computer security resources. Using IDSs in this manner is important, as
many people mistakenly deny that anyone (outsider or insider) would be interested in
breaking into their networks. Furthermore, the information that IDSs give you regarding
the source and nature of attacks allows you to make decisions regarding security
strategy driven by demonstrated need, not guesswork or folklore.
QUESTION 929
IDS can be described in terms of what fundamental functional components?
A. Response
B. Information Sources
C. Analysis
Correct Answer: D
Explanation
Many IDSs can be described in terms of three fundamental functional components:

Information Sources - the different sources of event information used to determine
whether an intrusion has taken place. These sources can be drawn from different levels
of the system, with network, host, and application monitoring most common.
Analysis - the part of intrusion detection systems that actually organizes and makes
sense of the events derived from the information sources, deciding when those events
indicate that intrusions are occurring or have already taken place. The most common
analysis approaches are misuse detection and anomaly detection.
Response - the set of actions that the system takes once it detects intrusions. These
are typically grouped into active and passive measures, with active measures involving
some automated intervention on the part of the system, and passive measures involving
reporting IDS findings to humans, who are then expected to take action based on those
reports.
QUESTION 930
What are the primary goals of intrusion detection systems?
A. Accountability
B. Availability
C. Response
D. All of the choices
Correct Answer: AC
Explanation
Although there are many goals associated with security mechanisms in general, there are
two overarching goals usually stated for intrusion detection systems.
Accountability is the capability to link a given activity or event back to the party
responsible for initiating it. This is essential in cases where one wishes to bring
criminal charges against an attacker. The goal statement associated with accountability
is: "I can deal with security attacks that occur on my systems as long as I know who
did it (and where to find them.)" Accountability is difficult in TCP/IP networks, where
the protocols allow attackers to forge the identity of source addresses or other source
identifiers. It is also extremely difficult to enforce accountability in any system
that employs weak identification and authentication mechanisms.
Response is the capability to recognize a given activity or event as an attack and then
taking action to block or otherwise affect its ultimate goal. The goal statement
associated with response is "I don't care who attacks my system as long as I can
recognize that the attack is taking place and block it."
Note that the requirements of detection are quite different for response than for accountability.
QUESTION 931
What is the most common way to classify IDSs?
A. Group them by information source.
B. Group them by network packets.
C. Group them by attackers.
D. Group them by signs of intrusion.
Correct Answer: A
Explanation
The most common way to classify IDSs is to group them by information source. Some IDSs
analyze network packets, captured from network backbones or LAN segments, to find
attackers. Other IDSs analyze information sources generated by the operating system or
application software for signs of intrusion.
QUESTION 932
Which of the following is a drawback of Network-based IDSs?
A. It cannot analyze encrypted information.
B. It is very costly to setup.
C. It is very costly to manage.
D. It is not effective.
Correct Answer: A
Explanation
The majority of commercial intrusion detection systems are network-based. These IDSs
detect attacks by capturing and analyzing network packets. Listening on a network
segment or switch, one network-based IDS can monitor the network traffic affecting
multiple hosts that are connected to the network segment, thereby protecting those
hosts.
QUESTION 933
Host-based IDSs normally utilize information from which of the following sources?
A. Operating system audit trails and system logs.
B. Operating system audit trails and network packets.
C. Network packets and system logs.
D. Operating system alarms and system logs.
Correct Answer: A
Explanation
Host-based IDSs normally utilize information sources of two types, operating system audit trails, and
system logs. Operating system audit trails are usually generated at the innermost (kernel) level of the
operating system, and are therefore more detailed and better protected than system logs. However, system
logs are much less obtuse and much smaller than audit trails, and are furthermore far easier to
comprehend. Some host-based IDSs are designed to support a centralized IDS management and reporting
infrastructure that can allow a single management console to track many hosts. Others generate messages
in formats that are compatible with network management systems.
QUESTION 934
When comparing host based IDS with network based ID, which of the following is an obvious advantage?
A. It is unaffected by switched networks.
B. It cannot analyze encrypted information.
C. It is not costly to setup.
D. It is not costly to manage.
Correct Answer: A
Explanation
Host-based IDSs are unaffected by switched networks. When Host-based IDSs operate on OS
audit trails, they can help detect Trojan horse or other attacks that involve software
integrity breaches. These appear as inconsistencies in process execution.
QUESTION 935
You are comparing host based IDS with network based ID. Which of the following will you consider as an
obvious disadvantage of host based IDS?
A. It cannot analyze encrypted information.
B. It is costly to remove.
C. It is affected by switched networks.
D. It is costly to manage.
Correct Answer: D
Explanation
Host-based IDSs are harder to manage, as information must be configured and managed for
every host monitored. Since at least the information sources (and sometimes part of the
analysis engines) for host-based IDSs reside on the host targeted by attacks, the IDS
may be attacked and disabled as part of the attack.
Host-based IDSs are not well suited for detecting network scans or other such
surveillance that targets an entire network, because the IDS only sees those network
packets received by its host. Host-based IDSs can be disabled by certain
denial-of-service attacks.
QUESTION 936
Which of the following IDS inflict a higher performance cost on the monitored systems?
A. Encryption based
B. Host based
C. Network based
D. Trusted based
Correct Answer: B
Explanation
Host-based IDSs use the computing resources of the hosts they are monitoring, therefore
inflicting a performance cost on the monitored systems.
QUESTION 937
Application-based IDSs normally utilize information from which of the following sources?
A. Network packets and system logs.
B. Operating system audit trails and network packets.
C. Operating system audit trails and system logs.
D. Application's transaction log files.
Correct Answer: D
Explanation
Application-based IDSs are a special subset of host-based IDSs that analyze the events
transpiring within a software application. The most common information sources used by
application-based IDSs are the application's transaction log files.
QUESTION 938
What are the primary approaches IDS takes to analyze events to detect attacks?
A. Misuse detection and anomaly detection.
B. Log detection and anomaly detection.
C. Misuse detection and early drop detection.
D. Scan detection and anomaly detection.
Correct Answer: A
Explanation
There are two primary approaches to analyzing events to detect attacks: misuse
detection and anomaly detection. Misuse detection, in which the analysis targets
something known to be "bad", is the technique used by most commercial systems. Anomaly
detection, in which the analysis looks for abnormal patterns of activity, has been, and
continues to be, the subject of a great deal of research. Anomaly detection is used in
limited form by a number of IDSs. There are strengths and weaknesses associated with
each approach, and it appears that the most effective IDSs use mostly misuse detection
methods with a smattering of anomaly detection components.
QUESTION 939
What types of computer attacks are most commonly reported by IDSs?
A. System penetration
C. System scanning
D. All of the choices
Correct Answer: D
Explanation
Three types of computer attacks are most commonly reported by IDSs: system scanning,
denial of service (DOS), and system penetration. These attacks can be launched locally,
on the attacked machine, or remotely, using a network to access the target. An IDS
operator must understand the differences between these types of attacks, as each
requires a different set of responses.
QUESTION 940
What attack is typically used for identifying the topology of the target network?
A. Spoofing
B. Brute force
C. Teardrop
D. Scanning
Correct Answer: D
Explanation
Scanning or Port Scan Attack is one of the most popular reconnaissance techniques attackers use to
discover services they can break into. All machines connected to a network run many services that use
TCP or UDP ports and there are more than 6000 defined ports available. Normally port scan does not make
direct damage just by port scanning. Potentially a port scan helps the attacker find which ports are available
to launch various attacks.
Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response
received indicates whether the port is used and can therefore be probed further for weakness. Port
scanning usually happens for TCP ports, which are connection-oriented and therefore give good feedback
to the attacker.
QUESTION 941
An offsite backup facility intended to operate an information processing facility, having no computer or
communications equipment, but having flooring, electrical writing, air conditioning, etc. Is better known as
a?
A. Hot site
B. Duplicate processing facility
C. Cold site
D. Warm site
Correct Answer: C
Explanation
COMMENTS: A cold site has all the appropriate power requirements, and floor space to install the
hardware and to enable you to recreate your computer environment, but does not provide the actual
equipment. Many of the companies that pr ovide hot sites also provide cold sites. It may be reasonable for
your company to consider creating its won cold site if your company has floor space available in another
location than the home site. They require much more outage than Hot sites before operations can be
restored.
QUESTION 942
Which of the following could illegally capture network user passwords?
A. Data diddling
B. Sniffing
C. Spoofing
D. Smurfing
Correct Answer: B
Explanation
COMMENTS: Sniffing is the action of capture the information going over the network. Most popular way of
connecting computers is through Ethernet. Ethernet protocol works by sending packet information to all the
hosts on the same circuit. The packet header contains the proper address of the destination machine. Only
the machine with the matching address is suppose to accept the packet. A machine that is accepting all
packets, no matter what the packet header says, is said to be in promiscuous mode. Because, in a nor mal
networking environment, account and password information is passed along Ethernet in clear-text, it is not
hard for an intruder to put a machine into promiscuous mode and by sniffing, compromise all the machines
on the net by capturing password in an illegal fashion.
QUESTION 943
The continual effort of making sure that the correct policies, procedures and standards are in place and
being followed is described as what?
A. Due care
B. Due concern
C. Due diligence
D. Due practice
Correct Answer: C
Explanation
COMMENTS: According to the CISSP documentation, this is the correct term, A "due diligence" is the
action to make sure that your security policy is being enforced through the use of procedures and
standards. This is something that every good Security professiona l should do. Due care, due concern and
due practice are not correct term to refer what the question is trying to define , the correct term is "due
diligence". Don't forget that for the exam.
QUESTION 944
Which of the following elements is not included in a Public Key Infrastructure (PKI)?
A. Timestamping
B. Lightweight Directory Access Protocol (LDAP)
C. Certificate revocation
D. Internet Key Exchange (IKE)
Correct Answer: D
Explanation
COMMENTS: Public key cryptography is one mechanism that is often used to fulfill the security
requirements necessary to conduct electronic transactions over public networks. PKI (public key
infrastructure) and cryptography based solutions are taking the lead in secure e-commerce. PKI addresses
nonrepudiation of identity using a dual-key encryption system that allows users to uniquely sign documents
with a digital signature. Public key cryptography uses pairs of keys, each pair consisting of one public key
and one private key. Information encrypted with one key in the pair can only be decrypted with the other
key. LDAP is issued to bring user information and Timestamping to track changes over time. PKI also relies
on certificated and CRL (Certificate Revocation list) to discard compromised, expired digital certificates.
QUESTION 945
Which of the following is used to help business units understand the impact of a disruptive event?
A. A risk analysis.
B. A business impact assessment.
C. A vulnerability assessment.
D. A disaster recovery plan.
Correct Answer: B
Explanation
COMMENTS: A Business impact assessment can provide information in combination with the BIA to the
different business units about how can an attack impact or disrupt the business. Every disaster recovery
plan should include an study containing a BIA and a Business impact assessment to better understand how
is going to be in the case that a business continuity disruptive event takes place.
QUESTION 946
A contingency plan should address?
A. Potential risks
B. Residual risks
C. Identified risks
D. All of the above
Correct Answer: B
Explanation
COMMENTS: This is true, as stated in CISSP documentation, you should address any possible "Residual
Risk" at your contingency plan to minimize business impact when you are in a downtime situation. The
identified Risks and the Potential Risks are not identified there, they are identified earlier.
QUESTION 947
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?
A. In order to facilitate recover, a single plan should cover all locations.
B. There should be requirements for to form a committee to decide a course of action.
These decisions should be made ahead of time and incorporated into the plan.
C. In its procedures and tasks, the plan should refer to functions, not specific individuals.
D. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely
manner.
Correct Answer: A
Explanation
COMMENTS: This is not the best practice, even more for the CISSP exam. Continuity / recovery plans
should be make for every location in separate. This is because when there is a disaster, Its not usually in all
the different locations, its better to have one plan for each of it so you can use and follow only the plan of
the affected site and don't bother the other ones.
QUESTION 948
Which of the following would be defined as an absence of safeguard that could be exploited?
A. A threat
B. A vulnerability
C. A risk
D. An exposure
Correct Answer: B
Explanation
COMMENTS: In IT, a vulnerability is the weakness of a System to be exploited and corrupted by a security
hole. There is always a risk that our systems been vulnerable, with security we cannot make the risk to be
0%, but we can decrease the possibility of a threat becoming in a successful attack through one of those
vulnerabilities. There is no system without vulnerabilities, we need to patch our systems frequently to
reduce the risk of a threat through a vulnerability of one of our systems.
QUESTION 949
Which of the following are the limitations of the BLP model?
A. No policies for changing access data control.
B. All of the choices.
C. Contains covert channels.
D. Static in nature.
Correct Answer: B
Explanation
Limitations of the BLP model:

Have no policies for changing access data control
Intended for systems with static security levels
Contains covert channels: a low subject can detect the existence of a high object when
it is denied access. Sometimes it is not enough to hide the content of an object; also
their existence may have to be hidden.
Restricted to confidentiality
QUESTION 950
Which of the following are the two most well known access control models?
A. Lattice and Biba
B. Bell LaPadula and Biba
C. Bell LaPadula and Chinese war
D. Bell LaPadula and Info Flow
Correct Answer: B
Explanation
The two most well known models are Bell&LaPadula [1973] and Biba[1977].
Both were designed in and for military environments.
QUESTION 951
What can be defined as a formal security model for the integrity of subjects and objects in a system?
A. Biba
B. Bell LaPadulaLattice
C. Lattice
D. Info Flow
Correct Answer: A
Explanation
The Handbook of Information System Management, 1999 Edition, ISBN:

0849399742 presents the following definition:
In studying the two properties of the Bell-LaPadula model, Biba discovered a plausible
notion of integrity, which he defined as prevention of unauthorized modification. The
resulting Biba integrity model states that maintenance of integrity requires that data
not flow from a receptacle of given integrity to a receptacle of higher integrity. For
example, if a process can write above its security level, trustworthy data could be
contaminated by the addition of less trustworthy data. SANS glossary at
http://www.sans.org/newlook/resources/glossary.htm define it as:
Formal security model for the integrity of subjects and objects in a system.
QUESTION 952
Which of the following is best known for capturing security requirements of commercial applications?
A. Lattice
B. Biba
C. Bell LaPadula
D. Clark and Wilson
Correct Answer: D
Explanation
This model attempts to capture security requirements of commercial applications.

‘Military’ and ‘Commercial’ are shorthand for different ways of using computers.
This model has emphasis on integrity:
Internal consistency: properties of the internal state of a system
External consistency: relation of the internal state of a system to the outside world
QUESTION 953
The Clark Wilson model has its emphasis on:
A. Security
B. Integrity
C. Accountability
D. Confidentiality
Correct Answer: B
Explanation
This model attempts to capture security requirements of commercial applications.

‘Military’ and ‘Commercial’ are shorthand for different ways of using computers. This
model has emphasis on integrity:
Internal consistency: properties of the internal state of a system
External consistency: relation of the internal state of a system to the outside world
QUESTION 954
Which of the following is a state machine model capturing confidentiality aspects of access control?
A. Clarke Wilson
B. Bell-LaPadula
C. Chinese Wall
D. Lattice
Correct Answer: B
Explanation
Bell-LaPadula is a state machine model capturing confidentiality aspects of access
control. Access permissions are defined through an Access Control matrix and through a
partial ordering of security levels. Security policies prevent information flowing
downwards from a high security level to a low security level. BLP only considers the
information flow that occurs when a subject observes or alters an object.
QUESTION 955
With the BLP model, access permissions are defined through:
A. Filter rules
B. Security labels
C. Access Control matrix
D. Profiles
Correct Answer: C
Explanation
Bell-LaPadula is a state machine model capturing confidentiality aspects of access control. Access
permissions are defined through an Access Control matrix and through a partial ordering of security levels.
Security policies prevent information flowing downwards from a high security level to a low security level.
BLP only considers the information flow that occurs when a subject observes or alters an object.
QUESTION 956
With the BLP model, security policies prevent information flowing downwards from a:
A. Low security level
B. High security level
C. Medium security level
D. Neutral security level
Correct Answer: B
Explanation
QUESTION 957
When will BLP consider the information flow that occurs?
A. When a subject alters on object.
B. When a subject accesses an object.
C. When a subject observer an object.
Correct Answer: D
Explanation
QUESTION 958
Separation of duties is valuable in deterring:
A. DoS
B. external intruder
C. fraud
D. trojan house
Correct Answer: C
Explanation
Separation of duties is considered valuable in deterring fraud since fraud can occur if
an opportunity exists for collaboration between various jobs related capabilities.
Separation of duty requires that for particular sets of transactions, no single
individual be allowed to execute all transactions within the set. The most commonly
used examples are the separate transactions needed to initiate a payment and to
authorize a payment. No single individual should be capable of executing both
transactions.
QUESTION 959
What principle requires that for particular sets of transactions, no single individual be allowed to execute all
transactions within the set?
A. Use of rights
B. Balance of power
D. Fair use
Correct Answer: C
Explanation
Separation of duties is considered valuable in deterring fraud since fraud can occur if
an opportunity exists for collaboration between various jobs related capabilities.
Separation of duty requires that for particular sets of transactions, no single
individual be allowed to execute all transactions within the set. The most commonly
used examples are the separate transactions needed to initiate a payment and to
authorize a payment. No single individual should be capable of executing both
transactions.
QUESTION 960
Separation of duty can be:
A. Dynamic only
B. Encrypted
C. Static only
D. Static or dynamic
Correct Answer: D
Explanation
Separation of duty can be either static or dynamic. Compliance with static separation
requirements can be determined simply by the assignment of individuals to roles and
allocation of transactions to roles. The more difficult case is dynamic separation of
duty where compliance with requirements can only be determined during system operation.
The objective behind dynamic separation of duty is to allow more flexibility in
operations.
QUESTION 961
RAID Level 1 mirrors the data from one disk to set of disks using which of the following techniques?
A. Copying the data onto another disk or set of disks.
B. Moving the data onto another disk or set of disks.
C. Establishing dual connectivity to another disk or set of disks.
D. Establishing dual addressing to another disk or set of disks.
Correct Answer: A
Explanation
COMMENTS: RAID 1 or Mirroring is a technique in which data is written to two duplicate disks
simultaneously through a copy process. This way if one of the disk drives fails, the system can instantly
switch to the other disk without any loss of data or service. Disk mirroring is used commonly in online
database systems where it's critical that the data be accessible at all times.
RAID means "Redundant Array of Inexpensive Disks".
QUESTION 962
With RAID Level 5 the spare drives that replace the failed drives are usually hot swappable, meaning the
can be replaced on the server while the?
A. System is up and running.
B. System is down and running.
C. System is in-between and running.
D. System is centre and running.
Correct Answer: A
Explanation
COMMENTS: This is true, since RAID 5 uses parity to provide fault tolerance through the array, once of the
disk in it can become corrupted, and you usually can just take it out without turning off the system (Hot
SWAP) and plug a spare disk on the bay. Then the array will automatically begin to reconstruct the
information in the new disk with the parity contained through the other disks in the array. This Hot Swap
capability is usually present in enterprise servers that require high availability.
QUESTION 963
What is the process that RAID Level 0 uses as it creates one large disk by using several disks?
A. Striping
B. Mirroring
C. Integrating
D. Clustering
Correct Answer: A
Explanation
COMMENTS: This is the correct term, with stripping RAID 0 can evenly distribute the information through
the disk that form the array in a transparent way for the final user. With RAID 0 you can be writing to 12 disk
simultaneously and you see them as only one large logical partition. This level of RAID does not provide
fault tolerance but provides an increase in performance because you are writing and reading from many
disks and heads. An example of this stripping is the software version that comes wit h Windows 2000, it
supports up to 32 disks.
QUESTION 964
With RBAC, each user can be assigned:
A. One or more roles.
B. Only one role.
C. A token role.
D. A security token.
Correct Answer: A
Explanation
With RBAC, security is managed at a level that corresponds closely to the

organization’s structure. Each user is assigned one or more roles, and each role is
assigned one or more privileges that are permitted to users in that role. Roles can be
hierarchical.
QUESTION 965
With RBAC, roles are:
A. Based on labels.
B. All equal
C. Hierarchical
D. Based on flows.
Correct Answer: C
Explanation
With RBAC (role-based access control), security is managed at a level that corresponds closely to the
organization's structure. Each user is assigned one or more roles, and each role is assigned one or more
privileges that are permitted to users in that role. Roles can be hierarchical.
Roles are not all equal. The point of RBAC is that different rules can be assigned different security
privileges. Labels (such as secret, top secret, etc.) are more usually associated with MAC (Mandatory
Access Control). RBAC roles are not typically determined by information flows.
QUESTION 966
With __________, access decisions are based on the roles that individual users have as part of an
organization.
A. Server based access control.
B. Rule based access control.
C. Role based access control.
D. Token based access control.
Correct Answer: C
Explanation
QUESTION 967
Under Role based access control, access rights are grouped by:
A. Policy name
B. Rules
C. Role name
D. Sensitivity label
Correct Answer: C
Explanation
QUESTION 968
Which of the following will you consider as a "role" under a role based access control system?
A. Bank rules
B. Bank computer
C. Bank teller
D. Bank network
Correct Answer: C
Explanation
QUESTION 969
Role based access control is attracting increasing attention particularly for what applications?
A. Scientific
B. Commercial
C. Security
D. Technical
Correct Answer: B
Explanation
QUESTION 970
What is one advantage of deploying Role based access control in large networked applications?
A. Higher security
B. Higher bandwidth
C. User friendliness
D. Lower cost
Correct Answer: D
Explanation
QUESTION 971
DAC and MAC policies can be effectively replaced by:
A. Rule based access control.
B. Role based access control.
C. Server based access control.
D. Token based access control
Correct Answer: B
Explanation
Role based access control (RBAC) is an alternative to traditional discretionary (DAC)

and mandatory access control (MAC) policies. The principle motivation behind RBAC is
the desire to specify and enforce enterprise-specific security policies in a way that
maps naturally to an organization's structure. Traditionally, managing security has
required mapping an organization's security policy to a relatively low-level set of
controls, typically access control lists.
QUESTION 972
Which of the following correctly describe Role based access control?
A. It allows you to specify and enforce enterprise-specific security policies in a way that maps to your user
profile groups.
B. It allows you to specify and enforce enterprise-specific security policies in a way that maps to your
organizations structure.
C. It allows you to specify and enforce enterprise-specific security policies in a way that maps to your
ticketing system.
D. It allows you to specify and enforce enterprise-specific security policies in a way that maps to your ACL.
Correct Answer: B
Explanation
QUESTION 973
With Rule Based Security Policy, a security policy is based on:
A. Global rules imposed for all users.
B. Local rules imposed for some users.
C. Global rules imposed for no body.
D. Global rules imposed for only the local users.
Correct Answer: A
Explanation
The RFC 2828 - Internet Security Glossary talks about Rule Based Security Policy: A
security policy based on global rules imposed for all users. These rules usually rely
on comparison of the sensitivity of the resource being accessed and the possession of
corresponding attributes of users, a group of users, or entities acting on behalf of
users.
QUESTION 974
With Rule Based Security Policy, global rules usually rely on comparison of the _______ of the resource
being accessed.
A. A group of users.
B. Users
C. Sensitivity
D. Entities
Correct Answer: C
Explanation
The RFC 2828 – Internet Security Glossary talks about Rule Based Security Policy: A
security policy based on global rules imposed for all users. These rules usually rely
on comparison of the sensitivity of the resource being accessed and the possession of
corresponding attributes of users, a group of users, or entities acting on behalf of
users.
QUESTION 975
What control is based on a specific profile for each user?
A. Lattice based access control.
B. Directory based access control.
C. Rule based access control.
D. ID based access control.
Correct Answer: C
Explanation
With this model, information can be easily changed for only one user but this scheme
may become a burden in a very large environment. A rule-based access control unit will
intercept every request to the server and compare the source specific access conditions
with the rights of the user in order to make an access decision. A good example could
be a firewall. Here a set of rules defined by the network administrator is recorded in
a file. Every time a connection is attempted (incoming or outgoing), the firewall
software checks the rules file to see if the connection is allowed. If it is not, the
firewall closes the connection.
QUESTION 976
In a very large environment, which of the following is an administrative burden?
A. Rule based access control.
B. Directory based access control.
C. Lattice based access control
D. ID bases access control
Correct Answer: A
Explanation
Rule based access control is based on a specific profile for each user. Information can
be easily changed for only one user but this scheme may become a burden in a very large
environment. A rule-based access control unit will intercept every request to the
server and compare the source specific access conditions with the rights of the user in
order to make an access decision. A good example could be a firewall. Here a set of
rules defined by the network administrator is recorded in a file. Every time a
connection is attempted (incoming or outgoing), the firewall software checks the rules
file to see if the connection is allowed. If it is not, the firewall closes the
connection.
QUESTION 977
Which of the following is a feature of the Rule based access control?
A. The use of profile.
B. The use of information flow label.
C. The use of data flow diagram.
D. The use of token.
Correct Answer: A
Explanation
Rule based access control is based on a specific profile for each user. Information can
be easily changed for only one user but this scheme may become a burden in a very large
environment. A rule-based access control unit will intercept every request to the
server and compare the source specific access conditions with the rights of the user in
order to make an access decision. A good example could be a firewall. Here a set of
rules defined by the network administrator is recorded in a file. Every time a
connection is attempted (incoming or outgoing), the firewall software checks the rules
file to see if the connection is allowed. If it is not, the firewall closes the
connection.
QUESTION 978
In discretionary access control security, who has delegation authority to grant access to data?
A. User
B. Security officer
C. Security policy
D. Owner
Correct Answer: D
Explanation
This question may seem a little confusing if you were stuck between user
and owner. Only the data owner can decide who can access the resources
she owns. She may be a user and she may not. A user is not necessarily the
owner of the resource. Only the actual owner of the resource can dictate what
subjects can actually access the resource
QUESTION 979
Ron is a new security manager and needs to help ensure that his company can easily work with
international entities in the case of cybercrime activities. His company is expanding their offerings to include
cloud computing to their customers, which are from all over the world. Ron knows that several of their
partners work in Europe, who would like to take advantage of his company's cloud computing offerings.
What does Ron need to ensure that the company follows to allow its European partners to use its clouding
computing offering?
A. Personal Information Protection and Electronic Documents Act
B. Business exemption rule of evidence
C. International Organization on Computer Evidence
D. Safe Harbor requirements
Correct Answer: D
Explanation
If a non-European organization wants to do business with a European

entity, it will need to adhere to the Safe Harbor requirements if certain types
of data will be passed back and forth during business processes.
QUESTION 980
Jan's company develops software that provides cryptographic functionality. The software products provide
functionality that allows companies to be compliant with its privacy regulations and laws.
Which of the following is the most important functionality the software should provide to meet its customers'
needs?
A. Provide Safe Harbor protection
B. Protect personally identifiable information
C. Provide transborder flow protection
D. Provide live forensics capabilities
Correct Answer: B
Explanation
Personally identifiable information (PII) is data that can be used to

uniquely identify, contact, or locate a single person or can be used with other
sources to uniquely identify a single individual. This type of data commonly
falls under privacy laws and regulation protection requirements.
QUESTION 981
Which of the following has an incorrect definition mapping?
i. Civil (code) law - Based on previous interpretations of laws
ii. Common law - Rule-based law, not precedence-based
iii. Customary law - Deals mainly with personal conduct and patterns of behavior
iv. Religious law - Based on religious beliefs of the region
A. i, iii
B. i, ii, iii
C. i, ii
D. iv
Correct Answer: C
Explanation
The following has the proper definition mappings:

i. Civil (code) law Civil law is rule-based law, not precedence-based
ii. Common law Based on previous interpretations of laws
iii. Customary law Deals mainly with personal conduct and patterns of behavior
iv. Religious law Based on religious beliefs of the region
QUESTION 982
Widgets Inc. wishes to protect its logo from unauthorized use. Which of the following will protect the logo
and ensure that others cannot copy and use it?
A. Patent
B. Copyright
C. Trademark
D. Trade secret law
Correct Answer: C
Explanation
Intellectual property can be protected by several different laws, depending upon the type of resource it is. A
trademark is used to protect a word, name, symbol, sound, shape, color, or combination of these—such as
a logo. The reason a company would trademark one of these, or a combination, is that it represents their
company (brand identity) to a group of people or to the world. Companies have marketing departments that
work very hard in coming up with something new that will cause the company to be noticed and stand out in
a crowd of competitors, and trademarking the result of this work with a government registrar is a way of
properly protecting it and ensuring others cannot copy and use it.
A is incorrect because a patent covers an invention, whereas a trademark protects a word, name, symbol,
sound, shape, color, or combination thereof. Patents are given to individuals or companies to grant them
legal ownership of, and enable them to exclude others from using or copying, the invention covered by the
patent. The invention must be novel, useful, and not obvious. A patent is the strongest form of intellectual
property protection.
B is incorrect because in the United States, copyright law protects the right of an author to control the public
distribution, reproduction, display, and adaptation of his original work. The law covers many categories of
work: pictorial, graphic, musical, dramatic, literary, pantomimes, motion picture, sculptural, sound recording,
and architectural. Copyright law does not cover the specific resource. It protects the expression of the idea
of the resource instead of the resource itself. A copyright law is usually used to protect an author's writings,
an artist's drawings, a programmer's source code, or specific rhythms and structures of a musician's
creation.
D is incorrect because trade secret law protects certain types of information or resources from unauthorized
use or disclosure. For a company to have its resource qualify as a trade secret, the resource must provide
the company with some type of competitive value or advantage. A trade secret can be protected by law if
developing it requires special skill, ingenuity, and/or expenditure of money and effort.
QUESTION 983
There are different types of approaches to regulations. Which of the following is an example of selfregulation?
A. The Health Insurance Portability and Accountability Act
B. The Sarbanes-Oxley Act
C. The Computer Fraud and Abuse Act
D. PCI Data Security Standard
Correct Answer: D
Explanation
Privacy is becoming more threatened as the world relies more and more on technology. There are several
approaches to addressing privacy, including regulations created and enforced by the government and selfregulatory
regulations. The Payment Card Industry Data Security Standard (PCI DSS) is an example of a
self-regulatory approach. It is mandated by the credit card companies and applies to any entity that
processes, transmits, stores, or accepts credit card data. Varying levels of compliance and penalties exist
and depend on the size of the customer and the volume of transactions. However, credit cards are used by
millions and accepted almost anywhere, which means just about every business in the world must comply
with the PCI DSS. PCI DSS is not a government-created and enforced regulation. While the CISSP exam
does not require you to know specific regulations, you must understand the different approaches to
regulations.
A is incorrect because the Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal
regulation that applies to any organization that is in possession of personal medical information and
healthcare data. This regulation provides a framework and guidelines to ensure security, integrity, and
privacy when handling confidential medical information. HIPAA outlines how security should be managed
for any facility that creates, accesses, shares, or destroys medical information.
B is incorrect because the Sarbanes-Oxley Act (SOX) was created by the U.S. government in the wake of
corporate scandals and fraud which cost investors billions of dollars and threatened to undermine the
economy. The regulation applies to any company that is publicly traded on U.S. markets. Much of the law
governs accounting practices and the methods used by companies to report on their financial status.
However, some parts, Section 404 in particular, apply directly to information technology.
C is incorrect because the Computer Fraud and Abuse Act is the primary U.S. federal antihacking statute. It
prohibits seven forms of computer activity and makes them federal crimes. These acts range from felonies
to misdemeanors with corresponding small to large fines and jail sentences. One example is the knowing
access of a protected computer without authorization or in excess of authorization with the intent to defraud.
While the CISSP exam does not require you to know specific laws and regulations, you do need to
understand why various laws and regulations are put into place and why they are used.
QUESTION 984
Which of the following means that a company did all it could have reasonably done to prevent a security
breach?
A. Downstream liability
B. Responsibility
C. Due diligence
D. Due care
Correct Answer: D
Explanation
Due care means that a company did all it could have reasonably done, under the circumstances, to prevent
security breaches, and also took reasonable steps to ensure that if a security breach did take place, proper
controls or countermeasures were in place to mitigate the damages. In short, due care means that a
company practiced common sense and prudent management and acted responsibly. If a company has a
facility that burns to the ground, the arsonist is only one small piece of this tragedy. The company is
responsible for providing fire detection and suppression systems, fire-resistant construction material in
certain areas, alarms, exits, fire extinguishers, and backups of all the important information that could be
affected by a fire. If a fire burns a company's building to the ground and consumes all the records
(customer data, inventory records, and similar information that is necessary to rebuild the business), then
the company did not exercise due care to ensure it was protected from such loss (by backing up to an
offsite location, for example). In this case, the employees, shareholders, customers, and everyone affected
could potentially successfully sue the company. However, if the company did everything expected of it in the
previously listed respects, it is harder to successfully sue for failure to practice due care.
A is incorrect because downstream liability means that one company's activities—or lack of them—can
negatively affect another company. If one of the companies does not provide the necessary level of
protection and its negligence affects a partner it is working with, the affected company can sue the
upstream company. For example, let's say company A and company B have constructed an extranet.
Company A does not put in controls to detect and deal with viruses. Company A gets infected with a
destructive virus, which is spread to company B through the extranet. The virus corrupts critical data and
causes a massive disruption to company B's production. Therefore, company B can sue company A for
being negligent. This is example of downstream liability.
B is incorrect because responsibility generally refers to the obligations and expected actions and behaviors
of a particular party. An obligation may have a defined set of specific actions that are required, or a more
general and open approach, which enables the party to decide how it will fulfill the particular obligation. Due
diligence is a better answer to this question. Responsibility is not considered a legal term as the other
answers are.
C is incorrect because due diligence means that the company properly investigated all of its possible
weaknesses and vulnerabilities. Before you can figure out how to properly protect yourself, you need to find
out what it is you are protecting yourself against. This is what due diligence is all about— researching and
assessing the current level of vulnerabilities so that the true risk level is understood. Only after these steps
and assessments take place can effective controls and safeguards be identified and implemented. Due
diligence is identifying all of the potential risks and due care is actually doing something to mitigate those
risks.
QUESTION 985
What type of common law deals with violations committed by individuals against government laws, which
are created to protect the public?
A. Criminal law
B. Civil law
C. Tort law
D. Regulatory law
Correct Answer: A
Explanation
Criminal law is used when an individual's conduct violates the government's laws, which have been
developed to protect the public. Jail sentences are commonly the punishment for criminal law cases,
whereas in civil law cases the punishment is usually an amount of money that the liable individual must pay
the victim. For example, in the O.J. Simpson case, he was first tried and found not guilty in the criminal law
case, but then was found liable in the civil law case. This seeming contradiction can happen because the
burden of proof is lower in civil cases than in criminal cases.
Civil law deals with wrongs against individuals or companies that result in damages or loss. This is
referred to as tort law. Examples include trespassing, betray, negligence, and products liability. A civil
lawsuit would result in financial restitution and/or community service instead of jail sentences. When
someone sues another person in civil court, the jury decides upon liability instead of innocence or guilt. If
the jury determines the defendant is liable for the act, then the jury decides upon the punitive damages of
the case.
Tort law is another name for civil law, which deals with wrongs committed against individuals or
companies that result in injury or damages. Civil law does not use prison time as a punishment, but usually
requires financial restitution.
Regulatory law deals with regulatory standards that regulate performance and conduct. Government
agencies create these standards, which are applied to companies and organizations within those specific
industries. Some examples of regulatory laws could be that every building used for business must have a
fire detection and suppression system, must have easily seen exit signs, and cannot have blocked doors, in
case of a fire. Companies that produce and package food and drug products are regulated by many
standards so the public is protected and aware of their actions.
QUESTION 986
An access control system that grants access to information based upon its classification and the clearance
of the individual is known as:
A. Identity-based access control
D. Job-based access control
Correct Answer: B
Explanation
Mandatory access control is based upon the user's clearance level, the classification of the information, and
the user's need to know.
QUESTION 987
An access control system that grants access to information based upon the identity of the user is known as:
D. Clearance-based access control
Correct Answer: A
Explanation
Identity-based access control is used to grant access to information based upon the identity of the person
requesting access.
QUESTION 988
An access control system that gives the user some control over who has access to information is known as:
B. User-directed access control
D. Clearance-based access control
Correct Answer: B
Explanation
User-directed access control, a form of discretionary access control, permits the user to grant access to
information, based upon certain limitations.
QUESTION 989
Role-based access control and task-based access control are examples of:
A. Mandatory access controls
B. Administrative controls
C. Discretionary access controls
D. Non-discretionary access controls
Correct Answer: D
Explanation
These are known as non-discretionary controls, which match information to roles or tasks and not individual
users.
QUESTION 990
Two-factor authentication is so-called because:
A. It requires two of the three authentication types.
B. Tokens use two-factor encryption to hide their secret algorithms.
C. Authentication difficulty is increased by a factor of two.
D. It uses a factor of two prime numbers algorithm for added strength.
Correct Answer: A
Explanation
Two-factor authentication requires any two of Type 1 (Something you know), Type 2 (Something you have),
and Type 3 (Something you are).
QUESTION 991
Single sign-on performs which of the following:
A. Stores the password locally using a "Save my password" feature.
B. Permits authentication to applications without having to log in one by one.
C. Stores the password and uses a cookie for subsequent authentication.
D. Is no longer used because it is not secure.
Correct Answer: B
Explanation
Single sign-on permits a user's authentication to be granted to all participating applications. This alleviates
the problem of having to remember several different user-IDs and passwords.
QUESTION 992
“A user cannot deny an action” describes the concept of
A. Authentication
B. Accountability
C. Non-repudiation
D. Plausible deniability
Correct Answer: C
Explanation
Non-repudiation. Authentication and accountability are related to but aren’t the same as non-repudiation.
Plausible deniability is a bogus answer. Review “Accountability.”
QUESTION 993
Authentication can be based on any combination of the following factors except
A. Something you know
B. Something you have
C. Something you need
D. Something you are
Correct Answer: C
Explanation
Something you need. The three factors of authentication are something you know, something you have,
and something you are. Review “System access controls.”
QUESTION 994
Sensitivity labels are a fundamental component in which type of access control systems?
A. Mandatory access control
B. Discretionary access control
C. Access control lists
D. Role-based access control
Correct Answer: A
Explanation
Mandatory access control. The fundamental components in discretionary access controls are file (and data)
ownership and access rights and permissions. Access control lists and role-based access control are types
of discretionary access control systems. Review “Access control techniques.”
QUESTION 995
Which of the following access control models addresses availability issues?
A. Bell-La Padula
B. Biba
C. Clark-Wilson
Correct Answer: D
Explanation
None of the above. Bell-La Padula addresses confidentiality issues. Biba and Clark-Wilson address integrity
issues. Review “Access control models.”
QUESTION 996
Which of the following is a disadvantage of SSL?
A. It requires a certificate on every client system.
B. It is CPU intensive.
C. All clients must be retrofitted with HTTP v3 browsers.
D. An eavesdropper can record and later play back an SSL session.
Correct Answer: B
Explanation
Because it encrypts and decrypts packets over the network, SSL consumes a lot of CPU time.
QUESTION 997
What is the purpose of NAT?
A. It is used to convert a session's private IP address to a public address.
B. It is used to detect spoofed IP packets.
C. It is used to counterattack hacking attempts.
D. It is used to facilitate court-ordered wiretaps.
Correct Answer: A
Explanation
NAT, or Network Address Translation, is used to convert internal "private" addresses into public addresses.
QUESTION 998
A data network that operates across a relatively large geographic area defines what type of network?
A. LAN
B. MAN
C. CAN
D. WAN
Correct Answer: D
Explanation
WAN. A LAN operates across a relatively small geographic area. MANs and CANs are LAN variations.
Review “Wide area network (WAN).”
QUESTION 999
A type of network attack in which TCP packets are sent from a spoofed source address with the SYN bit set
describes
A. Smurf
B. Fraggle
C. Teardrop
D. SYN flood
Correct Answer: D
Explanation
SYN flood.
Smurf attacks exploit vulnerabilities in the ICMP protocol.
Fraggle attacks exploit vulnerabilities in the UDP protocol.
A Teardrop attack exploits vulnerabilities in the TCP protocol by using the length and fragmentation offset
fields.
See “Network Attacks and Countermeasures.”
QUESTION 1000
One of the difficulties associated with network-based intrusion detection systems is:
A. Synchronizing the signature file with the firewall.
B. The steep learning curve associated with IDS.
C. The high number of false negatives that must be eliminated.
D. The high number of false positives that must be eliminated.
Correct Answer: D
Explanation
IDS is known for a high number of false positives that must be eliminated one by one.
QUESTION 1001
One disadvantage of signature-based intrusion detection is that:
A. It cannot recognize attacks that are not in the signature file.
B. It detects intrusions only on hosts but not on networks.
C. It detects intrusions only on networks but not on hosts.
D. It can only detect mechanized attacks but not hacker attacks.
Correct Answer: A
Explanation
Signature-based intrusion detection systems (IDS) can only detect attacks that are defined in its signature
file. It can be a major pain to update signature files on all IDSs in the organization.
QUESTION 1002
One disadvantage of host-based intrusion detection is that:
A. Event correlation is not possible.
B. It cannot detect broadcast packets.
C. It consumes resources on the host.
D. It can only perform signature-based detection.
Correct Answer: C
Explanation
Host-based intrusion detection systems (IDS) consume resources on the host because it must analyze
potentially voluminous network traffic.
QUESTION 1003
A system used to identify anomalies on a network is known as a:
A. Signature-based intrusion detection system
B. Network-based intrusion detection system
C. Signature-based intrusion detection system
D. Network-based intrusion control system
Correct Answer: B
Explanation
A network-based intrusion detection system (IDS) is used to detect possible intrusions by using either
signature-based or anomaly-based methods.
QUESTION 1004
The purpose of a Service Level Agreement is:
A. To guarantee a minimum quality of service for an application or function
B. To guarantee the maximum quality of service for an application or function
C. To identify gaps in availability of an application
D. To correct issues identified in a security audit
Correct Answer: A
Explanation
A Service Level Agreement, or SLA, defines minimum performance metrics of an application or service.
QUESTION 1005
What is the primary input of a high-level product design?
A. Feasibility study
B. Integration rules
C. Unit testing
D. Requirements
Correct Answer: D
Explanation
Requirements are the single largest input used in the high-level product design phase.
QUESTION 1006
Of what value is separation of authority in an organization?
A. It limits the capabilities of any single individual.
B. It provides multiple paths for fulfilling critical tasks.
C. It accommodates the requirement for parallel audit trails.
D. It ensures that only one person is authorized to perform each task.
Correct Answer: A
Explanation
Separation of authority makes it difficult for an individual to steal an organization's assets because it
requires others to cooperate with the would-be criminal.
QUESTION 1007
Which individual is responsible for classifying information?
A. Owner
B. Custodian
C. Creator
D. User
Correct Answer: A
Explanation
The information owner is ultimately responsible for the information asset and for its initial classification.
QUESTION 1008
Which individual is responsible for protecting information?
A. Owner
B. Custodian
C. Creator
D. User
Correct Answer: B
Explanation
The custodian protects the information on behalf of its owner.
QUESTION 1009
What is the definition of a "threat"?
A. Any event that produces an undesirable outcome.
B. A weakness present in a control or countermeasure.
C. An act of aggression that causes harm.
D. An individual likely to violate security policy.
Correct Answer: A
Explanation
A threat is a possible undesirable event that may cause harm or damage.
QUESTION 1010
A weakness in a security control is called a:
A. Risk
B. Vulnerability
C. Threat
D. Hole
Correct Answer: B
Explanation
A vulnerability is a weakness that can permit an undesirable event.
QUESTION 1011
A security control intended to reduce risk is called a:
A. Safeguard
B. Threat
C. Countermeasure
D. Partition
Correct Answer: A
Explanation
Safeguards exist to reduce risk in some way.
QUESTION 1012
The purpose of risk analysis is:
A. To qualify the classification of a potential threat.
B. To quantify the likelihood of a potential threat.
C. To quantify the net present value of an asset.
D. To quantify the impact of a potential threat.
Correct Answer: D
Explanation
The purpose of risk analysis is to quantify the impact of a potential threat; in other words, to put a monetary
value on the loss of information or functionality.
QUESTION 1013
Annualized Rate of Occurrence refers to:
A. The exact frequency of a threat.
B. The estimated frequency of a threat.
C. The estimated monetary value of a threat.
D. The exact monetary value of a threat.
Correct Answer: B
Explanation
Annualized Rate of Occurrence (ARO) is a risk management term that describes the likelihood of the
occurrence of a threat.
QUESTION 1014
Single Loss Expectancy refers to:
A. The expectation of the occurrence of a single loss.
B. The monetary loss realized from an individual threat.
C. The likelihood that a single loss will occur.
D. The annualized monetary loss from a single threat.
Correct Answer: B
Explanation
Single Loss Expectancy (SLE) is the monetary value associated with an individual threat.
QUESTION 1015
Annualized Loss Expectancy refers to:
A. The expectation of the occurrence of losses throughout the year.
B. The monetary loss expected from all occurrences of a single threat.
C. The total monetary annual loss from all occurrences of a single threat.
D. An industry-provided benchmark that serves as a prediction of a threat.
Correct Answer: B
Explanation
Annualized Loss Expectancy (ALE) is the product of Single Loss Expectancy (SLE) and Annualized Rate of
Occurrence (ARO).
QUESTION 1016
Which of the following is NOT required when performing a Risk Analysis?
A. Determine the monetary value of an asset.
B. Identify all threats to an asset.
C. Classify the asset's security level.
D. Calculate the Annualized Loss Expectancy.
Correct Answer: C
Explanation
A risk analysis calculates the Annualized Loss Expectancy (ALE), which is calculated from the value of the
asset and the likelihood that one or more threats will occur.
QUESTION 1017
Which of the following is NOT a general remedy to risk?
A. Risk mitigation
B. Risk transference
C. Risk acceptance
D. Risk reduction
Correct Answer: A
Explanation
The three general remedies to risk are transference, acceptance, and reduction.
QUESTION 1018
What is meant by the term "risk reduction"?
A. Factoring risk downward to match return on investment (ROI).
B. Removal of threats from the Risk Analysis (RA).
C. Reducing risk by lowering the Annualized Loss Expectancy (ALE).
D. Measures that are taken to reduce the risk of loss to an asset.
Correct Answer: D
Explanation
Risk reduction refers to any measure that can be taken to reduce the risk to an asset.
QUESTION 1019
What factors are used to select a safeguard?
A. Cost-benefit analysis, accuracy, and auditability.
B. Net present value, accuracy, and auditability.
C. Annualized Loss Expectancy, Exposure Factor, and the value of the asset.
D. The monetary cost of the safeguard.
Correct Answer: A
Explanation
A safeguard must meet a cost-benefit analysis, as well as be accurate and auditable.
QUESTION 1020
What is the best reason for employees to be aware of an organization's security policies?
A. So they can socialize it with other employees.
B. To receive reminders of best security practices.
C. So they can perform the right actions needed to protect information.
D. So they can avoid the consequences of not knowing the security policies.
Correct Answer: C
Explanation
Employees need to know about security policies so that they can do the right thing.
QUESTION 1021
What is meant by the term "risk mitigation"?
A. Elimination of risk.
B. Reduction of risk to an acceptable level.
C. Calculating vulnerabilities multiplied by threats.
D. Ranking risks in order of likelihood.
Correct Answer: B
Explanation
Risk cannot be eliminated. "Risk mitigation" refers to the process of reducing risk to a level that is
acceptable to the organization.
QUESTION 1022
Information containing salaries of employees would most likely be classified as:
A. Sensitive
B. Private
C. Confidential
D. Top Secret
Correct Answer: B
Explanation
Private is the classification associated with personal information such as employee salaries.
QUESTION 1023
Which of the following is NOT a part of risk analysis?
A. To determine value of assets
B. To determine the location of assets
C. To determine threats to assets
D. To select safeguards
Correct Answer: B
Explanation
The three main steps to a risk analysis are the performance of quantitative and qualitative analysis, asset
valuation, and safeguard selection.
QUESTION 1024
The practice of regularly transferring personnel into different positions or departments within an
organization is known as
A. Separation of duties
B. Reassignment
C. Lateral transfers
D. Job rotations
Correct Answer: D
Explanation
Job rotations. Separation of duties is related to job rotations, but is distinctly different. Reassignment and
lateral transfers are functionally equivalent to job rotations but aren’t necessarily done for the same reasons
and aren’t considered security employment practices. Review “Job rotations.”
QUESTION 1025
ALE is calculated by using the following formula:
A. SLE × ARO × EF = ALE
B. SLE × ARO = ALE
C. SLE + ARO = ALE
D. SLE – ARO = ALE
Correct Answer: B
Explanation
SLE × ARO = ALE. SLE × ARO = ALE is the correct formula for calculating ALE, where SLE is the Single
Loss Expectancy, ARO is the Annualized Rate of Occurrence, and ALE is the Annualized Loss Expectancy
(expressed in dollars). Review “Risk analysis.”
QUESTION 1026
The process of breaking the key and/or plaintext from an enciphered message is known as:
A. Decryption
B. Steganography
C. Cryptanalysis
D. Extraction
Correct Answer: C
Explanation
Cryptanalysis is the process of getting the key and/or the original message the hard way.
QUESTION 1027
The method of encryption in which both sender and recipient possess a common encryption key is known
as:
A. Message digest
B. Hash function
C. Public key cryptography
D. Secret key cryptography
Correct Answer: D
Explanation
Secret key cryptography is used when all parties possess a common key.
QUESTION 1028
Why would a user's public encryption key be widely distributed?
A. So that cryptographers can attempt to break it.
B. Because it's encrypted.
C. Because the user's private key can't be derived from their private key.
D. So that the user can decrypt messages from any location.
Correct Answer: C
Explanation
In public-key cryptography, the value of the public key doesn't in any way betray the value of the secret key.
QUESTION 1029
An asymmetric cryptosystem is also known as:
A. Message digest
B. Hash function
C. Public key cryptosystem
D. Secret key cryptosystem
Correct Answer: C
Explanation
Asymmetric cryptosystems are also known as public key cryptosystems.
QUESTION 1030
Non-repudiation refers to:
A. The technology that shoots down the "I didn't send that message" excuse
B. Re-verification of all CA certificate servers
C. The annual competency review of system and network authentication mechanisms
D. The annual competency review of system and network authentication mechanisms
Correct Answer: A
Explanation
Non-repudiation helps to prove that a specific individual did create or sign a document or transmit data to or
from another.
QUESTION 1031
What is one disadvantage of an organization signing its own certificates?
A. The certificate signing function is labor intensive.
B. Anyone outside the organization will receive warning messages.
C. The user identification process is labor intensive.
D. It is much more expensive than having certificates signed by a CA.
Correct Answer: B
Explanation
The lack of a top-level signature on a certificate results in warning messages stating that the certificate
lacks a top-level signature.
QUESTION 1032
What party in an organization signs a subscriber's digital certificate?
A. Repository
B. Subscriber's supervisor
C. Subscriber
D. Certificate Authority
Correct Answer: D
Explanation
The certificate authority, after receiving satisfactory proof of the identity of the individual, signs that
individual's certificate.
QUESTION 1033
Which protocol is most often used to access certificates in a PKI?
A. SSL
B. LDAP
C. CA
D. SSH
Correct Answer: B
Explanation
LDAP is the directory agent of choice for PKIs.
QUESTION 1034
The main purpose of configuration management is to:
A. Require cost justification for any change in a software product
B. Require approval for any desired change in a software product
C. Maintain a detailed record of changes for the lifetime of a software product.
D. Provide the customer with a process for requesting configuration changes.
Correct Answer: C
Explanation
Configuration management produces a highly detailed record, including details of each and every copy of a
software product that was created.
QUESTION 1035
The term "sandbox" is used to describe:
A. The portion of virtual memory that maps to physical memory
B. The closed environment in which a Java applet runs
C. The location where temporary compilation files are stored
D. The location where developers write and test code
Correct Answer: B
Explanation
The sandbox is the space where a Java applet runs, thereby protecting the rest of the system.
QUESTION 1036
Masquerading as another person in order to obtain information illicitly is known as
A. Hacking
B. Social engineering
C. Extortion
D. Exhumation
Correct Answer: B
Explanation
Social engineering. Social engineering is the process of obtaining information from people by tricking them
into giving up an important piece of information, such as a modem access number. Review “System Attack
Methods.”
QUESTION 1037
A SYN flood is an example of a
A. Dictionary attack
B. High Watermark attack
C. Buffer Overflow attack
D. Denial of Service attack
Correct Answer: D
Explanation
Denial of Service attack.

These attacks are designed to incapacitate a system by flooding it with traffic. Review “Denial of Service.”
QUESTION 1038
The process of recording changes made to systems is known as
A. Change Review Board
B. System Maintenance
C. Change Management
D. Configuration Management
Correct Answer: D
Explanation
Configuration Management. This is the process used to record all configuration changes to hardware and
software. Review “Configuration Management.”
QUESTION 1039
"Fail closed" is defined as:
A. The state entered by the takover node in a fault-tolerant cluster.
B. The state entered by a failed node in a fault-tolerant cluster.
C. The failure of a component that results in information being available.
D. The failure of a component that results in information being unavailable.
Correct Answer: D
Explanation
Fail closed is the property of a component that closes off all access when it fails.
QUESTION 1040
"Fail open" is defined as:
A. The state entered by the takover node in a fault-tolerant cluster
B. The state entered by a failed node in a fault-tolerant cluster
C. The failure of a component that results in information being available
D. The failure of a component that results in information being unavailable
Correct Answer: C
Explanation
Fail open is the property of a component that permits all access when it fails.
QUESTION 1041
A system that continues to operate following failure of a network component describes which type of
system?
A. Fault-tolerant
B. Fail-safe
C. Fail-soft
D. Failover
Correct Answer: A
Explanation
Fault-tolerant. A fail-safe system terminates program execution. A fail-soft system continues functioning in
a degraded mode. A failover system automatically switches to a hot backup. Review “Recovery
procedures.”
QUESTION 1042
Which of the following access control models addresses availability issues?
A. Bell-LaPadula
B. Biba
C. Clark-Wilson
Correct Answer: D
Explanation
None of the above. Bell-LaPadula addresses confidentiality issues. Biba and Clark-Wilson address integrity
issues. Review “Access Control Models.”
QUESTION 1043
In order to be admissible, electronic evidence must:
A. Be legally permissible
B. Not be copied
C. Have been in the custody of the investigator at all times
D. Not contain viruses
Correct Answer: A
Explanation
Evidence gathered in violation of any laws can't be admitted in court.
QUESTION 1044
Using social skills to acquire critical information about computer systems is known as:
A. Social espionage
B. Social engineering
C. Social racketeering
D. Eavesdropping
Correct Answer: B
Explanation
Social engineering is the term used to describe the activity carried out by clever individuals who often claim
to be someone that they are not in order to elicit information from unsuspecting individuals who are just
trying to be helpful.
QUESTION 1045
The most extensive test for a Disaster Recovery Plan
A. Has dual failover
B. Is a waste of paper
C. Is known as a parallel test
D. Is known as an interruption test
Correct Answer: D
Explanation
Is known as an interruption test. The interruption test performs an actual failover of applications to the
servers. Review “Testing the Disaster Recovery Plan.”
QUESTION 1046
Access controls and card key systems are examples of:
A. Detective controls
B. Preventative controls
C. Corrective controls
D. Trust controls
Correct Answer: B
Explanation
Preventative controls are those that are designed to prevent a security incident.
QUESTION 1047
Audit trails and security cameras are examples of:
A. Detective controls
B. Preventative controls
C. Corrective controls
D. Trust controls
Correct Answer: A
Explanation
Detective controls are designed to record security events.
QUESTION 1048
The practice of "separation of duties":
A. Is used to provide variety by rotating personnel among various tasks.
B. Helps to prevent any individual from compromising an information system.
C. Is used to ensure that the most experienced persons get the best tasks.
D. Is used in large 24x7 operations shops.
Correct Answer: B
Explanation
Separation of duties is used to ensure that no single individual has too much privilege, which could lead to a
security incident.
QUESTION 1049
What is the potential security benefit of "rotation of duties"?
A. It reduces the risk that personnel will perform unauthorized activities.
B. It ensures that all personnel are familiar with all security tasks.
C. It is used to detect covert activities.
D. It ensures security because personnel are not too familiar with their duties.
Correct Answer: A
Explanation
Separation of duties is used to keep "mixing up" the teams in order to prevent situations in which two or
more individuals are tempted to perform unauthorized acts.
QUESTION 1050
The process of reviewing and approving changes in production systems is known as:
A. Availability management
B. Configuration management
D. Resource control
Correct Answer: C
Explanation
Change management is the complete management function that controls changes made to a production
environment.
QUESTION 1051
The process of maintaining versions of software versions and settings is known as:
A. Availability management
B. Configuration management
D. Resource control
Correct Answer: B
Explanation
Configuration management is the support function that's used to store version information.
QUESTION 1052
Configuration management is used to:
A. Document the approval process for configuration changes
B. Control the approval process for configuration changes
C. Ensure that changes made to an information system don't compromise its security.
D. Preserve a complete history of the changes to software or data in a system.
Correct Answer: D
Explanation
Configuration management is used to preserve all prior settings or versions of software or hardware as well
as to provide a "check out/check in" capability to avoid collisions.
QUESTION 1053
Someone who is performing penetration testing is:
A. Stress-testing access controls
B. Looking for vulnerabilities in computer hardware or software
C. Looking for unauthorized modems and wireless network base stations
D. Attempting to decrypt encrypted data
Correct Answer: B
Explanation
Penetration testing is used to mimic an intruder's activities by identifying potential weaknesses in hardware
or software.
QUESTION 1054
Which of the following is NOT a purpose for audit trails?
A. Determining why a transaction was performed
B. Event reconstruction
C. Tracing transaction history
D. Determining what or who performed a transaction
Correct Answer: A
Explanation
Audit trails tell what happened and who did what but don't say why.
QUESTION 1055
Denial of service is:
A. The result when an administrator disables unnecessary network services
B. An attack that prevents legitimate users from being able to use a resource
C. What happens when a user lacks sufficient security credentials
D. What happens when you left your shoes off when ordering pizza over the Web.
Correct Answer: B
Explanation
Denial of service is a flood of network traffic that's intended to clog a server or network so that it can't
service legitimate customers.
QUESTION 1056
The purpose of intrusion detection is:
A. To detect attacks and other anomalies
B. To make sure that people aren't trying to "tailgate" through security entrances
C. To verify that the honeypot or honeynet is working correctly
D. To catch the hacking attempts that the firewall missed
Correct Answer: A
Explanation
Intrusion detection is used to detect intrusions, attacks, and other anomalies.
QUESTION 1057
The main disadvantage of signature-based intrusion detection is:
A. It's considerably more expensive than linguistic intrusion detection.
B. Some hackers are good at forging other people's signatures.
C. Signatures must be constantly kept up-to-date.
D. Handwriting tablets are still too expensive.
Correct Answer: C
Explanation
Like anti-virus software, signature-based intrusion detection systems must be frequently updated.
QUESTION 1058
The two types of intrusion detection are
A. Attack-based systems and response-based systems
B. Signature-based systems and anomaly-based systems
C. Knowledge-based systems and scripture-based systems
D. Passive monitoring systems and active monitoring systems
Correct Answer: B
Explanation
Signature-based systems and anomaly-based systems. The two types of IDS systems are signature-based
and anomaly-based. Review “Intrusion detection and prevention.”
QUESTION 1059
The third-party inspection of a system is known as a(n)
A. Confidence check
B. Integrity trail
C. Audit trail
D. Audit
Correct Answer: D
Explanation
Audit. An audit is an inspection of a system or process. Review “Security Auditing and Due Care.”
QUESTION 1060
One of the primary concerns with long-term audit log retention is
A. Whether anyone will be around who can find them
B. Whether any violations of privacy laws have occurred
C. Whether anyone will be around who understands them
D. Whether any tape/disk drives will be available to read them
Correct Answer: D
Explanation
Whether any tape/disk drives will be available to read them. The challenge with audit log retention is
choosing a medium that will be readable many years in the future. Review “Retaining audit logs.”
QUESTION 1061
Acting with excellence, competence, and diligence is known as:
A. Due care
B. Due diligence
C. Due ignorance
D. The Golden Principles
Correct Answer: A
Explanation
Executives and other managers must operate their companies with due care, which includes having
adequate disaster recovery planning.
QUESTION 1062
Of what value is pre-employment screening?
A. Undesirable medical or genetic conditions could diminish productivity.
B. Only certain personality types work in some organizations.
C. Employees need to have knowledge of security.
D. Background checks and reference checks could uncover undesirable qualities.
Correct Answer: D
Explanation
It's infinitely better to find undesirable qualities such as a criminal history prior to making an employment
decision.
QUESTION 1063
RAID. is also known as:
A. Recoverable Array of Independent Disks
B. Risk Analysis Initiation Detail
C. Redundant Array of Independent Disks
D. Robust Array of Inexpensive Disks
Correct Answer: C
Explanation
RAID. is an acronym for Redundant Array of Independent Disks.
QUESTION 1064
Forensics is the term that describes:
A. Due process
B. Tracking hackers from other countries
C. Taking steps taken to preserve and record evidence
D. Scrubbing a system in order to return it to service
Correct Answer: C
Explanation
Forensics is the study and activity of discovering, preserving, and recording evidence.
QUESTION 1065
Intellectual property laws apply to:
A. Trade secrets, trademarks, copyrights, and patents.
B. Trademarks, copyrights, and patents.
C. Trademarks only.
D. Patents only.
Correct Answer: A
Explanation
Intellectual property laws apply to trade secrets, trademarks, copyrights, and patents.
QUESTION 1066
The number one priority of disaster planning should always be:
A. Preservation of capital
B. Personnel evacuation and safety
C. Resumption of core business functions
D. Investor relations
Correct Answer: B
Explanation
People always come first!
QUESTION 1067
Which of the following is NOT a goal of a Business Impact Assessment (BIA)?
A. To inventory mutual aid agreements
B. To identify and prioritize business critical functions
C. To determine how much downtime the business can tolerate
D. To identify resources required by critical processes
Correct Answer: A
Explanation
Mutual aid agreements are not a significant concern of a BIA.
QUESTION 1068
The primary difference between a hot site and a warm site is:
A. A hot site is closer to the organization's data centers than is the warm site.
B. The warm site's systems don't have the organization software or data installed.
C. The warm site doesn't have computer systems in it.
D. The warm site is powered down, but the hot site is powered up and ready to go.
Correct Answer: B
Explanation
Warm sites are mostly like hot sites except that the organization's software and data aren't on the warm
site's systems.
QUESTION 1069
Which of the following is NOT a concern for a hot site?
A. Programs and data at the hot site must be protected.
B. A widespread disaster will strain the hot site's resources.
C. A hot site is expensive because of the controls and patches required.
D. Computer equipment must be shipped quickly to the hot site for it to be effective.
Correct Answer: D
Explanation
The hot site already has computer equipment.
QUESTION 1070
The disaster recovery plan needs to be continuously maintained because:
A. The organization's software versions are constantly changing.
B. The organization's business processes are constantly changing.
C. The available software patches are constantly changing.
D. The organization's data is constantly changing.
Correct Answer: B
Explanation
The DRP must contain an up-to-date record of all critical business processes.
QUESTION 1071
How is the organization's DRP best kept up-to-date?
A. With regular audits to ensure that changes in business processes are known
B. By maintaining lists of current software versions, patches, and configurations
C. By maintaining personnel contact lists
D. By regularly testing the DRP
Correct Answer: A
Explanation
Audits will uncover changes that are needed in the DRP.
QUESTION 1072
Multiple versions of a DRP available in the organization will:
A. Allow older pass-along versions of the plan to circulated to some personnel
B. Give involved personnel a choice of response procedures
C. Cause confusion during a disaster
D. Give critical personnel the best composite view of response procedures
Correct Answer: C
Explanation
There should be only one available version of the DRP available in order to avoid confusion.
QUESTION 1073
BCP stands for:
A. Basic Continuity Planning
B. Basic Continuity Procedure
C. Business Continuity Procedure
D. Business Continuity Planning
Correct Answer: D
Explanation
BCP is an acronym for Business Continuity Planning.
QUESTION 1074
Backing up data by sending it through a communications line to a remote location is known as:
A. Transaction journaling
B. Off-site storage
C. Electronic vaulting
D. Electronic journaling
Correct Answer: C
Explanation
Electronic vaulting is the term that describes backing up data over a communications line to another
location.
QUESTION 1075
A hot site is the most expensive because:
A. Travel costs can be high.
B. Duplicate staff salaries are high.
C. HVAC. systems are expensive to operate.
D. It requires constant maintenance to keep systems in sync.
Correct Answer: D
Explanation
The hot site systems' hardware, software, applications, and patches must be kept current with the
organization's main data center(s).
QUESTION 1076
The types of DRP tests are:
A. Checklist, walkthrough, simulation, parallel, and full interruption
B. Checklist, simulation, parallel, and full interruption
C. Checklist, walkthrough, simulation, and full interruption
D. Walkthrough, simulation, and parallel
Correct Answer: A
Explanation
The five types of DRP tests are checklist, walkthrough, simulation, parallel, and full interruption.
QUESTION 1077
A parallel DRP test:
A. Is resource intensive and rarely used
B. Tests the full responsiveness by shutting down production systems
C. Runs in parallel with production processing
D. Is a paper exercise to test theoretical response to a disaster
Correct Answer: C
Explanation
A parallel test utilizes parallel processing of the organization's systems but without shutting down production
systems.
QUESTION 1078
A DRP checklist test:
A. Is really only a review of the disaster recovery procedures
B. Is a test of back-up system business resumption procedures
C. Is a test of production system recovery procedures
D. Is a test of business process failover procedures
Correct Answer: A
Explanation
A checklist test is nothing more than a review of disaster recovery procedures.
QUESTION 1079
Which is NOT a factor in Business Contingency Planning?
A. Making sure there are sufficient personnel to recover business operations.
B. Identifying critical business processes and planning for their resumption
C. Filing the Business Contingency Plan with local government authorities
D. Identifying funding necessary during a disaster and for recovery of operations.
Correct Answer: C
Explanation
With rare exceptions, local governments aren't involved in companies' business contingency planning.
QUESTION 1080
What is the purpose of a Business Impact Assessment?
A. To identify critical processes and the resources required to resume them
B. To identify the impact of a disaster on the organization's value chain
C. To identify the financial cost of any particular disaster scenario
D. To identify a disaster's impact on company market share
Correct Answer: A
Explanation
The main purpose of a Business Impact Assessment is the identification of critical business processes, the
amount of downtime for those processes the business can tolerate, and the resources required to resume
those critical processes.
QUESTION 1081
Typically the first step in the BCP process is:
A. To inventory all business critical processes
B. Scope and Plan Initiation
C. Business Impact Analysis
D. Business Continuity Plan
Correct Answer: B
Explanation
The scope of the BCP program must first be determined.
QUESTION 1082
The longest period of time that a business can survive without a critical function is called
A. Downtime Tolerability Period
B. Greatest Tolerable Downtime
C. Maximum Survivable Downtime
D. Maximum Tolerable Downtime
Correct Answer: D
Explanation
Maximum Tolerable Downtime. This is the term that describes the maximum period of time that a business
function can suspend operations and the company can still survive. Review “Conducting the Business
Impact Assessment.”
QUESTION 1083
The Business Impact Assessment
A. Describes the impact of disaster recovery planning on the budget
B. Describes the impact of a disaster on business operations
C. Is a prerequisite to the Vulnerability Assessment
D. Is the first official statement produced after a disaster
Correct Answer: B
Explanation
Describes the impact of a disaster on business operations. A Business Impact Assessment (BIA) contains
quantitative and qualitative estimates of the impact of a disaster. Review “Conducting the Business Impact
Assessment.”
QUESTION 1084
An alternate information-processing facility with all systems, patches, and data mirrored from live
production systems is known as a
A. Warm site
B. Hot site
C. Recovery site
D. Mutual Aid Center
Correct Answer: B
Explanation
Hot site. Although a hot site is the most expensive to build and maintain, it provides the greatest possible
performance. Review “Identifying the Elements of a Business Continuity Plan.”
QUESTION 1085
The greatest advantage of a cold site is
A. It can be built nearly anywhere
B. Its high responsiveness
C. Its low cost
D. Its close proximity to airports
Correct Answer: C
Explanation
Its low cost. Cold sites are inexpensive, but they’re the slowest to set up and get running. Review
“Identifying the Elements of a Business Continuity Plan.”
QUESTION 1086
Which access control method is considered user-directed?
A. Nondiscretionary
B. Mandatory
C. Identity-based
D. Discretionary
Correct Answer: D
Explanation
The DAC model allows users, or data owners, the discretion of letting other
users access their resources. DAC is implemented by ACLs, which the data
owner can configure.
QUESTION 1087
If a company has a high turnover rate, which access control structure is best?
A. Role-based
B. Decentralized
C. Rule-based
D. Discretionary
Correct Answer: A
Explanation
It is easier on the administrator if she only has to create one role, assign
all of the necessary rights and permissions to that role, and plug a user into
that role when needed. Otherwise, she would need to assign and extract
permissions and rights on all systems as each individual came and left the
company.
QUESTION 1088
What determines if an organization is going to operate under a discretionary, mandatory, or
nondiscretionary access control model?
A. Administrator
B. Security policy
C. Culture
D. Security levels
Correct Answer: B
Explanation
The security policy sets the tone for the whole security program. It dictates
the level of risk that management and the company are willing to accept. This
in turn dictates the type of controls and mechanisms to put in place to ensure
this level of risk is not exceeded.
QUESTION 1089
Lenny is a new security manager for a retail company that is expanding its functionality to its partners and
customers.
The company's CEO wants to allow its partners' customers to be able to purchase items through their web
stores as easily as possible.
The CEO also wants the company's partners to be able to manage inventory across companies more
easily.
The CEO wants to be able to understand the network traffic and activities in a holistic manner, and he
wants to know from Lenny what type of technology should be put into place to allow for a more proactive
approach to stopping malicious traffic if it enters the network.
The company is a high-profile entity constantly dealing with zero-day attacks.
Which of the following is the best identity management technology that Lenny should consider
implementing to accomplish some of the company's needs?
A. LDAP directories for authoritative sources
B. Digital identity provisioning
C. Active Directory
D. Federated identity
Correct Answer: D
Explanation
Federation identification allows for the company and its partners to share
customer authentication information. When a customer authenticates to a
partner web site, that authentication information can be passed to the retail
company, so when the customer visits the retail company’s web site, the
user has less amount of user profile information she has to submit and the
authentication steps she has to go through during the purchase process could
potentially be reduced. If the companies have a set trust model and share the
same or similar federated identity management software and settings, this
type of structure and functionality is possible
QUESTION 1090
Tanya is working with the company's internal software development team.
Before a user of an application can access files located on the company's centralized server, the user must
present a valid one-time password, which is generated through a challenge-response mechanism.
The company needs to tighten access control for these files and reduce the number of users who can
access each and every file.
The company is looking to Tanya and her team for solutions to better protect the data that have been
classified and deemed critical to the company's missions.
Tanya has also been asked to implement a single sign-on technology for all internal users, but she does not
have the budget to implement a public key infrastructure.
Which of the following is one of the easiest and best items Tanya can look into for proper data protection?
A. Implementation of mandatory access control
B. Implementation of access control lists
C. Implementation of digital signatures
D. Implementation of multilevel security
Correct Answer: B
Explanation
Systems that provide mandatory access control (MAC) and multilevel

security are very specialized, require extensive administration, are expensive,
and reduce user functionality. Implementing these types of systems is not
the easiest approach out of the list. Since there is no budget for a PKI, digital
signatures cannot be used because they require a PKI. In most environments
access control lists (ACLs) are in place and can be modified to provide tighter
access control. ACLs are bound to objects and outline what operations specific
subjects can carry out on them.
QUESTION 1091
Alex works for a chemical distributor that assigns employees tasks that separate their duties and routinely
rotates job assignments. Which of the following best describes the differences between these
countermeasures?
A. They are the same thing with different titles.
B. They are administrative controls that enforce access control and protect the company's resources.
C. Separation of duties ensures that one person cannot perform a high-risk task alone, and job rotation
can uncover fraud because more than one person knows the tasks of a position.
D. Job rotation ensures that one person cannot perform a high-risk task alone, and separation of duties
can uncover fraud because more than one person knows the tasks of a position.
Correct Answer: C
Explanation
C. Separation of duties and job rotation are two security controls commonly used within companies to
prevent and detect fraud. Separation of duties is put into place to ensure that
one entity cannot carry out a task that could be damaging or risky to the company. It requires two or more
people to come together to do their individual tasks to accomplish the overall
task. Rotation of duties helps ensure that one person does not stay in one position for a long period of time
because he may end up having too much control over a segment of the
business. Such total control could result in fraud, data modification, and misuse of resources.
A is incorrect because separation of duties and job rotation are two different concepts. They are, however,
both put into place to reduce the possibilities of fraud, sabotage, misuse
of information, theft, and other security compromises. Separation of duties makes sure that one individual
cannot complete a critical task by herself. When a submarine captain needs
to launch a nuclear torpedo, the launch usually requires three codes to be entered into the launching
mechanism by three different senior crewmembers. This is an example of
separation of duties. Job rotation ensures that no single person ends up having too much control over a
segment of the business as a result of staying in one position for a long period
of time.
B is incorrect because answer C is a more detailed and definitive answer. Answer C describes both of
these controls properly and their differences. Both of these controls are
administrative in nature and are put into place to control access to company assets, but the CISSP exam
requires the best answer out of four.
D is incorrect because the description is backward. Separation of duties, not job rotation, ensures that one
person cannot perform a high-risk task alone. Job rotation moves
individuals in and out of an specific role to ensure that fraudulent activities are not taking place.
QUESTION 1092
What is the final step in authorizing a system for use in an environment?
A. Certification
B. Security evaluation and rating
C. Accreditation
D. Verification
Correct Answer: C
Explanation
Certification is a technical review of a product, and accreditation is management’s formal approval of the
findings of the certification process.
This question asked you which step was the final step in authorizing a system before it is used in an
environment, and that is what accreditation is all about.
QUESTION 1093
Which of the following was the first mathematical model of a multilevel security policy used to define the
concepts of a security state and mode of access, and to outline rules of access?
A. Biba
B. Bell-LaPadula
C. Clark-Wilson
D. State machine
Correct Answer: B
Explanation
This is a formal definition of the Bell-LaPadula model, which was created and implemented to protect
confidential government and military information.
QUESTION 1094
Which of the following best defines a virtual machine?
A. A virtual instance of an operating system
B. A piece of hardware that runs multiple operating system environments simultaneously
C. A physical environment for multiple guests
D. An environment that can be fully utilized while running legacy applications
Correct Answer: A
Explanation
A virtual machine is a virtual instance of an operating system.

A virtual machine can also be called a guest, which runs in a host environment. The host
environment—usually an operating system—can run multiple guests simultaneously. The virtual machines
pool resources such as RAM, processors, and storage from the host environment. This offers many
benefits, including enhanced processing power utilization. Other benefits include the ability to run legacy
applications. For example, an organization may choose to run its legacy applications on an instance (virtual
machine) of Windows XP long after it has rolled out Windows 7.
There's two types of hypervisors, bare metal and hosted.
These are referred to as Type 1 and Type 2 hypervisors.
Type 1 (or native, bare metal) hypervisors run directly on the host's hardware to control the hardware and to
manage guest operating systems.
A guest operating-system thus runs on another level above the hypervisor.
B is incorrect because a virtual machine is not a piece of hardware. A virtual machine is an instance of an
operating system that runs on hardware. The host can run multiple virtual machines. So, basically, you can
have one computer running different operating systems at the same time. One benefit of this is
consolidation. Using virtual machines, you can consolidate the workloads of several under-utilized servers
on to one host, thereby saving money on hardware and administrative management tasks.
C is incorrect because virtual machines provide and work within software emulation. The host provides the
resources, such as memory, processor, buses, RAM, and storage for the virtual machines. The virtual
machines share these resources but do not access them directly. The host environment, which is
responsible for managing the system resources, acts as an intermediary between the resources and the
virtual machines.
D is incorrect because many legacy applications are not compatible with specific hardware and newer
operating systems. Because of this, the application commonly under-utilizes the server software and
components. The virtual machines emulate an environment that allows legacy, and other, applications to
fully use the resources available to them. This is a reason to use a virtual machine, but the answer does not
provide its definition.
QUESTION 1095
Virtualization offers many benefits. Which of the following incorrectly describes virtualization?
A. Virtualization simplifies operating system patching.
B. Virtualization can be used to build a secure computing platform.
C. Virtualization can provide fault and error containment.
D. Virtual machines offer powerful debugging capabilities.
Correct Answer: A
Explanation
Virtualization does not simplify operating system patching. In fact, it makes it more complex because it adds
at least an operating system. Each operating system commonly varies in version and configurations—
increasing the complexity of patching. The operating systems for the servers themselves run as guests
within the host environment. Not only do you have to patch and maintain the traditional server operating
systems, but now you also have to patch and maintain the virtualization software itself.
B is incorrect because virtualization can be used to build a secure computing platform. Untrusted
applications can be run in secure, isolated sandboxes within a virtual machine. The virtualization software
"compartmentalizes" the individual guest operating systems and ensures that the processes for each guest
does not interact with the other guest processes in an unauthorized manner.
C is incorrect because virtual machines can provide fault and error containment by isolating what is run
within the specific guest operating systems. Developers and security researchers can proactively inject
faults into software to study its behavior without impacting other virtual machines. For this reason, virtual
machines are useful tools for research and academic experiments.
D is incorrect because virtual machines enable powerful debugging, as well as performance monitoring, by
allowing you to put debugging and performance monitoring tools in the virtual machine monitor. There's no
need to set up complex debugging scenarios and the operating systems can be debugged without
impacting productivity.
QUESTION 1096
What is the difference between due care and due diligence?
A. Due care is the continual effort of ensuring that the right thing takes place, and due diligence is the
continual effort to stay compliant with regulations.
B. Due care and due diligence are in contrast to the "prudent person" concept.
C. They mean the same thing.
D. Due diligence involves investigating the risks, while due care involves carrying out the necessary steps
to mitigate these risks.
Correct Answer: D
Explanation
Due care and due diligence are legal terms that do not just pertain to security.
Due diligence involves going through the necessary steps to know what a company’s or individual’s actual
risks are, while due care involves carrying out responsible actions to reduce those risks.
These concepts correspond with the “prudent person” concept.
QUESTION 1097
Which of the following best describes separation of duties and job rotation?
A. Separation of duties ensures that more than one employee knows how to perform the tasks of a
position, and job rotation ensures that one person cannot perform a high-risk task alone.
B. Separation of duties ensures that one person cannot perform a high-risk task alone, and job rotation
can uncover fraud and ensure that more than one person knows the tasks of a position.
C. They are the same thing, but with different titles.
D. They are administrative controls that enforce access control and protect the company's resources.
Correct Answer: B
Explanation
Rotation of duties enables a company to have more than one person trained
in a position and can uncover fraudulent activities. Separation of duties is put
into place to ensure that one entity cannot carry out a critical task alone.
QUESTION 1098
Which of the following is not a common component of configuration management change control steps?
A. Tested and presented
B. Service-level agreement approval
C. Report change to management
D. Approval of the change
Correct Answer: B
Explanation
A well-structured change management process should be established to aid staff members through many
different types of changes to the environment. This process should be laid out in the change control policy.
Although the types of changes vary, a standard list of procedures can help keep the process under control
and ensure it is carried out in a predictable manner. A change control policy should include procedures for
requesting a change to take place, approving the change, documentation of the change, testing and
presentation, implementation, and reporting the change to management. Configuration management
change control processes do not commonly have an effect on service-level agreement approvals.
A is incorrect because testing and presentation should be included in a standard change control policy. All
changes must be fully tested to uncover any unforeseen results. Depending on the severity of the change
and the company's organization, the change and implementation may need to be presented to a change
control committee. This helps show different sides to the purpose and outcome of the change and the
possible ramifications.
C is incorrect because a procedure for reporting a change to management should be included in a standard
change control policy. After a change is implemented, a full report summarizing the change should be
submitted to management. This report can be submitted on a periodic basis to keep management up to
date and ensure continual support.
D is incorrect because a procedure for obtaining approval for the change should be included in a standard
change control policy. The individual requesting the change must justify the reasons and clearly show the
benefits and possible pitfalls of the change. Sometimes the requester is asked to conduct more research
and provide more information before the change is approved.
QUESTION 1099
A change management process should include a number of procedures. Which of the following incorrectly
describes a characteristic or component of a change control policy?
A. Changes that are unanimously approved by the change control committee must be tested to uncover
any unforeseen results.
B. Changes approved by the change control committee should be entered into a change log.
C. A schedule that outlines the projected phases of the change should be developed.
D. An individual or group should be responsible for approving proposed changes.
Correct Answer: A
Explanation
A well-structured change management process should be put into place to aid staff members through many
different types of changes to the environment. This process should be laid out in the change control policy.
Although the types of changes vary, a standard list of procedures can help keep the process under control
and ensure it is carried out in a predictable manner. All changes approved by the change control committee
must be fully tested to uncover any unforeseen results. Depending on the severity of the change and the
company's organization, the change and implementation may need to be presented to a change control
committee. This helps show different sides to the purpose and outcome of the change and the possible
ramifications.
B is incorrect because it is true that changes approved by the change control committee should be entered
into a change log. The log should be updated as the process continues toward completion. It is important to
track and document all changes that are approved and implemented.
C is incorrect because once a change is fully tested and approved, a schedule should be developed that
outlines the projected phases of the change being implemented and the necessary milestones. These steps
should be fully documented, and progress should be monitored.
D is incorrect because requests should be presented to an individual or group that is responsible for
approving changes and overseeing the activities of changes that take place within an environment.
QUESTION 1100
Device backup and other availability solutions are chosen to balance the value of having information
available against the cost of keeping that information available. Which of the following best describes faulttolerant
technologies?
A. They are among the most expensive solutions and are usually only for the most mission-critical
information.
B. They help service providers identify appropriate availability services for the specific customer.
C. They are required to maintain integrity, regardless of the other technologies in place.
D. They allow a failed component to be replaced while the system continues to run.
Correct Answer: A
Explanation
Fault-tolerant technologies keep information available not only against individual storage device faults but
even against whole system failures. Fault tolerance is among the most expensive possible solutions for
availability and is commonly justified only for the most mission-critical information. All technology will
eventually experience a failure of some form. A company that would suffer irreparable harm from any
unplanned downtime can justify paying the high cost for fault-tolerant systems.
B is incorrect because service-level agreements (SLAs) help service providers, whether they are an internal
IT operation or an outsourcer, decide what type of availability technology and service is appropriate. From
this determination, the price of a service or the budget of the IT operation can be set. The process of
developing an SLA with a business is also beneficial to the business. While some businesses have
performed this type of introspection on their own, many have not, and being forced to go through the
exercise as part of budgeting for their internal IT operations or external sourcing helps the business
understand the real value of its information.
C is incorrect because fault-tolerant technologies do not necessarily have anything to do with data or
system integrity.
D is incorrect because "hot-swappable" hardware does not require shutting down the system and may or
may not be considered a fault-tolerant technology. Hotswapping allows the administrator to replace the
failed component while the system continues to run and information remains available; usually degraded
performance results, but unplanned downtime is avoided.
QUESTION 1101
Which of the following refers to the amount of time it will be expected to take to get a device fixed and back
into production?
A. SLA
B. MTTR
C. Hot-swap
D. MTBF
Correct Answer: B
Explanation
Mean time to repair (MTTR) is the amount of time it will be expected to take to get a device fixed and back
into production. For a hard drive in a redundant array, the MTTR is the amount of time between the actual
failure and the time when, after noticing the failure, someone has replaced the failed drive and the
redundant array has completed rewriting the information on the new drive. This is likely to be measured in
hours. For a nonredundant hard drive in a desktop PC, the MTTR is the amount of time between when the
drive goes down and the time when the replaced hard drive has been reloaded with the operating system,
software, and any backed-up data belonging to the user. This is likely to be measured in days. For an
unplanned reboot, the MTTR is the amount of time between the failure of the system and the point in time
when it has rebooted its operating system, checked the state of its disks, restarted its applications, allowed
its applications to check the consistency of their data, and once again begun processing transactions.
A is incorrect because a service-level agreement (SLA) addresses the degree of availability that will be
provided to a customer, whether that customer be an internal department within the same organization or
an external customer. The MTTR is the amount of time it will be expected to get a device fixed and back
into production. The MTTR may pertain to fixing a component or the device or replacing the device.
C is incorrect because hot-swapping refers to the replacement of a failed component while the system
continues to run and information remains available. Usually degraded performance results, but unplanned
downtime is avoided. Hot-swapping does not refer to the amount of time needed to get a system back up
and running.
D is incorrect because MTBF refers to mean time between failure, which is the estimated lifespan of a
piece of equipment. It is calculated by the vendor of the equipment or a third party. The reason for using
this value is to know approximately when a particular device will need to be replaced. It is used as a
benchmark for reliability by predicting the average time that will pass in the operation of a component or a
system until it needs to be replaced.
QUESTION 1102
Various levels of RAID dictate the type of activity that will take place within the RAID system.
Which level is associated with byte-level parity?
A. RAID Level 0
B. RAID Level 3
C. RAID Level 5
D. RAID Level 10
Correct Answer: B
Explanation
Redundant array of inexpensive disks (RAID) provides fault tolerance for hard drives and can improve
system performance. Redundancy and speed are provided by breaking up the data and writing it across
several disks so that different disk heads can work simultaneously to retrieve the requested information.
Recovery data is also created—this is called parity—so that if one disk fails, the parity data can be used to
reconstruct the corrupted or lost information. Different activities that provide fault tolerance or performance
improvements occur at different levels of a RAID system. RAID Level 3 is a scheme employing bytelevel
striping and a dedicated parity disk. Data is striped over all but the last drive with parity data held
on only the last drive. If a drive fails, it can be reconstructed from the parity drive. The most common RAID
levels used today are Levels 1, 3, and 5.
A is incorrect because only striping occurs at Level 0. Data are striped over several drives. No redundancy
or parity is involved. If one volume fails, the entire
volume can be unusable. Level 0 is used for performance only.
C is incorrect because RAID 5 employs block-level striping and interleaving parity across all disks.
Data are written in disk block units to all drives. Parity is written to all drives also, which ensures there is no
single point of failure. RAID Level 5 is the most commonly used mode.
D is incorrect because Level 10 is associated with striping and mirroring. It is a combination of Levels 1 and
0. Data are simultaneously mirrored and striped across several drives and can support multiple drive
failures.
QUESTION 1103
RAID systems use a number of techniques to provide redundancy and performance. Which of the following
activities divides and writes data over several drives?
A. Parity
B. Mirroring
C. Striping
D. Hot-swapping
Correct Answer: C
Explanation
Redundant array of inexpensive disks (RAID) is a technology used for redundancy and/or performance
improvement. It combines several physical disks and aggregates them into logical arrays. When data is
saved, the information is written across all drives. A RAID appears as a single drive to applications and
other
devices. When striping is used, data is written across all drives. This activity divides and writes the data
over several drives. Both write and read performance are increased dramatically because more than one
head is reading or writing data at the same time.
A is incorrect because parity is used to rebuild lost or corrupted data. Various levels of RAID dictate the
type of activity that will take place within the RAID system. Some levels deal only with performance issues,
while other levels deal with performance and fault tolerance. If fault tolerance is one of the services a RAID
level provides, parity is involved. If a drive fails, the parity is basically instructions that tell the RAID system
how to rebuild the lost data on the new hard drive. Parity is used to rebuild a new drive so that all the
information is restored.
B is incorrect because mirroring occurs when data is written to two drives at once. If one drive fails, the
other drive has the exact same data available. Mirroring provides redundancy. Mirroring occurs at Level 1 of
RAID systems, and with striping in Level 10.
D is incorrect because hot-swappable refers to a type of disk that is in most RAID systems. RAID systems
with hot-swapping disks are able to replace drives while the system is running. When a drive is swapped
out, or added, the parity data is used to rebuild the data on the new disk that was just added.
QUESTION 1104
In a redundant array of inexpensive disks (RAID) systems, data and parity information are striped over
several different disks.
What is parity information used for?
A. Information used to create new data
B. Information used to erase data
C. Information used to rebuild data
D. Information used to build data
Correct Answer: C
Explanation
Redundant array of inexpensive disks (RAID) provides fault tolerance for hard drives and the data they hold
and can improve system performance. Redundancy and speed are provided by breaking up the data and
writing it across several disks so that different disk heads can work simultaneously to retrieve the requested
information. Control data is also spread across each disk—this is called parity—so that if one disk fails, the
other disks can work together and restore its data. If fault tolerance is one of the services a RAID level
provides, parity is involved.
A is incorrect because parity information is not used to create new data but is used as instructions on how
to re-create data that has been lost or corrupted. If a drive fails, the parity is basically instructions that tell
the RAID system how to rebuild the lost data on the new hard drive. Parity is used to rebuild a new drive so
that all the information is restored.
B is incorrect because parity information is not used to erase data but is used as instructions on how to recreate
data that has been lost or corrupted.
D is incorrect because parity information is not used to build data but is used as instructions on how to recreate
data that has been lost or corrupted.
QUESTION 1105
Mirroring of drives is when data is written to two drives at once for redundancy purposes.
What similar type of technology is shown in the graphic that follows?
A. Direct access storage
B. Disk duplexing
C. Striping
D. Massive array of inactive disks
Correct Answer: B
Explanation
Information that is required to always be available should be mirrored or duplexed. In both mirroring (also
known as RAID 1) and duplexing, every data write operation occurs simultaneously or nearly
simultaneously in more than one physical place. The distinction between mirroring and duplexing is that
with mirroring the two (or more) physical places where the data is written may be attached to the same
controller, leaving the storage still subject to the single point of failure of the controller itself; in duplexing,
two or more controllers are used.
A is incorrect because direct success storage is a general term for magnetic disk storage devices, which
historically have been used in mainframe and minicomputer (mid-range computer) environments. A
redundant array of independent disks (RAID) is a type of Direct Success Storage Device (DASD).
C is incorrect because when data is written across all drives, the technique of striping is used. This activity
divides and writes the data over several drives. The write performance is not affected, but the read
performance is increased dramatically because more than one head is retrieving data at the same time.
Parity information is used to rebuild lost or corrupted data. Striping just means data and potentially parity
information is written across multiple disks.
D is incorrect because in a massive array of inactive disks (MAID), rack-mounted disk arrays have all
inactive disks powered down, with only the disk controller alive. When an application asks for data, the
controller powers up the appropriate disk drive(s), transfers the data, and then powers the drive(s) down
again. By powering down infrequently accessed drives, energy consumption is significantly reduced, and
the service life of the disk drives may be increased.
QUESTION 1106
What is one of the first steps in developing a business continuity plan?
A. Identify a backup solution.
B. Perform a simulation test.
C. Perform a business impact analysis.
D. Develop a business resumption plan.
Correct Answer: C
Explanation
A business impact analysis includes identifying critical systems and

functions of a company and interviewing representatives from each
department. Once management’s support is solidified, a business impact
analysis needs to be performed to identify the threats the company faces and
the potential costs of these threats.
QUESTION 1107
How often should a business continuity plan be tested?
A. At least every ten years
B. Only when the infrastructure or environment changes
C. At least every two years
D. Whenever there are significant changes in the organization and annually
Correct Answer: D
Explanation
The plans should be tested if there have been substantial changes to the
company or the environment. They should also be tested at least once a year.
QUESTION 1108
What is the most crucial requirement in developing a business continuity plan?
A. Business impact analysis
B. Implementation, testing, and following through
C. Participation from each and every department
D. Management support
Correct Answer: D
Explanation
Management’s support is the first thing to obtain before putting any real
effort into developing these plans. Without management’s support, the effort
will not receive the necessary attention, resources, funds, or enforcement.
QUESTION 1109
Which of the following describes a structured walk-through test?
A. It is performed to ensure that critical systems will run at the alternate site.
B. All departments receive a copy of the disaster recovery plan and walk through it.
C. Representatives from each department come together and review the steps of the test collectively
without actually performing those steps.
D. Normal operations are shut down.
Correct Answer: C
Explanation
During a structured walk-through test, functional representatives review

the plan to ensure its accuracy and that it correctly and accurately reflects the
company’s recovery strategy.
QUESTION 1110
Which of the following describes a cold site?
A. Fully equipped and operational in a few hours
B. Partially equipped with data processing equipment
C. Expensive and fully configured
D. Provides environmental measures but no equipment
Correct Answer: D
Explanation
A cold site only provides environmental measures—wiring, air

conditioning, raised floors—basically a shell of a building and no more.
QUESTION 1111
Which of the following best describes what a disaster recovery plan should contain?
A. Hardware, software, people, emergency procedures, recovery procedures
B. People, hardware, offsite facility
C. Software, media interaction, people, hardware, management issues
D. Hardware, emergency procedures, software, identified risk
Correct Answer: A
Explanation
The recovery plan should contain information about how to deal with
people, hardware, software, emergency procedures, recovery procedures,
facility issues, and supplies.
QUESTION 1112
Which of the following is not an advantage of a hot site?
A. Offers many hardware and software choices.
B. Is readily available.
C. Can be up and running in hours.
D. Annual testing is available.
Correct Answer: A
Explanation
Because hot sites are fully equipped, they do not allow for a lot of different
hardware and software choices. The subscription service offers basic software and
hardware products, and does not usually offer a wide range of proprietary items.
QUESTION 1113
Disaster recovery plans can stay updated by doing any of the following except:
A. Making disaster recovery a part of every business decision
B. Making sure it is part of employees' job descriptions
C. Performing regular drills that use the plan
D. Making copies of the plan and storing them in an offsite facility
Correct Answer: D
Explanation
The plan should be part of normal business activities. A lot of time and
resources go into creating disaster recovery plans, after which they are usually
stored away and forgotten. They need to be updated continuously as the
environment changes to ensure that the company can properly react to any
type of disaster or disruption.
QUESTION 1114
Which of the following best describes the relationship between high-availability and disaster recovery
techniques and technologies?
A. High-availability technologies and processes are commonly put into place so that if a disaster does take
place, either availability of the critical functions continues or the delay of getting them back online and
running is low.
B. High availability deals with asynchronous replication and recovery time objective requirements, which
increases disaster recovery performance.
C. High availability deals with synchronous replication and recovery point objective requirements, which
increases disaster recovery performance.
D. Disaster recovery technologies and processes are put into place to provide high-availability service
levels.
Correct Answer: A
Explanation
High availability and disaster recovery are not the same, but they have a
relationship. High-availability technologies and processes are commonly put
into place so that if a disaster does take place, either availability of the critical
functions continues or the delay of getting them back online and running is low.
QUESTION 1115
Susan is the new BCM coordinator and needs to identify various preventive and recovery solutions her
company should implement for BCP\DRP efforts.
She and her team have carried out an impact analysis and found out that the company's order processing
functionality cannot be out of operation for more than 15 hours.
She has calculated that the order processing systems and applications must be brought back online within
eight hours after a disruption.
The analysis efforts have also indicated that the data that are restored cannot be older than five minutes of
current real-time data.
Which of the following best describes the metrics and their corresponding values that Susan's team has
derived?
A. MTD of the order processing functionality is 15 hours.
RPO value is 8 hours. WRT value is 7 hours.
RTO value is 5 minutes.
B. MTD of the order processing functionality is 15 hours.
RTO value is 8 hours. WRT value is 7 hours.
RPO value is 5 minutes.
C. MTD of the order processing functionality is 15 hours.
D. MTD of the order processing functionality is 8 hours.
Correct Answer: B
Explanation
The order processing functionality as a whole has to be up and running within 15 hours, which is the
maximum tolerable downtime (MTD).
The systems and applications have to be up and running in eight hours, which is the Recovery Time
Objective (RTO). RTO deals with technology, but we still need processes and people in place to run the
technology.
Work Recovery Time (WRT) is the remainder of the overall MTD value.
RTO usually deals with getting the infrastructure and systems back up and running, and WRT deals with
restoring data, testing processes, and then making everything “live” for production purposes.
The data that are restored for this function can only be five minutes old; thus, the Recovery Point
Objective (RPO) has the value of five minutes.
QUESTION 1116
The NIST organization has defined best practices for creating continuity plans. Which of the following
phases deals with identifying and prioritizing critical functions and systems?
A. Identify preventive controls.
B. Develop the continuity planning policy statement.
C. Develop recovery strategies.
D. Conduct the business impact analysis.
Correct Answer: D
Explanation
Although no specific scientific equation must be followed to create continuity plans, certain best practices
have proven themselves over time. The National Institute of Standards and Technology (NIST) organization
is responsible for developing many of these best practices and documenting them so that they are easily
available to all. NIST outlines seven steps in its Special Publication 800-34, Continuity Planning Guide for
Information Technology Systems: develop the continuity planning statement; conduct the business impact
analysis; identify preventive controls; develop recovery strategies; develop the contingency plan; test the
plan and conduct training and exercises; and maintain the plan. Conducting a business impact analysis
involves identifying critical functions and systems, and allowing the organization to prioritize them based on
necessity. It also includes identifying vulnerabilities and threats, and calculating risks.
A is incorrect because identifying preventive controls must be done after critical functions and systems
have been prioritized, and their vulnerabilities, threats, and risks identified—which is all part of the business
impact analysis. Conducting a business impact analysis is step two of creating a continuity plan, and
identifying preventive controls is step three.
B is incorrect because developing the continuity planning policy statement involves writing a policy that
provides the guidance necessary to develop a business continuity plan and that assigns authority to the
necessary roles to carry out these tasks. It is the first step in creating a business continuity plan and thus
comes before identifying and prioritizing critical systems and functions, which is part of the business impact
analysis.
C is incorrect because developing recovery strategies involves formulating methods to ensure systems and
critical functions can be brought online quickly. Before this can be done, a business impact analysis must
be carried out to determine which systems and functions are critical and should be given priority during
recovery.
QUESTION 1117
A business impact analysis is considered a functional analysis. Which of the following is not carried out
during a business impact analysis?
A. A parallel or full-interruption test
B. The application of a classification scheme based on criticality levels
C. The gathering of information via interviews
D. Documentation of business functions
Correct Answer: A
Explanation
A business impact analysis (BIA) is considered a functional analysis, in which a team collects data through
interviews and documentary sources; documents business functions, activities, and transactions; develops
a hierarchy of business functions; and finally applies a classification scheme to indicate each individual
function's criticality level. Parallel and fullinterruption
tests are not part of a BIA. These tests are carried out to ensure the continued validity of a business
continuity plan, since environments continually change. A parallel test is done to ensure that specific
systems can actually perform adequately at the alternate offsite facility, while a full-interruption test involves
shutting down the original site and resuming operations and processing at the alternate site.
B is incorrect because the application of a classification scheme based on criticality levels is carried out
during a business impact analysis (BIA). This is done by identifying the critical assets of the company and
mapping them to the following characteristics: maximum tolerable downtime, operational disruption and
productivity, financial considerations,
regulatory responsibilities, and reputation.
C is incorrect because the gathering of information during interviews is conducted during a business impact
analysis. The BCP committee will not truly understand all business processes, the steps that must take
place, or the resources and supplies those processes require. So the committee must gather this
information from the people who do know, which are department managers and specific employees
throughout the organization. The committee must identify the individuals who will provide information and
how that information will be collected (surveys, interviews, or workshops).
D is incorrect because the BCP committee does document business functions as part of a business impact
analysis (BIA). Business activities and transactions must also be documented. This information is obtained
from the department managers and specific employees that are interviewed or surveyed. Once the
information is documented, the BCP committee can conduct an analysis to determine which processes,
devices, or operational activities are the most critical.
QUESTION 1118
The operations team is responsible for defining which data gets backed up and how often. Which type of
backup process backs up files that have been modified since the last time all data was backed up?
A. Incremental process
B. Full backup
C. Partial backup
D. Differential process
Correct Answer: D
Explanation
Backups can be full, differential, or incremental, and are usually used in some type of combination with
each other. Most files are not altered every day, so to save time and resources, it is best to devise a backup
plan that does not continually back up data that has not been modified. Backup software reviews the
archive bit setting when making its determination on what gets backed up and what does not. If a file is
modified or created, the file system sets the archive bit to 1, and the backup software knows to back up that
file. A differential process backs up the files that have been modified since the last full backup; in other
words, the last time all the data was backed up. When the data needs to be restored, the full backup is laid
down first, and then the differential backup is put down on top of it.
A is incorrect because an incremental process backs up all the files that have changed since the last full or
incremental backup. If a company experienced a disaster and it used the incremental process, it would first
need to restore the full backup on its hard drives and lay down every incremental backup that was carried
out before the disaster took place. So, if the full backup was done six months ago and the operations
department carried out an incremental backup each month, the restoration team would restore the full
backup and start with the older incremental backups and restore each one of them until they are all
restored.
B is incorrect because with a full backup, all data is backed up and saved to some type of storage media.
During a full backup, the archive bit is cleared, which means that it is set to 0. A company can choose to do
full backups only, in which case the restoration process is just one step, but the backup and restore
processes could take a long time.
C is incorrect because it is not the best answer to this question. While a backup can be a partial backup, it
does not necessarily mean that it backs up all the files that have been modified since the last time a backup
process was run.
QUESTION 1119
Of the following plans, which establishes senior management and a headquarters after a disaster?
A. Continuity of operations plan
B. Cyber-incident response plan
C. Occupant emergency plan
D. IT contingency plan
Correct Answer: A
Explanation
A continuity of operations plan (COOP) establishes senior management and a headquarters after a
disaster. It also outlines roles and authorities, orders of succession, and individual role tasks. Creating a
COOP begins with assessing how the organization operates to identify mission-critical staff, materials,
procedures, and equipment. If one exists, review the business process flowchart. Identify suppliers,
partners, contractors, and other businesses the organization interacts with on a daily basis, and create a list
of these and others businesses the organization could use in an emergency. It is important for an
organization to make plans for what it will do if the building becomes inaccessible.
B is incorrect because a cyber-incident response plan focuses on malware, hackers, intrusions, attacks,
and other security issues. It outlines procedures for incident response with the goal of limiting damage,
minimizing recovery time, and reducing costs. A cyber-incident response plan should include a description
of the different types of incidents, who to call when an incident occurs and each person's responsibilities,
procedures for addressing different types of incidents, and forensic procedures. The plan should be tested,
and all participants should be trained on their responsibilities.
C is incorrect because an occupant emergency plan establishes personnel safety and evacuation
procedures. The goal of an occupant emergency plan is to reduce the risk to personnel and minimize the
disruption to work and operations in the case of an emergency. The plan should include procedures for
ensuring the safety of employees with disabilities, including their evacuation from the facility if necessary. All
employees should have access to the occupant emergency response plan, and it should be practiced so
that everyone knows how to execute it.
D is incorrect because an IT contingency plan establishes procedures for the recovery of systems,
networks, and major applications after disruptions. Steps for creating IT contingency plans are addressed in
the NIST 800-34 document.
QUESTION 1120
It is not unusual for business continuity plans to become out of date. Which of the following is not a reason
why plans become outdated?
A. Changes in hardware, software, and applications
B. Infrastructure and environment changes
C. Personnel turnover
D. That the business continuity process is integrated into the change management process
Correct Answer: D
Explanation
Unfortunately, business continuity plans can become quickly out of date. An out-of-date BCP may provide a
company with a false sense of security, which could be devastating if and when a disaster actually takes
place. One of the simplest and most cost-effective and process-efficient ways to keep a plan up to date is
to incorporate it within the change management process of the organization. When you think about it, it
makes a lot of sense. Where do you document new applications, equipment, or services? Where do you
document updates and patches? Your change management process should be updated to incorporate
fields and triggers that alert the BCP team when a significant change will occur and should provide a means
to update the recovery documentation. Other measures that can help ensure that the BCP remains current
include the performance of regular drills that use the plan, including the plan's maintenance in personnel
evaluations, and making business continuity a part of every business decision.
A is incorrect because changes in hardware, software, and applications occur frequently and unless the
BCP is part of the change management process, then these changes are unlikely to be included in the
BCP. When changes to the environment take place, the BCP needs to be updated. If it is not updated after
changes, it is out of date.
B is incorrect because infrastructure and environment changes occur frequently. Just as with software,
hardware, and application changes, unless the BCP is part of the change management process,
infrastructure and environment changes are unlikely to make it into the BCP.
C is incorrect because plans often become outdated as a result of personnel turnover. It is not unusual for a
BCP to become abandoned when the person or people responsible for its maintenance leave the
organization. These responsibilities must be reassigned. To ensure this happens, maintenance
responsibilities should be incorporated into job descriptions and properly monitored.
QUESTION 1121
Which of the following is a critical first step in disaster recovery and contingency planning?
A. Plan testing and drills.
B. Complete a business impact analysis.
C. Determine offsite backup facility alternatives.
D. Organize and create relevant documentation.
Correct Answer: B
Explanation
Of the steps listed in this question, completing a business impact analysis would take the highest priority.
The BIA is essential in determining the most critical business functions and identifying the threats that
correlate them. Qualitative and quantitative data needs to be gathered, analyzed, interpreted, and
presented to management.
A is incorrect because plan testing and drills are the last step in disaster recovery and contingency
planning. It is important to test the business continuity plan regularly because environments continually
change. Tests and disaster recovery drills and exercises should be performed at least once a year. Most
companies cannot afford for these exercises to interrupt production or productivity, so the exercises may
need to take place in sections or at specific times, which requires logistical planning.
C is incorrect because determining offsite backup facility alternatives is part of the recovery strategy, which
takes place in the middle of the disaster recovery and contingency planning process. Organizations must
have alternative offsite backup facilities in the case of a larger disaster. Generally, contracts are established
with third-party vendors to provide such services. The client pays a monthly fee to retain the right to use the
facility in a time of need, and then incurs an activation fee when the facility has to be used.
D is incorrect because organizing and creating relevant documentation takes place toward the end of the
disaster recovery and contingency planning process. Procedures need to be documented because when
they are actually needed, it will most likely be a chaotic and frantic atmosphere with a demanding time
schedule. The documentation may need to include information on how to install images, configure
operating systems and servers, and properly install utilities and proprietary software. Other documentation
could include a calling tree, and contact information for specific vendors, emergency agencies, offsite
facilities, etc.
QUESTION 1122
Which of the following is not a reason to develop and implement a disaster recovery plan?
A. Provide steps for a post-disaster recovery.
B. Extend backup operations to include more than just backing up data.
C. Outline business functions and systems.
D. Provide procedures for emergency responses.
Correct Answer: C
Explanation
Outlining business functions and systems is not a viable reason to create and implement a disaster
recovery plan. Although these tasks will most likely be accomplished as a result of a disaster recovery plan,
it is not a good reason to carry out the plan compared to the other answers in the question. You don't
develop and implement a disaster recovery plan just to outline business functions and systems, although
that usually takes place during the planning process.
A is incorrect because providing steps for a post-disaster recovery is a good reason to develop and
implement a disaster recovery plan. In fact, that is exactly what a disaster recovery plan provides. The goal
of disaster recovery is to minimize the effects of a disaster and take the necessary steps to ensure that the
resources, personnel, and business processes are able to resume operation in a timely manner. The goal
of a disaster recovery plan is to handle the disaster and its ramifications right after the disaster hits.
B is incorrect because extending backup operations to include more than just backing up data is a good
reason to develop and implement a disaster recovery plan. When looking at disaster recovery plans, some
companies focus mainly on backing up data and providing redundant hardware. Although these items are
extremely important, they are just small pieces
of the company's overall operations. Hardware and computers need people to configure and operate them,
and data is usually not useful unless it is accessible by other systems and possibly outside entities. All of
these things can require backups, not just data.
D is incorrect because providing procedures for emergency responses is a good reason to develop and
implement a disaster recovery plan. A disaster recovery plan is carried out when everything is still in
emergency mode and everyone is scrambling to get all critical systems back online. Having well-thoughtout
written procedures makes this whole process much more effective.
QUESTION 1123
Business continuity plans can be assessed via a number of tests. Which type of test continues up to the
point of actual relocation to an offsite facility and actual shipment of replacement equipment?
A. Parallel test
B. Checklist test
C. Structured walk-through test
D. Simulation test
Correct Answer: D
Explanation
In a simulation test, all employees who participate in operational and support functions come together to
practice executing the disaster recovery plan based on a specific scenario. The scenario is used to test the
reaction of each operational and support representative. This is done to ensure that specific steps were not
left out and certain threats were not overlooked, as well as to act as a catalyst to raise awareness of the
people involved. The drill includes only those materials available in an actual disaster to portray a more
realistic environment. The simulation test continues up to the point of actual relocation to an offsite facility
and actual shipment of replacement equipment.
A is incorrect because a parallel test is carried out to ensure that the specific systems can actually perform
adequately at the alternate offsite facility. The systems are moved to the alternate site and processing takes
place. The results are compared with the regular processing that is done at the original site. This activity
points out any necessary tweaking, reconfiguring, or steps that need to take place to ensure that proper
processing can take place at the alternate site.
B is incorrect because in a checklist test copies of the disaster recovery and business continuity plans are
distributed to the different departments and functional areas for review. This is done so that each functional
manager or team can review the plan and indicate if anything has been left out or if some approaches
should be modified or deleted. This is a method that ensures that some things have not been taken for
granted or omitted. Once the departments have reviewed their copy and made suggestions, the planning
team then integrates those changes into the master plan.
C is incorrect because in a structured walk-through test representatives from each department or functional
area come together to go over the plan to ensure its accuracy. The group goes over the objectives of the
plan; discusses the scope and assumptions of the plan; reviews the organization and reporting structure;
and evaluates the testing, maintenance, and training requirements described. This gives the people who
will be responsible for making sure that a disaster recovery happens effectively and efficiently a chance to
review what has been decided upon and what is expected of them. The group walks through different
scenarios of the plan from beginning to end to make sure nothing was left out and to raise the awareness of
the recovery team members.
QUESTION 1124
What type of infrastructural setup is illustrated in the graphic that follows?
A. Hot site
B. Warm site
C. Cold site
D. Reciprocal agreement
Correct Answer: A
Explanation
A hot site is a facility that is leased or rented and is fully configured and ready to operate within a few hours.
The only missing resources from a hot site are usually the data, which will be retrieved from a backup site,
and the people who will be processing the data. The equipment and system software must absolutely be
compatible with the data being restored from the main site and must not cause any negative interoperability
issues. These sites are a good choice for a company that needs to ensure a site will be available for it as
soon as possible.
B is incorrect because a warm site is a leased or rented facility that is usually partially configured with some
equipment, but not the actual computers. In other words, a warm site is usually a hot site without the
expensive equipment. Staging a facility with duplicate hardware and computers configured for immediate
operation is extremely expensive, so a warm site provides an alternate facility with some peripheral devices.
This is the most widely used model. It may be a better choice for companies that depend upon proprietary
and unusual hardware and software, because they will bring their own hardware and software with them to
the site after the disaster hits.
C is incorrect because a cold site is a leased or rented facility that supplies the basic environment, electrical
wiring, air conditioning, plumbing, and flooring, but none of the equipment or additional services. It may take
weeks to get the site activated and ready for work. The cold site could have equipment racks and dark fiber
(fiber that does not have the circuit engaged) and maybe even desks, but it would require the receipt of
equipment from the client, since it does not provide any. The cold site is the least expensive option but
takes the most time and effort to actually get up and functioning right after a disaster.
D is incorrect because a reciprocal agreement is one in which a company promises another company it can
move into its facility and share space if it experiences a disaster and vice versa. Reciprocal agreements are
very tricky to implement and are unenforceable. This is a cheaper way to go than the other offsite choices,
but it is not always the best choice.
Most environments are maxed out pertaining to the use of facility space, resources, and computing capability.

Cloud Security Introduction +1100 Questions-Answers-Explanations

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Cloud Security Introduction +1100 Questions-Answers-Explanations

Enviado por

Direitos autorais:

Formatos disponíveis

Cloud Security Introduction

Self-serve management of resource allocation reduces IT administrative overhead, while automated

Because a private cloud resides on resources controlled or managed by an organization, it is preferable to

A successful pilot indicates an organization’s readiness, and identification of regulatory requirements is

Correct Answer: ABD

Correct Answer: ABC

Correct Answer: ACDEG

B is incorrect because time division multiplexing is a signal transmission protocol.

B is incorrect because there is no such thing as a retail cloud.

From a business perspective, cloud computing is a form of outsourcing.

B is incorrect because cloud computing is a form of outsourcing.

Availability ensures that something is reachable at any time.

Scalability allows adding or removing computing resources in a cloud environment.

B is incorrect because the terms are in the wrong order.

If storage space is allocated automatically based on a configured threshold, it is automation.

Host-based firewalls are not a risk; they mitigate network attacks.

Application development tools are related to PaaS, not IaaS.

PaaS allows developers to quickly create and test applications.

Cloud computing is essentially IT outsourcing, at least from a business perspective.

Correct Answer: ABD

A single network connection to a cloud provider presents a single point of failure.

Capacity planning falls under the Service Design phase.

Private SaaS = SaaS applications delivered on a single tenant

Correct Answer: BCE

Hardware-assisted virtualization must be enabled in BIOS to optimize hypervisor support.

Correct Answer: BCD

A private cloud is used exclusively by a single organization.

A public cloud is used shared by many different organizations.

A replica is an exact copy of a stored item.

VirtualBox and KVM are examples of open source hypervisors.

Correct Answer: ABC

A VLAN logically creates multiple LANs inside a single switching fabric.

Correct Answer: ABD

Correct Answer: ABC

Correct Answer: ABC

Correct Answer: ACD

Latency is the time measurement of delay in a data network.

Latency affects real-time data such as voice and video.

File Transfer Protocol Secure is the encrypted version of FTP.

Correct Answer: ABD

Correct Answer: ACD

Correct Answer: ACD

SSD has both fast read-write times and is power efficient.

Correct Answer: ABC

Correct Answer: ACD

Correct Answer: ABCE

Correct Answer: CDF

Correct Answer: ABDF

A VPN connection is commonly deployed for remote network management.

A trap is an unsolicited datagram sent to a management device to alert it of an event.

Correct Answer: ABEF

A vCPU is a virtual CPU assigned to a VM by the hypervisor.

Correct Answer: ACD

Correct Answer: ACD

SNMP version 3 supports both encryption and secure authentication.

Obfuscation is a means to complicate or confuse the ability to decipher storage information.

Correct Answer: BDE

Correct Answer: ABD

Correct Answer: CDF

Correct Answer: ABCF

Correct Answer: ABE

Configuration control tracks and consistency in versions and configurations.

Disk tuning is the process of optimizing hard disk performance.

Quality of service allows prioritization or differentiated services between traffic on a network.