Pen used to do a practice exam.

Domain 2 Quiz

Domain 2 Quiz

  1. Decide where things go. On the real test you will drag them and they snap into place.
    Physical security map
  2. Jenny can unlock her work mobile phone by drawing a pattern on the screen with her finger. This mode of authentication verifies:
    1. Something you know
    2. Something you have
    3. Something you are
    4. Something you do
    5. Somewhere you are
  3. To enter the server room Joe must pass through a mantrap, entering a PIN on a keypad at the outer door, entering the mantrap and closing the door behind him, swiping his badge on the reader, then typing a password into a keyboard by the inner door. How many factors is this?
    1. 1
    2. 2
    3. 3
    4. 4
  4. To enter the server room Joe must be recognized by the guard, enter a PIN on the keypad, and place his hand on a scanner. How many factors is this?
    1. 1
    2. 2
    3. 3
    4. 4
  5. To enter the server room Joe must be recognized by the guard, show the guard his badge, and enter a PIN on the keypad. How many factors is this?
    1. 1
    2. 2
    3. 3
    4. 4
  6. Joe has been given a Post-It note with a PIN written on it. To enter the server room he must be recognized by the guard, tell the guard the passphrase of the day, and enter the PIN on the keypad. How many factors is this?
    1. 1
    2. 2
    3. 3
    4. 4
  7. Beth, a system administrator, is training Jerry, a new data maintenance technician, in how to restore backup data into production use. Which of the following should they be using?
    1. Recovery playbook
    2. Order of restoration
    3. Order of volatility
    4. Snapshot guidance
  8. Dale is the manager of the software development group. She has directed her programmers to make a backup of their code and test data at the end of every day, locking the media in a desk drawer, and making sure to lock their office door. What is the greatest remaining concern?
    1. Data remanence
    2. Off-site backups
    3. Data sovereignty
    4. Privacy protection
  9. Lori's manager, Brian, has just returned from a board meeting where it was announced that the company would be deploying Infrastructure as a Service. Brian didn't know what that was, and was embarrassed to ask. Which is the best explanation of what it will involve?
    1. Logical rather than physical network isolation
    2. Air gaps
    3. Virtualization
    4. Subcontracting
  10. Dorothy, the software development manager, needs development and testing platforms for her programmers. However, she doesn't want to have to buy server hardware, or cross-train programmers to be system administrators. Which cloud solution could solve her problem?
    1. IaaS
    2. IDaaS
    3. PaaS
    4. SaaS
  11. Maria, a security analyst, was about to boot a suspect system with a Kali Linux DVD. Her manager stopped her, saying that she mustn't modify the computer's operating system or data. She explained that it was safe, it would load an operating system into RAM and treat everything on disk as read-only data, because it's:
    1. Non-modification boot
    2. Live boot
    3. Transparent boot
    4. Ephemeral boot
  12. Alexei, an attacker from Eastern Europe, was able to break into one of your organization's virtual web servers. However, he was unable to pivot to any of several other virtual servers running on the same hardware platform. What benefit happened?
    1. VM Escape
    2. Shadow IT
    3. VM sprawl
    4. Sandboxing
    5. Hypervisor flaws
  13. Abe, a security architect, needs to configure Perfect Forward Secrecy for remote access for employees working from home. What can he use? Select two.
    1. DH
    2. DHE
    3. ECDHE
    4. One-time pads
    5. AES-GCM-256
  14. Charlotte is in charge of VPN access to the data analysis facility. She has read that it is helpful to pad a secret with a short text value before encrypting it. What concept is she considering?
    1. Salt
    2. Nonce
    3. Hash
    4. PBKDF2
  15. International, national, and state/provincial regulations require the protection of personal privacy. This makes confidentiality important, but it is not the only security goal. You need to protect both endpoint authentication and data confidentiality in all data streams. Which ciphers should you choose? Select two.
    1. AES-CBC
    2. AES-CCMP
    3. AES-CFB
    4. AES-GCM
  16. Which of these are advantages of WPA/2 Enterprise over WPA/2 PSK? Select two.
    1. PKI
    2. Stronger cipher suite
    3. Higher performance
    4. Integrated Active Directory
    5. RADIUS
  17. Tasha, a network engineer, is designing a wireless solution for her large corporation. She needs to specify the current best encryption, supporting 802.1x with either LEAP or EAP-TLS. What should she use? Select three.
    1. CCMP
    2. AES-GCM-256
    3. WPA/2 PSK
    4. WPA/2 Enterprise
    5. RADIUS
    6. Active Directory
  18. Blake has been asked to configure the web server to provide Perfect Forward Secrecy. Which security feature will this provide?
    1. Data sent from the server to the client will always be protected
    2. Data sent from the client to the server will always be protected
    3. A breach today does not expose keys from the past
    4. A breach today does not expose keys in the future
  19. Alice wants to send an encrypted message to Bob. What does she need?
    1. Alice's public key
    2. Alice's private key
    3. Bob's public key
    4. Bob's private key
  20. Alice must send a message which only Bob can read. What does Alice need?
    1. Alice's private key
    2. Alice's public key
    3. Bob's private key
    4. Bob's public key

To the answers

Exhibit with 10 things, plus 19 regular questions

Passing = 82% of 29 = 23.8

Goal = 91% of 29 = 26.4

To the Cybersecurity Page