Sy0-501 - Chapter 1 Mastering Security Basics
-
You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application?
-
Take a snapshot of the VM before deploying the new application.
-
Take a snapshot of the VM after deploying the new application.
-
Ensure the server is configured for non-persistence.
-
Back up the server after installing the new application.
-
The SY0-501 - Chapter 1 Mastering Security Basics quiz assesses key security concepts and practices for deploying applications, preventing equipment theft, maintaining confidentiality of PII, supporting non-repudiation, ensuring integrity, and using obfuscation techniques.
Quiz Preview
- 2.
Your organization wants to reduce the amount of money it is losing due to thefts. Which of the following is the BEST example of an equipment theft deterrent?
-
Snapshots
-
Cable locks
-
Strong passwords
-
Persistent VDI
Correct Answer
A. Cable locksExplanation
Cable locks are effective equipment theft deterrents for laptops and other systems. Snapshots refer to digital snapshots that capture the state of a virtual machine at a moment in time. Passwords prevent unauthorized access to systems, but don’t provide physical security. A virtual desktop infrastructure (VDI) allows users to access a desktop on a remote server. A persistent VDI saves the user changes on the desktop, but it does not deter thefts.Rate this question:
-
- 3.
You need to transmit PII via email and you want to maintain its confidentiality. Which of the following choices is the BEST solution?
-
Use hashes.
-
Encrypt it before sending.
-
Protect it with a digital signature.
-
Use RAID.
Correct Answer
A. Encrypt it before sending.Explanation
You can maintain confidentiality of any data, including Personally Identifiable Information (PII) with encryption. Hashes provide integrity, not confidentiality. A digital signature provides authentication, nonrepudiation, and integrity. A redundant array of inexpensive disks (RAID) provides higher availability for a disk subsystem.Rate this question:
-
- 4.
Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this primarily support?
-
Supporting confidentiality
-
Supporting availability
-
Supporting obfuscation
-
Supporting non-repudiation
Correct Answer
A. Supporting non-repudiationExplanation
Digital signatures will support a use case of supporting nonrepudiation. Digital signatures don’t encrypt data, so they do not support a use case of supporting confidentiality. Redundancy and fault-tolerance solutions will increase availability. Steganography is one way of supporting obfuscation.Rate this question:
-
- 5.
Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use cases is he MOST likely using?
-
Supporting confidentiality
-
Supporting integrity
-
Supporting encryption
-
Supporting availability
Correct Answer
A. Supporting integrityExplanation
He is most likely using a use case of supporting integrity. By verifying that the hashes are the same on the configuration files, he is verifying that the files have not changed. Confidentiality is enforced with encryption, access controls, and steganography. Encryption is a method of enforcing confidentiality and it doesn’t use hashes. Availability ensures systems are up and operational when needed.Rate this question:
-
- 6.
Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following BEST describes the purpose of his actions?
-
To support steganography
-
To support integrity
-
To support availability
-
To support obfuscation
Correct Answer
A. To support obfuscationExplanation
Hiding data within data is one way to support a use case of supporting obfuscation. In this scenario, Louie is using steganography to hide the files within the image, but that is the method, not the purpose. Hashing methods and digital signatures support integrity. Redundancy and fault-tolerance methods increase availability.Rate this question:
-
- 7.
Your organization is considering virtualization solutions. Management wants to ensure that any solution provides the best ROI.Which of the following situations indicates that virtualization would provide the best ROI?
-
Most physical servers within the organization are currently utilized at close to 100 percent.
-
The organization has many servers that do not require failover services.
-
Most desktop PCs require fast processors and a high amount of memory.
-
Most physical servers within the organization are currently underutilized.
Correct Answer
A. Most physical servers within the organization are currently underutilized.Explanation
If most physical servers within the organization are currently underutilized, virtualization will provide a high return on investment (ROI). If the servers are currently utilized close to 100 percent, new servers will need to be purchased to virtualize them. It is possible to implement failover services on virtualized servers so there is little cost difference between physical and virtualized servers. The amount of processing power or memory requirements isn’t relevant unless you know how much systems are currently utilizing.Rate this question:
-
- 8.
As the CTO, Marge is implementing a security program. She has included security controls to address confidentiality and availability. Of the following choices, what else should she include?
-
Ensure critical systems provide uninterrupted service.
-
Protect data-in-transit from unauthorized disclosure.
-
Ensure systems are not susceptible to unauthorized changes.
-
Secure data to prevent unauthorized disclosure.
Correct Answer
A. Ensure systems are not susceptible to unauthorized changes.Explanation
The chief technology officer (CTO) should ensure systems are not susceptible to unauthorized changes, which is an element of integrity. A security program should address the three core security principles of confidentiality, integrity, and availability (CIA). The system in the example is already addressing confidentiality and availability. Ensuring critical systems provide uninterrupted service addresses availability. Protecting data and securing data to prevent unauthorized disclosure addresses confidentiality.Rate this question:
-
- 9.
Ned is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system?
-
Ifconfig
-
Ipconfig
-
Netstat
-
Tracert
Correct Answer
A. IfconfigExplanation
The ifconfig command displays network settings on a Linux computer. This includes the IP address, subnet mask, and default gateway assigned to the network interface card (NIC). The ipconfig command performs similar checks on Windows computers, but not on Linux systems. Netstat shows network statistics and active connections but not the network settings. The tracert command traces the route of data and can help determine which network devices are failing.Rate this question:
-
- 10.
Administrators frequently create VMs for testing. They sometimes leave these running without using them again after they complete their tests. Which of the following does this describe?
-
VM escape
-
VDI snapshot
-
VM sprawl
-
Type II hypervisor
Correct Answer
A. VM sprawlExplanation
VM sprawl occurs when an organization has many VMs that aren’t managed properly. Unmonitored VMs typically won’t get updated and can be vulnerable to attacks. VM escape is an attack that allows an attacker to access the host system from within the virtual system. A virtual desktop infrastructure (VDI) provides users with virtual desktops hosted on a server. A VDI snapshot is commonly used to provide users with the same non-persistent desktop that doesn’t save changes. The VMs might be Type II hypervisors (running as software within a host operating system), but that isn’t relevant to leaving them running and unmonitored.Rate this question:
-
- 11.
You have configured a firewall in your network to block ICMP traffic. You want to verify that it is blocking this traffic. Which of the following commands would you use?
-
Arp
-
Ipconfig
-
Netstat
-
Ping
Correct Answer
A. PingExplanation
The ping command sends Internet Control Message Protocol (ICMP) echo requests and checks for ICMP echo replies. Arp resolves IP addresses to media access control (MAC) addresses and does not use echo commands. Ipconfig checks the configuration of a NIC. Netstat shows active connections and network statistics.Rate this question:
-
- 12.
You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections?
-
Arp
-
Ipconfig
-
Ping
-
Netstat
Correct Answer
A. NetstatExplanation
The netstat command displays active connections on a system. Arp displays information related to media access control (MAC) addresses. Ipconfig displays TCP/IP configuration information for wired and wireless network interface cards. Ping checks connectivity with remote systems.Rate this question:
-
- 13.
Which type of virtualization allows a computer’s operating system kernel to run multiple isolated instances of a guest virtual machine, with each guest sharing the kernel?
-
Container virtualization
-
Type I hypervisor virtualization
-
Type II hypervisor virtualization
-
VDE
Correct Answer
A. Container virtualizationExplanation
Container-based virtualization (also called application cell virtualization) uses the same operating system kernel of the host computer. It is often used to run isolated applications or services within a virtual environment. Type I hypervisor virtualization runs directly on the system hardware. Type II hypervisor virtualization runs VMs that all include their own operating system, including their own kernel. A virtual desktop environment (VDE) provides a full desktop operating system to users.Rate this question:
-
- 14.
Users within your organization access virtual desktops hosted on remote servers. This describes which of the following?
-
VDE
-
Snapshots for non-persistence
-
Type I hypervisors
-
VM sprawl
Correct Answer
A. VDEExplanation
In a virtual desktop environment (VDE), users access virtual desktops hosted on remote servers. VDE desktops can use snapshots for non-persistence, but it is also possible to allow users to have persistent unique desktops in a VDE. Type I hypervisors (bare-metal hypervisors) run directly on the system without an operating system and are not used for a VDE. VM sprawl describes a problem of many unmanaged VMs, but the scenario doesn’t mention that the virtual desktops are not managed.Rate this question:
-
- 15.
Your organization has implemented a VDI for most users. When a user logs off, the desktop reverts to its original state without saving any changes made by the user. Which of the following BEST describes this behavior?Which one do you like?
-
Container virtualization
-
VM escape
-
Non-persistence
-
Elasticity
Correct Answer
A. Non-persistenceExplanation
Non-persistence in a virtual desktop infrastructure (VDI) indicates that the desktop is the same for most (or all) users and when the user logs off, the desktop reverts to a known state or rolls back to a known configuration. With container virtualization, application cells run isolated services or applications within the host, using the host’s kernel. Virtual machine (VM) escape is an attack where the attacker accesses the host system from within the VM. Elasticity refers to the ability to resize a VM in response to increased or decreased load.Rate this question:
-
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 21, 2023Quiz Edited by
ProProfs Editorial Team -
Oct 06, 2018Quiz Created by
Marlon Ramos
Back to top