- (Exam Topic 4)
Which of the following is considered a physical control?
Correct Answer:
A
Fences are physical controls; carpets and ceilings are architectural features, and a door is not necessarily a control: the lock on the door would be a physical security control. Although you might think of a door as a potential answer, the best answer is the fence; the exam will have questions where more than one answer is correct, and the answer that will score you points is the one that is most correct.
- (Exam Topic 2)
Which of the following would NOT be a reason to activate a BCDR strategy?
Correct Answer:
A
The loss of staffing would not be a reason to declare a BCDR situation because it does not impact production operations or equipment, and the same staff would be needed for a BCDR situation.
- (Exam Topic 4)
When using a PaaS solution, what is the capability provided to the customer?
Correct Answer:
B
According to “The NIST Definition of Cloud Computing,” in PaaS, “the capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the
application-hosting environment.
- (Exam Topic 2)
Which aspect of cloud computing would make the use of a cloud the most attractive as a BCDR solution?
Correct Answer:
D
Measured service means that costs are only incurred when a cloud customer is actually using cloud services. This is ideal for a business continuity and disaster recovery (BCDR) solution because it negates the need to keep hardware or resources on standby in case of a disaster. Services can be initiated when needed and without costs unless needed.
- (Exam Topic 4)
Which protocol operates at the network layer and provides for full point-to-point encryption of all communications and transmissions?
Correct Answer:
A
IPSec is a protocol for encrypting and authenticating packets during transmission between two parties and can involve any type of device, application, or service. The protocol performs both the authentication and negotiation of security policies between the two parties at the start of the connection and then maintains these policies throughout the lifetime of the connection. TLS operates at the application layer, not the network layer, and is widely used to secure communications between two parties. SSL is similar to TLS but has been deprecated. Although a VPN allows a secure channel for communications into a private network from an outside location, it's not a protocol.
