ITM 450|140 Capstone Revisions
Questions
A company server is currently operating at near maximum resource capacity, hosting just seven virtual
machines. Management has instructed you to deploy six new applications onto additional VMs without
purchasing new hardware since the IT/IS budget is exhausted. How can this be accomplished?
A. Data sovereignty
B. Infrastructure as code
C. Containerization
D. Serverless architecture - ✔ ✔ Containerization
A company's security policy states that user accounts should be disabled during the exit interview for
any employee leaving the company. Which of the following is the most likely reason for this policy? - ✔
✔ To prevent sabotage
Your organization issues devices to employees. These devices generate onetime passwords every 60
seconds. A server hosted within the organization knows what this password is at any given time. What
type of device is this? - ✔ ✔ Synchronous token
Your organization recently suffered a major data breach. After an investigation, security analysts
discovered that attackers were using golden tickets to access network resources. Which of the following
did the attackers exploit? - ✔ ✔ Kerberos
A compromise of a newly installed Wi-Fi connected baby monitor enabled a hacker to virtually invade a
home and play scary sounds to a startled toddler. How was the attack able to to gain access to the baby
monitor in this situation? - ✔ ✔ Exploiting default configuration
A data center has repeated hardware failures. An auditor notices that systems are stacked together in
dense groupings with no clear organization. What should be implemented to address this issue? - ✔ ✔
Hot aisles and cold aisles
A large cities, central utility company has seen a dramatic increase in the number of distribution notes,
failing or going off-line. An APT group was attempting to take over control of the utility company and
was responsible for the system failures. Which of the following systems has the attacker compromised?
- ✔ ✔ SCADA
A major online data service wants to provide better response and access times for their users and
visitors. They plan on deploying thousands of mini web servers to ISPs across the nation. These many
servers will host a few dozen main pages of their website, so that users will be routed to the logically,
,and geographically closest server for optimal performance and minimal latency. Only if a user requests
data not on these mini servers, will they be connecting to the centralize main web cluster hosted at the
companies headquarters. What is this type of appointment commonly known as? - ✔ ✔ Edge
computing
A new local VDI has been deployed in the organization. There have been numerous breaches of security
due to issues on typical desktops, workstations and laptop computers used as endpoints. Many of these
issues stemmed from users, installing unapproved software, or altering the configuration of essential
security tools. In an effort to avoid security compromises originating from endpoints in the future, all
endpoint devices are now used exclusively as dumb terminals. Thus, no local data storage or application
execution is performed on endpoints. Within the video, each worker has been assigned a VM, containing
all of their business necessary, software, and data sets. These VMs are configured to block the
installation and execution of new software code, datafiles cannot be exported to the actual endpoints,
and each time a worker logs out, they used VM is discarded and a clean version copied from a static
snapshot, repla - ✔ ✔ Non-persistent
_______ is a cloud computing concept where code is managed by the customer, and the platform or
server is managed by the cloud service provider. There is always a physical server running the code, but
this execution model allows the software designer/architect/programmer/developer to focus on the
logic of their code, and not have to be concerned about the parameters are limitations of a specific
server. - ✔ ✔ Server-less architecture
________________ is the oversight and management of the efficiency and performance of network
communications. Items to measure include throughput rate, bit rate, packet loss, latency, jitter,
transmission delay, and availability. - ✔ ✔ QoS
A ________ is an intelligent hub because it knows the hardware addresses of the systems connected on
each outbound port. Instead of repeating traffic on every outbound port, it repeats traffic only out of
the port on which the destination is known to exist. - ✔ ✔ Switch
A central authority determines which files a user can access based on the organization's hierarchy.
Which of the following best describes this? - ✔ ✔ RBAC model
A cloud-based provider has implemented an SSO technology using JSON web tokens. The tokens provide
authentication information and include user profiles. Which of the following best identifies this
technology? - ✔ ✔ OIDC
A company is developing a new product to perform simple, automated task related to indoor gardening.
The device will be able to turn lights on and off and control a pump to transfer water. The technology to
perform these automated task needs to be small in an expensive. And only need a minimal
computational capabilities, does not need networking, and should be able to execute C++ commands
natively without the need of an OS. The organization thinks that using an embedded system, or a
microcontroller may be able to provide the functionality necessary for the product. Which of the
following is the best choice to use for this new product? - ✔ ✔ Arduino
, A new operating system update has made significant changes to the prior system. While testing, you
discover that the system is highly unstable, allows for integrity, violations between applications, can be
affected easily by local denial of service attacks, and allows for information disclosure between
processes, you suspect that a key Security mechanism has been disabled or broken by the update. What
is a likely cause of these problems? - ✔ ✔ Lack of memory protections
A new startup company is designing a sensor that needs to connect wireless to a PC or IoT hub in order
to transmit its gathered data to a local application or cloud service for data analysis. The company wants
to ensure that all transferred data from the device cannot be disclosed to unauthorized entities. The
device is also intended to located within 1 meter of the PC or IoT hub it communicates with. Which of
the following concepts is the best choice for this device? - ✔ ✔ Zigbee
A new startup company needs to optimize delivery of high-definition media content to its customers.
They are planning the deployment of resource service hosts in numerous data centers across the world
in order to provide low latency, high performance, and high availability of the hosted content. What
technology is likely being implemented? - ✔ ✔ CDN
A security model provides a way for designers to map abstract statements into a solution that prescribes
the algorithms and data structures necessary to build hardware and software. Thus a security model
gives software designers something against which to measure their design and implementation. Which
of the following is the best definition of a security model? - ✔ ✔ A security model provides a
framework to implement a security policy
A table includes multiple objects and subjects and it identifies the specific access each subject has to
different objects. What is this table? - ✔ ✔ Access control matrix
A(n) _______ firewall is able to make access control decisions based on the content of communications
as well as the parameters of the associated protocol and software. - ✔ ✔ Application-level
Among the many aspects of a security solution, the most important is whether it addresses a specific
need (i.e., a threat) for your assets. But there are many other aspects of security you should consider as
well. A significant benefit of a security control is when it goes unnoticed by users. What is this called?
A. Invisibility
B. Transparency
C. Diversion
D. Hiding in plain sight - ✔ ✔ Transparency
An attacker used a tool to exploit a weakness in NTLM. They identified an administrator's user account.
Although the attacker didn't discover the administrator's password, they did access remote systems by
impersonating the administrator. Which of the following best identifies this attack? - ✔ ✔ Pass the
hash
