Architecture and Design – Part D

As a security consultant, you have been engaged by a company to establish a comprehensive baseline of an asset’s configurations. This will serve as a benchmark against which all future configurations will be evaluated for compliance and security. Which configuration management approach will you implement to achieve this objective?

A financial organization has hired a contractor to build a database for their customer information. However, the organization wants to ensure that the contractor does not have access to sensitive customer information such as personal identification numbers and financial data. The organization needs to find a way to allow the contractor to test the database environment without having access to the actual sensitive customer information. In this scenario, what technique would the organization use to protect the customer information while still allowing the contractor to perform necessary testing on the database?

A large retail company is looking to move its customer data to a cloud-based storage solution for better scalability and cost-effectiveness. They are concerned about the security of their customer data in the cloud. Which of the following solutions would be most appropriate for this company to ensure the security of its customer data in the cloud?

Which of the following types of disaster recovery sites enables a company to quickly resume normal business operations in the event of a disaster?

You have been tasked with implementing a solution to detect and gather information on unauthorized access attempts on the company’s network. Which of the following techniques would you implement to meet this requirement in the most cost-effective manner?

Which of the following cloud service models would be most appropriate for a company looking to streamline its application development process by leveraging the scalability and cost-effectiveness of the cloud, in order to create unique, customizable software?

In an effort to minimize costs, your organization has decided to migrate to the cloud. One of the main advantages of this decision is the elimination of the need for significant upfront investment in hardware and associated maintenance costs. Instead, your organization will only incur costs for the specific cloud computing resources utilized. Which cloud computing architecture would be most appropriate for your organization to deploy its cloud services?

Which of the following organizations does not offer cloud computing services?

Your company is looking for a way to outsource the management of its IT infrastructure and security. The provider should be able to manage and maintain the company’s IT systems remotely and provide necessary security measures to protect the company’s data. Which of the following providers will you choose?

Which of the following terms refers to the ability of a software application to function consistently and without interruption when transferred between different computing environments?

What type of architecture is utilized by developers to create and operate applications and services, without the need for managing underlying infrastructure?

A large retail company is launching a new e-commerce platform for its customers. As the lead web developer for the project, you are responsible for ensuring that the platform is stable and fully functional before it is made available to the public. The company’s IT department is concerned about the potential impact of any bugs or errors that may be present in the new platform, and has asked you to perform a thorough review of the platform in a controlled environment before it is released to the public. This will allow the company to identify and fix any issues before they can affect the customer experience. In which environment will you push the updates first?

Which of the following practices facilitates the integration of code changes into the primary code repository as they are developed, rather than waiting until the end of the development cycle to integrate them?

As a developer, you have been tasked with implementing a secure authentication method for a new system. The system requires users to be authenticated using temporary passcodes that are generated based on the current time of day. Which of the following authentication methods would be the most appropriate for this scenario?

A company’s IT department is looking for a security solution that will enable them to control access to sensitive data and ensure that only authorized personnel can access it. Which of the following security protocols should the company implement to meet this requirement?

What is the term used to describe the security process that utilizes unique physical characteristics of an individual, such as their retina, iris, voice, facial features, or fingerprints, to verify their identity?

Which of the following disaster recovery site options typically requires significant setup time and does not have pre-installed equipment, potentially delaying the full resumption of business operations?

Which of the following options is a network architecture approach that enables the network to be centrally controlled and managed through software applications, providing consistency in network operations regardless of underlying technology?

A company has recently implemented a new security system that monitors employee internet activity to prevent data breaches. Some employees are concerned that this system may violate their privacy rights. What should the company do to address these concerns?

In a company, who is responsible for ensuring the ownership of data and the protection of sensitive information?

A company is preparing to implement a new security system that will allow them to monitor the activities of users and detect any suspicious behavior. Which of the following security protocols should the company implement to meet this requirement?

A company is looking to adopt a Bring Your Own Device (BYOD) policy for its employees. They want to ensure that only authorized devices can access company resources and that all data transmitted to and from these devices is secure. Which of the following solutions would be most appropriate for this company to ensure the security of its data in a BYOD environment?

You are working for a startup that has recently experienced a surge in traffic for its application, leading to a decrease in performance. To improve the efficiency of incoming network traffic distribution and enhance the overall performance of the application, which of the following solutions would you implement?

In order to mitigate potential network downtime in the event of a hardware failure, your company has tasked you with implementing a solution to address the recent physical network adapter card failure on the server. Which of the following options would you choose to fulfill this requirement?

Which of the following backup methods backs up only the data that has been modified or added since the last backup was performed?

A small business has just suffered a cyber attack that resulted in a loss of critical data stored on the company’s local server. The business owner is looking for a secure and cost-effective solution to prevent such a disaster from happening in the future. What would be the best approach to store the company’s data securely and ensure that it can be recovered in the event of a disaster?

Which of the following storage options will you select to fulfill the requirement of providing centralized data storage and retrieval access for authorized network users and clients?

What measures can be implemented to enhance the security of SCADA networks? (Select all that apply)

Which of the following cryptographic methods would you utilize to ensure the authenticity and integrity of a digital message or document?

An organization is looking to secure the confidentiality of data transmitted over an insecure network. Which type of encryption should be used to ensure that sensitive data cannot be intercepted and read by unauthorized individuals during transmission?

Which of the following solutions enables your application to communicate with an external service by utilizing straightforward commands, thereby eliminating the need for complex processes to be developed in-house?

Which of the following methods would you utilize to conceal confidential information within a non-confidential file or message to prevent detection?

Which of the following encryption methods will you implement to securely transmit a sensitive plain text file over the web to ensure that only authorized parties can access the information?

Which component of the Authentication, Authorization, and Accounting (AAA) system is responsible for measuring the resources consumed by a user during access to a system?

Which of the following products utilizes the Software as a Service (SaaS) cloud deployment model? (Select all that apply.)

An organization is looking to implement a new development strategy that will allow them to quickly and efficiently roll out new features and updates to its software. Which of the following strategies will you recommend to them?

An organization is looking to improve its software development workflow by implementing a strategy that will automatically test and deploy new code changes. Which of the following strategies will you recommend to them?

A mid-sized company is concerned about the security of its sensitive data stored on its local servers. The company is looking for a solution to store its data in a secure and easily accessible manner. Which of the following options would provide the company with the most secure and convenient solution for storing its sensitive data?

A company is looking for a storage solution for its critical business data. The solution should provide fast access to the data, be cost-effective and provide protection against data loss. Which of the following storage options would best meet the company’s requirements?

Your company is concerned about the security of data stored in the cloud. To ensure that the data is secure, you have been tasked to encrypt the data before it is uploaded to the cloud. Which encryption method would be the most appropriate for this scenario?