This chapter is from the book
This chapter is from the book
This chapter is from the book
Review Questions
Several business changes have occurred in your company over the past six months. You must analyze your enterprise’s data to ensure that data flows are protected. Which of the following guidelines should you follow? (Choose all that apply.)
- Determine which applications and services access the data.
- Determine where the data is stored.
- Share encryption keys with all users.
- Determine how the data is transmitted.
During a recent security analysis, you determine that users do not use authentication when accessing some private data. What should you do first?
- Encrypt the data.
- Configure the appropriate ACL for the data.
- Determine whether authentication can be used.
- Implement complex user passwords.
Your organization must comply with several industry and governmental standards to protect private and confidential information. You must analyze which standards to implement. Which standards should you consider?
- open standards, de facto standards, and de jure standards
- open standards only
- de facto standards only
- de jure standards only
Your organization has recently experienced issues with data storage. The servers you currently use do not provide adequate storage. After researching the issues and the options available, you decide that data storage needs for your organization will grow exponentially over the new couple years. However, within three years, data storage needs will return to the current demand. Management wants to implement a solution that will provide for the current and future needs without investing in hardware that will no longer be needed in the future. Which recommendation should you make?
- Deploy virtual servers on the existing machines.
- Contract with a public cloud service provider.
- Deploy a private cloud service.
- Deploy a community cloud service.
Management expresses concerns about using multi-tenant public cloud solutions to store organizational data. You explain that tenant data in a multi-tenant solution is quarantined from other tenants’ data using a tenant ID in the data labels. What is this condition referred to?
- data remnants
- data aggregation
- data purging
- data isolation
You have been hired as a security practitioner for an organization. You ask the network administrator for any network diagrams that are available. Which network diagram would give you the most information?
- logical network diagram
- wireless network diagram
- physical network diagram
- DMZ diagram
Your organization has recently partnered with another organization. The partner organization needs access to certain resources. Management wants you to create a perimeter network that contains only the resources that the partner organization needs to access. What should you do?
- Deploy a DMZ.
- Deploy a VLAN.
- Deploy a wireless network.
- Deploy a VPN.
Your organization has recently started allowing sales people to access internal resources remotely. Management wants you to configure the appropriate controls to provide maximum security for these connections. What should you do?
- Deploy a DMZ.
- Deploy a VLAN.
- Deploy a wireless network.
- Deploy a VPN.
Recently, sales people within your organization are having trouble managing customer-related data. Management is concerned that sales figures are being negatively affected as a result of this mismanagement. You have been asked to provide a suggestion to fix this problem. What should you recommend?
- Deploy an ERP solution.
- Deploy a CRM solution.
- Deploy a GRC solution.
- Deploy a CMS solution.
As your enterprise has grown, it has become increasingly hard to access and manage resources. Users often have trouble locating printers, servers, and other resources. You have been asked to deploy a solution that will allow easy access to internal resources. Which solution should you deploy?
- Directory Services
- CMDB
- ESB
- SOA