CERTMASTER CE SECURITY+ DOMAIN 3.0
SECURITY ARCHITECTURE ASSESSMENT|
QUESTION WITH 100% CORRECT ANSWERS
A logistics company is contemplating certain steps for its data centers in its quest to fortify its
systems against long-term power outages. What is the MOST suitable measure the company
could undertake? - ✔️✔️D. Deploying onsite generators
A multinational corporation wants to standardize and automate the setup of its Information
Technology (IT) infrastructure across various branches. This would reduce manual setup errors
and allow for quicker deployment and scaling of resources as per demand. Which methodology
should the corporation adopt to accomplish this? - ✔️✔️C. Infrastructure as code
To address the escalating operational costs and complexities stemming from multiple
standalone applications, an organization plans to restructure its software deployment process.
They want to minimize overhead, increase flexibility in development environments, and
enhance the efficient use of system resources. What approach would be the MOST effective? -
✔️✔️C. Containerization
A network security administrator's responsibilities include enhancing the enterprise's network
infrastructure security posture. They deploy a Next Generation Firewall (NGFW) as part of their
defense strategy. The enterprise mixes internal and external services, including a web
application and a virtual private network (VPN) for remote access. Which of the following
should the administrator primarily consider when implementing the NGFW to ensure effective
security without disrupting normal operat - ✔️✔️C. Deploy the NGFW in inline mode, ensuring it
analyzes all traffic while maintaining connectivity.
A network engineer is optimizing an existing cloud-based system. The primary goal is to ensure
the system remains operational, minimizing downtime, even under adverse conditions or
potential failure points. What key characteristic of system design should the engineer
prioritize? - ✔️✔️C. Availability
, A small start-up has recently launched its first web application. To ensure high availability and
to handle potential traffic spikes, the start-up decides to implement a load balancer in its
network infrastructure. The network technician must secure the load balancer against basic
threats. What is the fundamental step the network technician should take to secure the load
balancer? - ✔️✔️B. Disable unnecessary services on the load balancer.
An organization implements a new network infrastructure and plans to use an intrusion
prevention system (IPS) for security. The IT manager wants to ensure that the IPS will continue
to let traffic flow if it fails. Which failure mode should the IT manager configure the IPS? - ✔️✔️B.
Fail-open
A company is transmitting source code from its headquarters to a remote branch over the
Internet. The network administrator wants to enhance the security of this code while it is in
transit. While maintaining readability is not alarming for the organization, they have increased
concerns about ensuring the code is difficult to understand if intercepted. Which technique
should the administrator use? - ✔️✔️D. Obfuscation
A tech startup develops a unique algorithm that provides a significant competitive edge in the
market. To maintain this edge, the startup needs to ensure the highest level of protection for
this information. How should this startup categorize and handle this unique algorithm? - ✔️✔️D.
The startup should categorize the algorithm as a trade secret and protect it using non-
disclosure agreements.
A hospital has implemented a security device that processes sensitive patient information. The
hospital wants to ensure that in the event of a failure, the confidentiality and integrity of the
patient data take priority over the system's availability. What should the hospital set as the
failure mode configuration for this security device? - ✔️✔️A. The security device should be
configured to fail-closed.
In a small office building, the operations team wants to automate various processes and enable
real-time monitoring of systems over the internet. Which technology is best suited for this task?
- ✔️✔️A. IoT
SECURITY ARCHITECTURE ASSESSMENT|
QUESTION WITH 100% CORRECT ANSWERS
A logistics company is contemplating certain steps for its data centers in its quest to fortify its
systems against long-term power outages. What is the MOST suitable measure the company
could undertake? - ✔️✔️D. Deploying onsite generators
A multinational corporation wants to standardize and automate the setup of its Information
Technology (IT) infrastructure across various branches. This would reduce manual setup errors
and allow for quicker deployment and scaling of resources as per demand. Which methodology
should the corporation adopt to accomplish this? - ✔️✔️C. Infrastructure as code
To address the escalating operational costs and complexities stemming from multiple
standalone applications, an organization plans to restructure its software deployment process.
They want to minimize overhead, increase flexibility in development environments, and
enhance the efficient use of system resources. What approach would be the MOST effective? -
✔️✔️C. Containerization
A network security administrator's responsibilities include enhancing the enterprise's network
infrastructure security posture. They deploy a Next Generation Firewall (NGFW) as part of their
defense strategy. The enterprise mixes internal and external services, including a web
application and a virtual private network (VPN) for remote access. Which of the following
should the administrator primarily consider when implementing the NGFW to ensure effective
security without disrupting normal operat - ✔️✔️C. Deploy the NGFW in inline mode, ensuring it
analyzes all traffic while maintaining connectivity.
A network engineer is optimizing an existing cloud-based system. The primary goal is to ensure
the system remains operational, minimizing downtime, even under adverse conditions or
potential failure points. What key characteristic of system design should the engineer
prioritize? - ✔️✔️C. Availability
, A small start-up has recently launched its first web application. To ensure high availability and
to handle potential traffic spikes, the start-up decides to implement a load balancer in its
network infrastructure. The network technician must secure the load balancer against basic
threats. What is the fundamental step the network technician should take to secure the load
balancer? - ✔️✔️B. Disable unnecessary services on the load balancer.
An organization implements a new network infrastructure and plans to use an intrusion
prevention system (IPS) for security. The IT manager wants to ensure that the IPS will continue
to let traffic flow if it fails. Which failure mode should the IT manager configure the IPS? - ✔️✔️B.
Fail-open
A company is transmitting source code from its headquarters to a remote branch over the
Internet. The network administrator wants to enhance the security of this code while it is in
transit. While maintaining readability is not alarming for the organization, they have increased
concerns about ensuring the code is difficult to understand if intercepted. Which technique
should the administrator use? - ✔️✔️D. Obfuscation
A tech startup develops a unique algorithm that provides a significant competitive edge in the
market. To maintain this edge, the startup needs to ensure the highest level of protection for
this information. How should this startup categorize and handle this unique algorithm? - ✔️✔️D.
The startup should categorize the algorithm as a trade secret and protect it using non-
disclosure agreements.
A hospital has implemented a security device that processes sensitive patient information. The
hospital wants to ensure that in the event of a failure, the confidentiality and integrity of the
patient data take priority over the system's availability. What should the hospital set as the
failure mode configuration for this security device? - ✔️✔️A. The security device should be
configured to fail-closed.
In a small office building, the operations team wants to automate various processes and enable
real-time monitoring of systems over the internet. Which technology is best suited for this task?
- ✔️✔️A. IoT
