D315 Network and Security Pre-assessment
questions with verified answers
A city uses fiber optic cable to connect smaller networks throughout the whole
city. Which type of network is described? Ans✓✓✓-MAN
A company is creating an information security policy document with many sub-
policies. Which information should be included for each sub-policy to ensure the
policy is clear and comprehensive? Ans✓✓✓-Compliance requirements the sub-
policy is designed to meet
A company is developing a data protection methodology in order to improve data
protection measures. What is a strategy that should be used? Ans✓✓✓-
Implement authentication methodologies
A company is specifically worried about DoS/DDoS attacks. Which strategy should
be used as a mitigation against this type of attack? Ans✓✓✓-Monitor normal
traffic patterns
A company is updating the devices it provides to employees to ensure that each
employee has consistent network access. What is the CIA triad component
targeted in the scenario? Ans✓✓✓-Availability
A company needs to maximize the number of virtual machines that can run on
each host. Which hypervisor should be used? Ans✓✓✓-Type 1
A company needs to specify security operations and management of all IT assets
within the seven domains of the IT infrastructure. Which type of policy should be
used? Ans✓✓✓-Asset management policy
, A company set up a firewall to analyze network traffic, considering each packet
and how groups of packets are used. What is the form of access control involved
in this scenario? Ans✓✓✓-Context-based
A company uses cloud service to manage its IT resources. The underlying
hardware resources are shared by other companies as well. What is the cloud
deployment model described in the scenario? Ans✓✓✓-Public
A company uses hash value comparisons to determine if the data in a database
has changed. What is the CIA triad component targeted in the scenario?
Ans✓✓✓-Integrity
A data breach exposed usernames and passwords to customer accounts of an
online retailer. An attacker uses the exposed data to attempt to access accounts
of another online retailer. Ans✓✓✓-Credential stuffing
A developer has an existing computer with an operating system. The developer
wants to use a hypervisor to have access to several virtual machines for a specific
project. Which form of hypervisor fits the need described in the scenario?
Ans✓✓✓-Type 2
A development team is designing a web application. The team is considering
possible errors and exceptions. The team is committed to protecting sensitive
information above all else in the event of an error or exception. What is the
security principle implemented in this scenario? Ans✓✓✓-Fail-safe
questions with verified answers
A city uses fiber optic cable to connect smaller networks throughout the whole
city. Which type of network is described? Ans✓✓✓-MAN
A company is creating an information security policy document with many sub-
policies. Which information should be included for each sub-policy to ensure the
policy is clear and comprehensive? Ans✓✓✓-Compliance requirements the sub-
policy is designed to meet
A company is developing a data protection methodology in order to improve data
protection measures. What is a strategy that should be used? Ans✓✓✓-
Implement authentication methodologies
A company is specifically worried about DoS/DDoS attacks. Which strategy should
be used as a mitigation against this type of attack? Ans✓✓✓-Monitor normal
traffic patterns
A company is updating the devices it provides to employees to ensure that each
employee has consistent network access. What is the CIA triad component
targeted in the scenario? Ans✓✓✓-Availability
A company needs to maximize the number of virtual machines that can run on
each host. Which hypervisor should be used? Ans✓✓✓-Type 1
A company needs to specify security operations and management of all IT assets
within the seven domains of the IT infrastructure. Which type of policy should be
used? Ans✓✓✓-Asset management policy
, A company set up a firewall to analyze network traffic, considering each packet
and how groups of packets are used. What is the form of access control involved
in this scenario? Ans✓✓✓-Context-based
A company uses cloud service to manage its IT resources. The underlying
hardware resources are shared by other companies as well. What is the cloud
deployment model described in the scenario? Ans✓✓✓-Public
A company uses hash value comparisons to determine if the data in a database
has changed. What is the CIA triad component targeted in the scenario?
Ans✓✓✓-Integrity
A data breach exposed usernames and passwords to customer accounts of an
online retailer. An attacker uses the exposed data to attempt to access accounts
of another online retailer. Ans✓✓✓-Credential stuffing
A developer has an existing computer with an operating system. The developer
wants to use a hypervisor to have access to several virtual machines for a specific
project. Which form of hypervisor fits the need described in the scenario?
Ans✓✓✓-Type 2
A development team is designing a web application. The team is considering
possible errors and exceptions. The team is committed to protecting sensitive
information above all else in the event of an error or exception. What is the
security principle implemented in this scenario? Ans✓✓✓-Fail-safe
