SANS SEC401 Module Quizzes Actual Exam
Questions and Correct Answers Top Rated
What is an often-ignored IT asset in security hardening?
a) Servers
b) Routers
c) Applications
d) Desktops
b) routers
- book 1, page 27
What security framework provides cloud security guidance
across 14 domains?
a) COBIT
b) CSA Cloud Controls Matrix
c) ISO 27000
d) NIST 800-53R4 / FedRAMP
b) CSA Cloud Controls Matrix
- book 1, page 144
Which of the following maps the components of the
conceptual design via the use of a network diagram?
a) Conceptual design
b) Logical design
c) Enterprise design
d) Physical design
b) Logical design
- book 1, page 19
What principle of Know Your Environment understands the
value of a senior leader's laptop?
a) Knowing the physical design of communication
,b) Knowing the logical design of valuable data
c) Knowing the flow of communication
d) Knowing the location of valuable data
d) Knowing the location of valuable data
- book 1, page 22
Which layer 4 protocol is a good multicast solution for
optimized real-time communications delivered over a
wireless network?
a) UDP
b) ICMP
c) IP
d) TCP
a) UDP
- book 1, page 93
What term characterizes a virtual Kali Linux machine running
on a Windows 10 computer?
a) Guest OS
b) Hypervisor OS
c) Default OS
d) Host OS
a) Guest OS
- book 1, page 110
What is a benefit of cloud computing compared to an on-
premise data center?
a) Trading away variable operating costs for fixed capital
costs
b) Resources take up to a month to provision
c) On-demand resources at the speed of business
d) Greater control of infrastructure
c) On-demand resources at the speed of business
- book 1, page 125
, What is a foundational principle of zero-trust?
a) Every user, device, or network connection must be proven.
b) Block all network traffic to/from sensitive networks.
c) Developers and system admins cannot be trusted.
d) Threats from the outside are most important.
a) Every user, device, or network connection must be proven
- book 2, page ___
A security analyst seeks to control the risk of unauthorized
copying to critical files associated with external drives.
Which of the following control actions uses the concept of
vector-oriented defense-in-depth?
a) Isolating the work groups with access to the critical files
b) Disabling the ability to update critical files
c) Isolating critical files using layered protection
d) Disabling USB
d) Disabling USB
- book 2, page 20
What Authenticator Assurance Level is the following an
example of: a user authentication by using an email address
and password (involving cryptographic algorithm) and by
completing an SMS process?
a) AAL 2
b) AAL 1
c) AAL 4
d) AAL 3
a) AAL 2
- book 2, page ___
What can be used to provide common grounds for
effectiveness of security measures?
a) A detailed root cause analysis for each of the month's
security incidents
Questions and Correct Answers Top Rated
What is an often-ignored IT asset in security hardening?
a) Servers
b) Routers
c) Applications
d) Desktops
b) routers
- book 1, page 27
What security framework provides cloud security guidance
across 14 domains?
a) COBIT
b) CSA Cloud Controls Matrix
c) ISO 27000
d) NIST 800-53R4 / FedRAMP
b) CSA Cloud Controls Matrix
- book 1, page 144
Which of the following maps the components of the
conceptual design via the use of a network diagram?
a) Conceptual design
b) Logical design
c) Enterprise design
d) Physical design
b) Logical design
- book 1, page 19
What principle of Know Your Environment understands the
value of a senior leader's laptop?
a) Knowing the physical design of communication
,b) Knowing the logical design of valuable data
c) Knowing the flow of communication
d) Knowing the location of valuable data
d) Knowing the location of valuable data
- book 1, page 22
Which layer 4 protocol is a good multicast solution for
optimized real-time communications delivered over a
wireless network?
a) UDP
b) ICMP
c) IP
d) TCP
a) UDP
- book 1, page 93
What term characterizes a virtual Kali Linux machine running
on a Windows 10 computer?
a) Guest OS
b) Hypervisor OS
c) Default OS
d) Host OS
a) Guest OS
- book 1, page 110
What is a benefit of cloud computing compared to an on-
premise data center?
a) Trading away variable operating costs for fixed capital
costs
b) Resources take up to a month to provision
c) On-demand resources at the speed of business
d) Greater control of infrastructure
c) On-demand resources at the speed of business
- book 1, page 125
, What is a foundational principle of zero-trust?
a) Every user, device, or network connection must be proven.
b) Block all network traffic to/from sensitive networks.
c) Developers and system admins cannot be trusted.
d) Threats from the outside are most important.
a) Every user, device, or network connection must be proven
- book 2, page ___
A security analyst seeks to control the risk of unauthorized
copying to critical files associated with external drives.
Which of the following control actions uses the concept of
vector-oriented defense-in-depth?
a) Isolating the work groups with access to the critical files
b) Disabling the ability to update critical files
c) Isolating critical files using layered protection
d) Disabling USB
d) Disabling USB
- book 2, page 20
What Authenticator Assurance Level is the following an
example of: a user authentication by using an email address
and password (involving cryptographic algorithm) and by
completing an SMS process?
a) AAL 2
b) AAL 1
c) AAL 4
d) AAL 3
a) AAL 2
- book 2, page ___
What can be used to provide common grounds for
effectiveness of security measures?
a) A detailed root cause analysis for each of the month's
security incidents
