WGU C795 Cybersecurity Management II Tactical Preassessment Questions and Answers (2022/2023) (Verified Answers)
5 views 0 purchase
Module
WGU C795
Institution
Western Governors University
WGU C795 Cybersecurity Management II Tactical Preassessment Questions and Answers (2022/2023) (Verified Answers)
A combined mail server and calendaring server environment contains no secure sockets layer (SSL) certificate.Which security principle of the CIA triad is affected by the lack of an SS...
wgu c795 cybersecurity management ii tactical preassessment questions and answers 20222023 verified answers a combined mail server and calendaring server environment contains no secure sockets l
Written for
Western Governors University
WGU C795
All documents for this subject (48)
Seller
Follow
ACADEMICAIDSTORE
Reviews received
Content preview
WGU C795 Cybersecurity Management II Tactical
Preassessment Questions and Answers (2022/2023)
(Verified Answers)
A combined mail server and calendaring server environment contains no secure
sockets layer (SSL) certificate.Which security principle of the CIA triad is affected by the
lack of an SSL certificate?
Confidentiality
A company does not have a disaster recovery plan (DRP) and suffers a multiday power
outage. Which provisioning should the company perform to provide stable power for a
long period of time?
Purchase generators
A company is moving its database backups from an off-site location to an alternate
processing site warehouse using bulk transfers. Which type of database recovery is this
company employing?
Electronic vaulting
A company's business operations are disrupted due to a flash flood. Which
consequences to business continuity should be addressed in the disaster recovery
plan?
Evaluation of risk from possible flood damage
What is defined as the ability to maintain an acceptable level of operational status
during events such as hardware failures or denial-of-service (DoS) attacks?
System resilience
Which RAID array configuration is known as striping with parity and requires the use of
three or more disks that spread the parity across all drives?
RAID 5
A web server is at near 100% utilization, and it is suggested that several web servers
run the same site, sharing traffic from the internet.Which system resilience method
would this be?
Network load balancing
Which RAID array performs striping and uses mirroring for fault tolerance?
RAID 10
Which kind of disaster recovery site typically consists of self-contained trailers?
Mobile
How often should a business continuity plan (BCP) be reviewed?
At least annually or when changes occur
Which database disaster recovery strategy transfers copies of database transaction
logs to another location?
Remote journaling
A company develops a business continuity plan in addition to an emergency
communication plan. What should be included in the company's emergency
communication plan? Choose 2 answers.
Alternate means of contact
Backup people for each role
, Which type of backup solution should be incorporated in an organization that has high-
capacity backup data requirements in the terabytes?
Disk-to-disk
Which data recovery strategy should be used to mitigate the risk of a natural disaster?
Back up data to a remote cloud provider
Which two data recovery components will back up a file and change the archive bit to
0? Choose 2 answers.
Inc. and Full
Disaster recovery team members are requested to do more than just review the disaster
recovery plan but not actually test the individual parts of the plan. Which type of test
would suit this request
Structured walk-through
When should formal change management be used to manage updates to a disaster
recovery plan?
When the IT infrastructure changes, all related disaster-recovery documentation should
be changed to match the environment.
A company presents team members with a disaster recovery scenario, asks members
to develop an appropriate response, and then tests some of the technical responses
without shutting down operations at the primary site. Which type of disaster recovery
test is being performed?
Simulation
Which defense-in-depth practices allow an organization to locate an intruder on its
internal network?
Security information and event management (SIEM) and intrusion detection system
(IDS)
A company is concerned that disgruntled employees are sending sensitive data to its
competitors. Which defense-in-depth practices assist a company in identifying an
insider threat?
Data loss prevention (DLP) and audit logs
A company is hit with a number of ransomware attacks. These attacks are causing a
significant amount of downtime and data loss since users with access to sensitive
company documents are being targeted. These attacks have prompted management to
invest in new technical controls to prevent ransomware. Which defense-in-depth
practices should this company implement?
Spam filtering and antimalware
A company's database administrator requires access to a database server to perform
maintenance. The director of information technology will provide the database
administrator access to the database server but will not provide the database
administrator access to all the data within the server's database. Which defense-in-
depth practice enhances the company's need-to-know data access strategy?
Using compartmented mode systems and least privilege
A company has signed a contract with a third-party vendor to use the vendor's inventory
management system hosted in a cloud. For convenience, the vendor set up the
application to use Lightweight Directory Access Protocol (LDAP) queries but did not
enable secure LDAP queries or implement a secure sockets layer (SSL) on the
application's web server. The vendor does not have the ability to secure the system,
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICAIDSTORE. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £9.00. You're not tied to anything after your purchase.