StudyXY
RegisterLog in
Information Technology /CompTIA Sec+ SY0-701: Domain 3, Quiz 1

CompTIA Sec+ SY0-701: Domain 3, Quiz 1

Information Technology15 CardsCreated about 2 months ago

These flashcards cover key concepts such as Infrastructure as Code (IaC), serverless architecture, software-defined networking (SDN), and IoT device management in enterprise networks, focusing on efficiency, scalability, and security.

PrintEmbedImportReport

What is the primary advantage of Infrastructure as Code (IaC)?

a.Ease of deployment and scalability.
b.It reduces the cost of physical infrastructure.
c. It replaces the need for cloud solutions.
d.It provides a real-time operating system.

Ease of deployment and scalability.

IaC (Infrastructure as Code) allows for automated, consistent, and repeatable deployments, making scaling and deploying infrastructure easier.

Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/15

Key Terms

Term
Definition

What is the primary advantage of Infrastructure as Code (IaC)?

a.Ease of deployment and scalability.
b.It reduces the cost of physical infrastructure.
c. It replaces the need for cloud solutions.
d.It provides a real-time operating system.

Ease of deployment and scalability.

IaC (Infrastructure as Code) allows for automated, consistent, and repeatable de...

An organization is looking to reduce its physical infrastructure footprint. Which model should they consider?

a.Centralized network infrastructure.
b.Embedded systems.
c.Air-gapped systems.
d.Serverless architecture.

Serverless architecture.

Serverless computing allows developers to build and run applications without considering se...

What is the primary goal of software-defined networking (SDN)?

a. Reduce power consumption.
b. Provide real-time operating capabilities.
c. Ensure high availability.
d. Logical segmentation and management of network resources.

Logical segmentation and management of network resources.

SDN allows dynamic, programmatically created network confi...

What is the primary concern when dealing with IoT (Internet of Things) devices in an enterprise network?

a. Ease of deployment.
b. Patch availability and inability to patch.
c. Cost.
d. Scalability.

Patch availability and inability to patch.

IoT (Internet of Things) devices often have limited or no options for pat...

In the context of a network’s attack surface, what does device placement primarily influence?

a.Responsiveness of microservices.
b.Scalability of the network.
c. Device power consumption.
d.Exposure to potential threats.

Exposure to potential threats.

Proper device placement can minimize exposure to threats by ensuring devices are not ...

A company wants to ensure that if its intrusion detection system (IDS) fails, it does not prevent the flow of traffic. Which mode should they configure it in?

a. Fail-closed.
b. Tap/Monitor.
c. Inline.
d. Fail-open.

Fail-open.

Fail-open ensures that if the IDS fails, it will not stop the flow of traffic.

Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
CompTIA Sec+ SY0-701: Domain 3, Quiz 1
TermDefinition

What is the primary advantage of Infrastructure as Code (IaC)?

a.Ease of deployment and scalability.
b.It reduces the cost of physical infrastructure.
c. It replaces the need for cloud solutions.
d.It provides a real-time operating system.

Ease of deployment and scalability.

IaC (Infrastructure as Code) allows for automated, consistent, and repeatable deployments, making scaling and deploying infrastructure easier.

An organization is looking to reduce its physical infrastructure footprint. Which model should they consider?

a.Centralized network infrastructure.
b.Embedded systems.
c.Air-gapped systems.
d.Serverless architecture.

Serverless architecture.

Serverless computing allows developers to build and run applications without considering servers. It reduces the need for a large physical infrastructure footprint.

What is the primary goal of software-defined networking (SDN)?

a. Reduce power consumption.
b. Provide real-time operating capabilities.
c. Ensure high availability.
d. Logical segmentation and management of network resources.

Logical segmentation and management of network resources.

SDN allows dynamic, programmatically created network configurations, enabling logical segmentation and efficient resource management.

What is the primary concern when dealing with IoT (Internet of Things) devices in an enterprise network?

a. Ease of deployment.
b. Patch availability and inability to patch.
c. Cost.
d. Scalability.

Patch availability and inability to patch.

IoT (Internet of Things) devices often have limited or no options for patching, leading to potential vulnerabilities.

In the context of a network’s attack surface, what does device placement primarily influence?

a.Responsiveness of microservices.
b.Scalability of the network.
c. Device power consumption.
d.Exposure to potential threats.

Exposure to potential threats.

Proper device placement can minimize exposure to threats by ensuring devices are not exposed to public networks unnecessarily.

A company wants to ensure that if its intrusion detection system (IDS) fails, it does not prevent the flow of traffic. Which mode should they configure it in?

a. Fail-closed.
b. Tap/Monitor.
c. Inline.
d. Fail-open.

Fail-open.

Fail-open ensures that if the IDS fails, it will not stop the flow of traffic.

What is the primary purpose of a Web Application Firewall (WAF)?

a. Provide VPN connectivity.
b. Intrusion detection on a network level.
c. Protect web applications by filtering and monitoring HTTP traffic.
d. Monitor and balance traffic loads.

Protect web applications by filtering and monitoring HTTP traffic.

WAFs specifically protect web apps from various attacks by inspecting web traffic.

Which protocol is predominantly used to secure VPN connections by providing encrypted transport mode capabilities?

a.802.1X.
b.EAP.
c.Layer 4.
d. Internet protocol security (IPSec).

Internet protocol security (IPSec).

IPSec can be used to secure Internet Protocol communication by authenticating and encrypting each IP packet.

Which of the following describes a responsibility matrix in cloud security?

a. A definition of organizational roles and responsibilities in cloud environments.
b. A documentation specifying the uptime of cloud services.
c. A network diagram showcasing cloud architecture.
d. A tool used to measure the performance of cloud resources.

A definition of organizational roles and responsibilities in cloud environments.

A responsibility matrix clarifies what the organization and the cloud provider are responsible for regarding security and management.

What security consideration is paramount for air-gapped systems?

a.Cost.
b.Physical isolation.
c.Scalability.
d. Responsiveness.

Physical isolation.

Air-gapped systems are physically isolated from other networks to prevent unauthorized access and data breaches.

Which of the following best describes containerization in security architecture?

a. A method to physically isolate a network.
b. Packaging an application with its dependencies, libraries, and binaries in a single unit.
c. An approach to decentralize network resources.
d. Embedding systems within larger systems for specific functions.

Packaging an application with its dependencies, libraries, and binaries in a single unit.

Containerization ensures that the application will run uniformly across different environments by bundling it with all its requirements.

In terms of enterprise infrastructure security, why is the placement of a jump server crucial?

a.To balance network loads.
b. To encrypt web traffic.
c.To detect intrusions in the network.
d. To manage secure administrative access and act as an intermediary.

To manage secure administrative access and act as an intermediary.

Jump servers provide a controlled means of accessing another network segment, often used for administrative tasks.

Which of the following security zones is most likely to house publicly accessible services like a web server?

a. Demilitarized zone (DMZ).
b. Intrusion detection zone.
c. Restricted zone.
d. Management zone.

Demilitarized zone (DMZ).

DMZ is a perimeter network segment that sits between an internal network and an external network, designed to house publicly accessible services.

Why are Layer 7 firewalls considered more advanced than Layer 4 firewalls?

a. They operate at the hardware level.
b. They inspect the actual content of data packets.
c. They only focus on transport layer security.
d. They are restricted to physical firewall appliances

They inspect the actual content of data packets.

Layer 7 firewalls operate at the application layer, allowing them to inspect, recognize, and act upon actual data payload.

Why is a unified threat management (UTM) system advantageous for a small business?

a.It acts as an intermediary system for administrators.
b. It segments network traffic based on application content.
c. It provides containerization for applications.
d. It combines multiple security features and services in one solution.

It combines multiple security features and services in one solution.

UTMs are all-in-one security solutions combining firewall, anti-virus, and other security technologies, providing cost-effective security for small businesses.