A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

Correct Answer:

Explanation
1/1/2017 3:30:00 7813a82384cbaeb45bd12943a9234df3

Comment: *

Name: *

Email: *

Verification: *

A systems administrator is installing and configuring an application service that requires access to read and write to log and configuration files on a local hard disk partition reduce the attack surface added by the service and account? (Select TWO).

• A.Use a unique managed service account
• B.Add the account to the local administrators group
• C.Enable and review account audit logs.
• D.Utilize a generic password for authenticating
• E.Use a guest account placed in a non-privileged users group.
• F.Enforce least possible privileges for the account

Comment: *

Name: *

Email: *

Verification: *

Which of the following will ensure the integrity of a file is preserved during the process of forensic acquisition?

• A.Use solid state drives to remain reliable and consistent.
• B.Copy and paste the contents of the acquisition to a secure USB drive.
• C.Encrypt the files to an archive to prevent accidental clickers.
• D.Compute the hashes for all files and recompute on the destination end.

Comment: *

Name: *

Email: *

Verification: *

A security administrator is given the security and availability profiles for servers that are being deployed.
Match each RAID type with the correct configuration and MINIMUM number of drives.
Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:
All drive definitions can be dragged as many times as necessary
Not all placeholders may be filled in the RAID configuration boxes
If parity is required, please select the appropriate number of parity checkboxes Server profiles may be dragged only once If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Correct Answer:

RAID-0 is known as striping. It is not a fault tolerant solution but does improve disk performance for read/write operations. Striping requires a minimum of two disks and does not use parity.
RAID-0 can be used where performance is required over fault tolerance, such as a media streaming server.
RAID-1 is known as mirroring because the same data is written to two disks so that the two disks have identical data. This is a fault tolerant solution that halves the storage space. A minimum of two disks are used in mirroring and does not use parity. RAID-1 can be used where fault tolerance is required over performance, such as on an authentication server. RAID-5 is a fault tolerant solution that uses parity and striping. A minimum of three disks are required for RAID-5 with one disk's worth of space being used for parity information. However, the parity information is distributed across all the disks. RAID-5 can recover from a sing disk failure.
RAID-6 is a fault tolerant solution that uses dual parity and striping. A minimum of four disks are required for RAID-6. Dual parity allows RAID-6 to recover from the simultaneous failure of up to two disks. Critical data should be stored on a RAID-6 system.
http://www.adaptec.com/en-us/solutions/raid_levels.html

Comment: *

Name: *

Email: *

Verification: *

An organization wants to utilize a common, Internet-based third-party provider for authorization and authentication. The provider uses a technology based on OAuth 2.0 to provide required services. To which of the following technologies is the provider referring?

• A.Open ID Connect
• B.LDAP
• C.SAML
• D.XACML

Comment: *

Name: *

Email: *

Verification: *