An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?
A.
Spyware
B.
Trojan
C.
Privilege escalation
D.
DoS
Some Q&As from another Study Guide that have the wrong answers in the guide:
Which of the following network protocols transmits a user’s credentials in clear-text? (Select TWO).
A. SSH
B. HTTPS
C. SCP
D. Telnet
E. FTP
F. TFTP
Study Guide Answer: B,E
Correct Answer: D,E
Using HTTPS is the recommended solution to exposing credentials transmitted in Clear-Text. FTP and Telnet transmit all of their data (including authentication data) in clear-text. You might jump at TFTP, which does transmit data in clear-text, but TFTP is a connection-less, unauthenticated protocol (no credentials are transmitted).
Matt, a system administrator, wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?
A. RAID 5 and a storage area network
B. Two striped drives and clustering
C. Two mirrored drives and clustering
D. RAID 0 and load balancing
Study Guide Answer: A
Correct Answer: C
There are two distinct objectives: eliminate a single point of failure in 1) storage and 2) servers (specifically, the SQL server).
RAID 5 creates redundancy for storage; a Storage Area Network (SAN) also pertains to storage (not servers), and is not redundant by its nature – though you can make it redundant using RAID solutions or other forms of storage backup.
Of the options provided, clustering is the only way to eliminate a single point of failure for the server; therefore, B and C are the only possible choices. Striping combines drives with zero redundancy, whereas mirroring provides 100% storage redundancy, so the correct answer is C.
Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime?
A. Implement a sign in/out sheet with on-site security personnel
B. Install a 24/7 closed-circuit camera system
C. Install a separate hardware lock with limited keys
D. Implement a cipher key lock
Study Guide Answer: B
Answer from another source: D
Correct Answer: A
The goal is to track access to the server room, and the restrictions are budget and approval for construction. The restrictions eliminate B automatically. The separate hardware lock will restrict access further, but not track entry – plus employees will be able to duplicate the key, making this the worst possible solution. A cipher key lock is just a knob/locking mechanism with an entry combination (doesn’t actually track entry). There are more sophisticated electronic key card / biometric scanning based lock mechanisms that can transmit usage data to a remote terminal, thus tracking entry into the facility; however, these solutions are expensive, therefore this option is not viable because of the budget restriction.
The only option left is to implement human access control at the entrance to the server room.
The correct answer to the last one would still be B. Jane’s lack of budget completely precludes on-site security personnel. 24/7 coverage would cost $1680.00 in the first week alone if the security person were paid $10/hour. A CCTV could be installed for a fraction of that with almost zero construction and the data can be transmitted via wireless to a nearby DVR. The CCTV would be inside the locked room pointed at the door to prevent it from being “taken out” until after they were already captured on video. She’s not trying to prevent theft, she’s recording who goes in and out. One would assume that only known personnel have a key and any unknown persons entering should have their face recorded to give to the police when appropriate.