A company replaces a number of devices with a mobile appliance, combining several functions. Which of the following descriptions fits this new implementation? (Select TWO).
A. Cloud computing
B. Virtualization
C. All-in-one device
D. Load balancing
E. Single point of failure
Correct Answer: CE
The disadvantages of combining everything into one include a potential single point of failure, and the dependence on the one vendor. The all in-one device represents a single point of failure risk being taken on.
Incorrect Answers:
A: Cloud computing refers to 3 service models defined as Software as a Service, Platform as a Service and Infrastructure as a Service (SaaS, PaaS, and IaaS), and four delivery models (private, public, community, and hybrid). It also offers ways of cost savings to its tenants being hosted by the cloud. It offers the ability to decrease costs, increase efficiency, and make the world a better place.
B: Virtualization is the foundation for cloud computing. You cannot have cloud computing without virtualization. It makes it possible by abstracting the hardware and making it available to the virtual machines. The abstraction is done through the use of a hypervisor, which can be either Type I (bare metal) or Type II (hosted).
D: Load balancing is a way of providing high availability by splitting the workload across multiple computers.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 119, 196-202, 235
Question 372:
The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?
A. Warm site implementation for the datacenter
B. Geographically disparate site redundant datacenter
C. Localized clustering of the datacenter
D. Cold site implementation for the datacenter
Correct Answer: B
Data backups, redundant systems, and disaster recovery plans all support availability. AN in this case a geographically disparate site redundant datacenter represents 100% availability regardless of whether a disaster event occurs.
Incorrect Answers:
A: A warm site provides some of the capabilities of a hot site, but it requires the customer to do more work to become operational. Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations.
C: Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. In this case localized clustering does not guarantee 100 % availability in the event of a disaster occurring.
D: A cold site is a facility that isn't immediately ready to use. The organization using it must bring along its equipment and network. A cold site may provide network capability, but this isn't usually the case; the site provides a place for operations to resume, but it doesn't provide the infrastructure to support those operations.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 414, 444
Question 373:
A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?
A. Authentication
B. Integrity
C. Confidentiality
D. Availability
Correct Answer: D
Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored. In the case of a network, this means processing switches to another network path in the event of a network failure in the primary path. This means availability.
Incorrect Answers:
A: Authentication is used to verify that a person who sent the message is actually who they say they are.
B: Integrity means that data cannot be tampered with or altered without detection.
C: Confidentiality means that data retains its privacy.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 32
Question 374:
A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?
A. High availability
B. Load balancing
C. Backout contingency plan
D. Clustering
Correct Answer: A
High availability (HA) refers to the measures used to keep services and systems operational during an outage. In short, the goal is to provide all services to all users, where they need them and when they need them. With high availability, the
goal is to have key services available 99.999 percent of the time (also known as five nines availability).
Incorrect Answers:
B: Load balancing is one of the ways that high availability can be obtained because it allows you to split the workload across multiple computers
C: Backout contingency plan is a reversion from a change that had negative consequences.
D: Clustering is done whenever you connect multiple computers to work and act together as a single server. It is meant to utilize parallel processing and can also add to redundancy.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 32, 443
Question 375:
Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?
A. Fault tolerance
B. Succession planning
C. Business continuity testing
D. Recovery point objectives
Correct Answer: B
Succession planning outlines those internal to the organization that has the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.
Incorrect Answers:
A: Fault tolerance refers to the ability of a system to sustain operations in the event of a component failure.
C: Business Continuity testing is mainly concerned with the processes, policies, and methods that an organization uses to minimize the impact any type of failure would have and to make sure that the business continues.
D: Recovery point objectives define the point at which the system needs to be restored and usually matches the status quo prior to failure.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 33, 454
Question 376:
Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?
A. Succession planning
B. Disaster recovery
C. Separation of duty
D. Removing single loss expectancy
Correct Answer: A
Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.
Incorrect Answers:
B: Disaster recovery refers to the actions taken after an event resulting in a loss/disaster occurred.
C: Separation of duties are used to reduce the risk of fraud and to prevent other types of losses. It is also designed to prevent accidents from occurring; e.g. someone other than the user responsible for writing code to check and run tests on the code.
D: Single loss expectance refers to asset value times the exposure factor and is used to calculate risk.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 23, 454
Question 377:
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Correct Answer: D
Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.
Incorrect Answers:
A: Business continuity planning is the process of implementing policies, controls, and procedures to counteract the effects of losses, outages, or failures of critical business processes.
B: Continuity of operations refers to risk management best practices rather than developing a new chain of command as a contingency plan.
C: A business impact analysis is more concerned with evaluating the processes in the organization as it bears on business continuity.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 454
Question 378:
Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration?
A. A disk-based image of every computer as they are being replaced.
B. A plan that skips every other replaced computer to limit the area of affected users.
C. An offsite contingency server farm that can act as a warm site should any issues appear.
D. A back-out strategy planned out anticipating any unforeseen problems that may arise.
Correct Answer: D
A backout is a reversion from a change that had negative consequences. It could be, for example, that everything was working fine until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied. Backout plans can include uninstalling service packs, hotfixes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout.
Incorrect Answers:
A: A disk image is usually downloaded and installed when a failure occurs. This is not guaranteeing a zero downtime.
B: A plan that skips every other replaces computer is not 100% zero down time guaranteed because it will impact on the business hours.
C: An offsite contingence server farm will not offer zero downtime.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 443
Question 379:
Which of the following is the MOST specific plan for various problems that can arise within a system?
A. Business Continuity Plan
B. Continuity of Operation Plan
C. Disaster Recovery Plan
D. IT Contingency Plan
Correct Answer: D
An IT contingency plan would focus on the IT aspect in particular to ensure business continuity.
Incorrect Answers:
A: Business continuity planning (BCP) is the process of implementing policies, controls, and procedures to counteract the effects of losses, outages, or failures of critical business processes. BCP is primarily a management tool that ensures that critical business functions can be performed when normal business operations are disrupted.
B: Continuity of operations plan is the effort to ensure the continued performance of critical business functions during a wide range of potential emergencies
C: A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 29, 433-434
Question 380:
Which of the following concepts defines the requirement for data availability?
A. Authentication to RADIUS
B. Non-repudiation of email messages
C. Disaster recovery planning
D. Encryption of email messages
Correct Answer: C
A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.
Incorrect Answers:
A: Authentication issues deals with authorized access to resources.
B: Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the involvement of a third party to verify the validity. This respected third party `vouches' for the individuals in the two-key system.
D: Encryption of email messages is concerned with confidentiality.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 29, 262, 433-434
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.