CompTIA SK0-005 Practice Test - Questions Answers, Page 46

A security guard is a human element in physical security, making them susceptible to social engineering attacks. Social engineering exploits human behavior, and a guard can be tricked into allowing unauthorized access through persuasion, manipulation, or deception.

Security guard (Answer A): Human elements are the most vulnerable to social engineering techniques like impersonation or manipulation.

Access control vestibule (Option B): This is a physical security barrier, which is harder to exploit through social engineering.

Perimeter fencing (Option C): This is a static physical barrier, not susceptible to social engineering.

Biometric locks (Option D): These rely on biological data and are not susceptible to social engineering in the same way a human would be.

Bollards (Option E): Physical barriers that are not vulnerable to social engineering.

CompTIA Server+

Reference:

This topic relates to SK0-005 Objective 4.4: Implement physical security controls.

Government regulations often dictate the legal requirements for data storage, privacy, and security, which can greatly impact the selection of a cloud provider. Compliance with regulations like GDPR, HIPAA, or other local laws is critical when choosing a cloud provider to avoid legal repercussions.

Government regulations (Answer B): Cloud providers must comply with legal and regulatory requirements, making this a significant factor in provider selection.

Industry standards (Option A): While important, standards can be more flexible and are often not legally binding.

Company policy (Option C): Internal policies are important but usually stem from the need to comply with regulations.

Organizational procedures (Option D): Procedures help guide operations but don't typically dictate the choice of cloud providers.

CompTIA Server+

Reference:

This topic is covered under SK0-005 Objective 1.6: Explain the importance of cloud-based concepts and services.

Leaving a USB drive in a company parking lot is a classic example of social engineering, where the bad actor relies on human curiosity to prompt someone to pick up the USB drive and insert it into their computer, potentially infecting the system with malicious code.

Social engineering (Answer D): The attacker manipulates human behavior (in this case, curiosity) to exploit security weaknesses.

Hacking (Option A): Hacking refers to directly breaching security systems or exploiting software vulnerabilities, not manipulating humans.

Insider threat (Option B): This involves a legitimate insider within the organization carrying out malicious activities, which isn't the case here.

Phishing (Option C): Phishing typically involves emails or messages designed to deceive individuals into providing sensitive information.

CompTIA Server+

Reference:

This topic is covered under SK0-005 Objective 4.2: Explain server security concepts and best practices.

A warm site is a backup location that has partial infrastructure ready to support operations in the event of a failure at the primary site. It is almost ready to take over but requires some configuration or installation of data backups and software before it can become fully operational.

Warm site (Answer C): This site has the necessary equipment but requires some setup, making it a middle ground between cold and hot sites.

Basic technical facilities (Option A): This more accurately describes a cold site.

Faulty air conditioning (Option B): This is irrelevant to the definition of a warm site.

Fully operational (Option D): This describes a hot site, which is continuously ready to provide full services.

CompTIA Server+

Reference:

This topic is related to SK0-005 Objective 4.1: Summarize disaster recovery methods and concepts.

Resource Monitor is a tool that allows administrators to monitor the system's CPU, memory, disk, and network usage in real-time, ensuring that maximum resources are being efficiently utilized.

Resource Monitor (Answer D): This tool provides real-time insights into resource utilization and can help ensure resources are not under- or over-utilized.

Overprovisioning (Option A): Refers to allocating more resources than physically available but doesn't directly monitor resource usage.

Scalability (Option B): Refers to the ability to increase or decrease resources based on demand.

Thin clients (Option C): Refer to lightweight computers that depend on servers for processing power, unrelated to resource utilization monitoring.

CompTIA Server+

Reference:

This topic is related to SK0-005 Objective 2.4: Monitor server performance.

A business impact analysis (BIA) is a document that outlines the potential effects of downtime on business operations. It identifies critical business functions and estimates the impact of disruption on the organization's ability to function.

Business impact analysis (Answer D): This document is specifically designed to assess the consequences of downtime and other disruptions.

Service-level agreement (Option A): Defines the expected level of service between a provider and a client but doesn't directly explain downtime consequences.

Business continuity plan (Option B): Outlines how the business will continue operating during a disruption but doesn't focus solely on the consequences of downtime.

Disaster recovery plan (Option C): Focuses on restoring systems after a disaster but doesn't outline the specific impact of downtime.

CompTIA Server+

Reference:

This topic relates to SK0-005 Objective 4.1: Explain disaster recovery concepts.

When clients on a different VLAN cannot receive DHCP addresses, it's often because there is no DHCP helper address configured on the router or switch. A DHCP relay/helper address forwards DHCP requests from clients on the VLAN to the DHCP server, which may reside on a different network.

Confirming the network has a helper address (Answer C): This should be the first step to ensure that DHCP requests from the VLAN are correctly routed to the DHCP server.

Checking client NIC speed (Option A): While important, incorrect NIC speed wouldn't affect the ability to obtain an IP address from DHCP.

Checking NTP server (Option B): Time synchronization is unrelated to DHCP issues.

Authorizing the DHCP server (Option D): This is essential for DHCP operation, but since this is an existing DHCP cluster, the helper address is more likely the issue.

CompTIA Server+

Reference:

This topic is related to SK0-005 Objective 1.2: Manage server network connections.

The goal is to achieve 2TB total storage, high performance, and support for one drive failure. Using RAID 5 or RAID 10 can provide redundancy while maximizing performance.

1, 2, 4, 5, and 6 (Answer C): This selection includes the highest-capacity and highest-performance drives (600GB and 500GB at high RPM speeds). Using these drives will provide the necessary capacity (500GB + 600GB + 500GB + 600GB + 600GB = 2.8TB) and performance with one drive redundancy (RAID 5 or 10).

Other options (A, B, D): These combinations either lack the necessary capacity or mix slower drives (7,200rpm), reducing overall performance.

CompTIA Server+

Reference:

This topic is covered under SK0-005 Objective 1.5: Explain storage technologies and RAID configurations.

A loop is a programming construct used to repeat a block of code multiple times. In this case, if a function needs to run ten times, a loop (such as a for loop or while loop) would be the appropriate choice.

Loop (Answer A): This allows the function to be executed repeatedly without writing redundant code.

Variable (Option B): A variable is used to store data, but it doesn't handle repetition.

Comparator (Option C): Comparators are used to compare values, not for repeating code.

Conditional (Option D): Conditionals (if, else) are used for decision-making, not repeating actions multiple times.

CompTIA Server+

Reference:

This topic is related to SK0-005 Objective 1.1: Understand basic scripting and automation concepts.