218. a. Pressure includes financial and nonfinancial types, and it could be real or perceived. Opportunity includes real or perceived categories in terms of time and place. Rationalization means the illegal actions are consistent with the perpetrator’s personal code of conduct or state of mind.
219. When a system preserves a secure state, during and after a failure is called a:
a. System failure
b. Fail-secure
c. Fail-access
d. System fault
219. b. In fail-secure, the system preserves a secure condition during and after an identified failure. System failure and fault are generic and do not preserve a secure condition like fail-secure. Fail-access is a meaningless term here.
220. Fault-tolerance systems provide which of the following security services?
a. Confidentiality and integrity
b. Integrity and availability
c. Availability and accountability
d. Accountability and confidentiality
220. b. The goal of fault-tolerance systems is to detect and correct a fault and to maintain the availability of a computer system. Fault-tolerance systems play an important role in maintaining high data and system integrity and in ensuring high-availability of systems. Examples include disk mirroring and server mirroring techniques.
221. What do fault-tolerant hardware control devices include?
a. Disk duplexing and mirroring
b. Server consolidation
c. LAN consolidation
d. Disk distribution
221. a. Disk duplexing means that the disk controller is duplicated. When one disk controller fails, the other one is ready to operate. Disk mirroring means the file server contains duplicate disks, and that all information is written to both disks simultaneously. Server consolidation, local-area network (LAN) consolidation, and disk distribution are meaningless to fault tolerance; although, they may have their own uses.
222. Performing automated deployment of patches is difficult for which of the following?
a. Homogeneous computing platforms
b. Legacy systems
c. Standardized desktop systems
d. Similarly configured servers
222. b. Manual patching is useful and necessary for many legacy and specialized systems due to their nature. Automated patching tools allow an administrator to update hundreds or even thousands of systems from a single console. Deployment is fairly simple when there are homogeneous computing platforms, with standardized desktop systems, and similarly configured servers.
223. Regarding media sanitization, degaussing is an acceptable method for which of the following?
a. Disposal
b. Clearing
c. Purging
d. Disinfecting
223. c. Degaussing is demagnetizing magnetic media to remove magnetic memory and to erase the contents of media. Purging is the removal of obsolete data by erasure, by overwriting of storage, or by resetting registers. Thus, degaussing and executing the firmware Secure Purge command (for serial advanced technology attachment (SATA) drives only) are acceptable methods for purging.
The other three choices are incorrect. Disposal is the act of discarding media by giving up control in a manner short of destruction and is not a strong protection. Clearing is the overwriting of classified information such that that the media may be reused. Clearing media would not suffice for purging. Disinfecting is a process of removing malware within a file.
224. Regarding a patch management program, which of the following should be done before performing the patch remediation?
a. Test on a nonproduction system.
b. Check software for proper operation.
c. Conduct a full backup of the system.
d. Consider all implementation differences.
224. c. Before performing the remediation, the system administrator may want to conduct a full backup of the system to be patched. This allows for a timely system restoration to its previous state if the patch has an unintended or unexpected impact on the host. The other three choices are part of the patch remediation testing procedures.
225. Regarding a patch management program, an experienced administrator or security officer should perform which of the following?
a. Test file settings.
b. Test configuration settings.
c. Review patch logs.
d. Conduct exploit tests.
