A technician has been asked to check on a SAN. Upon arrival, the technician notices the red LED indicator shows a disk has failed. Which of the following should the technician do NEXT, given the disk is hot swappable?
A. Stop sharing the volume
B. Replace the disk
C. Shut down the SAN
D. Stop all connections to the volume
Correct Answer: B
The next thing that the technician should do, given the disk is hot swappable, is to replace the disk. A hot swappable disk is a disk that can be removed and replaced without shutting down the system or affecting its operation. A hot swappable disk is typically used in a storage array that has RAID (Redundant Array of Independent Disks) configuration that provides fault tolerance and redundancy. If a disk fails in a RAID array, it can be replaced by a new disk without interrupting the service or losing any data. The new disk will automatically rebuild itself using the data from the other disks in the array.
Question 172:
Network connectivity to a server was lost when it was pulled from the rack during maintenance. Which of the following should the server administrator use to prevent this situation in the future?
A. Cable management
B. Rail kits
C. A wireless connection
D. A power distribution unit
Correct Answer: A
The server administrator should use cable management to prevent network connectivity loss when pulling a server from the rack during maintenance. Cable management is a practice of organizing and securing the cables that connect various devices and components in a system. Cable management can help improve airflow, reduce clutter, prevent tangling, and avoid accidental disconnection or damage of cables. Cable management can be done using various tools and techniques, such as cable ties, cable trays, cable labels, cable organizers, or cable ducts.
Question 173:
Which of the following access control methodologies can be described BEST as allowing a user the least access based on the jobs the user needs to perform?
A. Scope-based
B. Role-based
C. Location-based
D. Rule-based
Correct Answer: B
The access control methodology that can be described best as allowing a user the least access based on the jobs the user needs to perform is role-based access control (RBAC). RBAC is an access control method that assigns permissions to users based on their roles or functions within an organization. RBAC provides fine-grained and manageable access control by defining what actions each role can perform and what resources each role can access. RBAC follows the principle of least privilege, which means that users are only granted the minimum level of access required to perform their tasks. RBAC can reduce security risks, simplify administration, and enforce compliance policies.
Question 174:
A technician is connecting a server's secondary NIC to a separate network. The technician connects the cable to the switch but then does not see any link lights on the NIC. The technician confirms there is nothing wrong on the network or with the physical connection. Which of the following should the technician perform NEXT?
A. Restart the server
B. Configure the network on the server
C. Enable the port on the server
D. Check the DHCP configuration
Correct Answer: C
The next thing that the technician should perform is to enable the port on the server. A port is a logical endpoint that identifies a specific service or application on a network device. A port can be enabled or disabled depending on whether the service or application is running or not. If a port is disabled on a server, it means that the server cannot send or receive any network traffic on that port, which can prevent communication with other devices or services that use that port. In this case, if port 389 is disabled on the server, it means that the server cannot use LDAP to access or modify directory services over a network. To resolve this issue, the technician should enable port 389 on the server using commands such as netsh or iptables.
Question 175:
Which of the following would MOST likely be part of the user authentication process when implementing SAML across multiple applications?
A. SSO
B. LDAP
C. TACACS
D. MFA
Correct Answer: A
The term that is most likely part of the user authentication process when implementing SAML across multiple applications is SSO. SSO (Single Sign-On) is a way for users to be authenticated for multiple applications and services at once. With SSO, a user signs in at a single login screen and can then use a number of apps without having to enter their credentials again. SSO improves user experience and security by reducing password fatigue and phishing risks. SAML (Security Assertion Markup Language) is a protocol that enables SSO by providing a standardized way to exchange authentication and authorization data between an identity provider (IdP) and a service provider (SP). SAML uses XML-based messages called assertions to communicate user identity and attributes between parties.
Which of the following would be BEST to help protect an organization against social engineering?
A. More complex passwords
B. Recurring training and support
C. Single sign-on
D. An updated code of conduct to enforce social media
Correct Answer: B
The best way to protect an organization against social engineering is to provide recurring training and support. Social engineering is a type of attack that exploits human psychology and behavior to manipulate people into divulging confidential information or performing malicious actions. Social engineering can take various forms, such as phishing emails, phone calls, impersonation, baiting, or quid pro quo. The best defense against social engineering is to educate and empower the employees to recognize and avoid common social engineering techniques and report any suspicious activities or incidents. Recurring training and support can help raise awareness and reinforce best practices among the employees.
Question 177:
A technician needs to deploy an operating system that would optimize server resources. Which of the following server installation methods would BEST meet this requirement?
A. Full
B. Bare metal
C. Core
D. GUI
Correct Answer: C
The server installation method that would optimize server resources is core. Core is a minimal installation option that is available for some operating systems, such as Windows Server and Linux. Core installs only the essential components and features of the operating system, without any graphical user interface (GUI) or other unnecessary services or applications. Core reduces the disk footprint, memory usage, CPU consumption, and attack surface of the server, making it more efficient and secure. Core can be managed remotely using command-line tools, PowerShell, or GUI tools.
A company's IDS has identified outbound traffic from one of the web servers coming over port 389 to an outside address. This server only hosts websites. The company's SOC administrator has asked a technician to harden this server. Which of the following would be the BEST way to complete this request?
A. Disable port 389 on the server
B. Move traffic from port 389 to port 443
C. Move traffic from port 389 to port 637
D. Enable port 389 for web traffic
Correct Answer: A
OS Hardening
Hardening the server should start with hardening the operating system. This involves a series of steps that should result in a server that offers a minimum of attack points to a hacker. Let's look at six steps that can lead to this result.
Disable Unused Services/Close Unneeded Ports
Any services that are not required on the server should be disabled. Only those required for the server to perform its role in the network should be left on. The easiest way to do this is to install a host firewall on the system and adopt a "disable
by default" policy with respect to services by closing the port used for the service. Then manually enable any you need.
Question 179:
A server administrator was asked to build a storage array with the highest possible capacity. Which of the following RAID levels should the administrator choose?
A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 6
Correct Answer: A
The RAID level that provides the highest possible capacity for a storage array is RAID 0. RAID 0 is a type of RAID level that provides performance enhancement by using striping. Striping means dividing data into blocks and distributing them across multiple disks to increase speed and capacity. RAID 0 does not provide any fault tolerance or redundancy, as it does not use any parity or mirroring techniques. RAID 0 uses all of the available disk space for data storage, without losing any space for overhead. Therefore, RAID 0 provides the highest possible capacity for a storage array, but also has the highest risk of data loss.
A technician is unable to access a server's package repository internally or externally. Which of the following are the MOST likely reasons? (Choose two.)
A. The server has an architecture mismatch
B. The system time is not synchronized
C. The technician does not have sufficient privileges
D. The external firewall is blocking access
E. The default gateway is incorrect
F. The local system log file is full
Correct Answer: CD
C. The technician does not have sufficient privileges to access the package repository.
D. The external firewall is blocking access to the package repository.
Therefore, options C and D are the correct answers.
Option A (architecture mismatch) may cause issues with software installation or updates, but it is not related to the server's package repository access. Option B (system time not synchronized) may cause authentication issues but is unlikely
to affect package repository access. Option E (incorrect default gateway) may affect network connectivity, but it is not directly related to package repository access. Option F (local system log file full) may affect logging and monitoring but is
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SK0-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.