CLF-C01 Exam Sample Questions Answers

Question No 1:

A company is looking for a scalable data warehouse solution. Which of the following AWS solutions would meet the company’s needs?

A. Amazon Simple Storage Service (Amazon S3)
B. Amazon DynamoDB
C. Amazon Kinesis
D. Amazon Redshift

Answer: D

Question No 2:

Which of the following security-related actions are available at no cost?

A. Calling AWS Support
B. Contacting AWS Professional Services to request a workshop
C. Accessing forums, blogs, and whitepapers
D. Attending AWS classes at a local university

Answer: C

Question No 3:

Which of the following is a shared control between the customer and AWS?

A. Providing a key for Amazon S3 client-side encryption
B. Configuration of an Amazon EC2 instance
C. Environmental controls of physical AWS data centers
D. Awareness and training

Answer: D

Question No 4:

What is the AWS customer responsible for according to the AWS shared responsibility model?

A. Physical access controls
B. Data encryption
C. Secure disposal of storage devices
D. Environmental risk management

Answer: B

Question No 5:

Which of the following security-related services does AWS offer? (Select TWO.)

A. Multi-factor authentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection

Answer: C D

Oracle 1z0-1070 Exam Sample Questions Answers

Question No 1:

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?

A. OPPORTUNISTICTLS STARTTLS
B. FORCETLS
C. UPGRADETLS

Answer: B

Question No 2:

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

A. Hire a security consultant to provide direction.
B. Do not back up cither the credit card numbers or then hashes.
C. Back up the hashes of the credit card numbers not the actual credit card numbers.
D. Encrypt backup tapes that are sent off-site.

Answer: A

Question No 3:

A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

A. Libpcap
B. Awinpcap
C. Winprom
D. Winpcap

Answer: D

Question No 4:

When a security analyst prepares for the formal security assessment – what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A. Data items and vulnerability scanning
B. Interviewing employees and network engineers
C. Reviewing the firewalls configuration
D. Source code review

Answer: A

Question No 5:

These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?

A. Black-Hat Hackers A
B. Script Kiddies
C. White-Hat Hackers
D. Gray-Hat Hacker

Answer: C