By default, the policy in ___________ Firewall allows all outbound connections and blocks all incoming connections.
1.Windows
2.Linux
3.Mac
4.None of the mentioned
Enabling _____________ degrades performance more than logging only the authorization failures.
1. auditAuthorizationFailure
2. auditAuthorizationSuccess
3.auditAuthorizationlog
4. none of the mentioned
If a .mongorc.js file exists, the mongo shell will evaluate a __________ file before starting.
1. .mongorc.js
2. .mongo.js
3..mongorc.jscript
4.All of the Mentioned
Point out the wrong statement.
1.When granted a role, a user receives all the privileges of that role
2.A role consists of privileges that pair resources with not allowed operations
3.User cannot have several roles in MongoDB
4.None of the mentioned
Point out the wrong statement.
1.MongoDB uses the combination of the database name and the role name to uniquely define a role
2.A role consists of privileges that pair resources with not allowed operations
3.Roles grant users access to MongoDB resources
4.None of the mentioned
The audit file rotates at the same time as the ________ log file.
1. Client
2. Server
3.Application
4.All of the Mentioned
The auditing facility can write audit events to the console, the _________ a JSON file, or a BSON file.
1.oplog
2. syslog
3.evallog
4.None of the mentioned
The ________ setting for mongod and mongos instances limits the network interfaces on which MongoDB programs will listen for incoming connections.
1.bindIpmongo
2.bind
3.bindIp
4.revokeip
To view the contents of the file, pass the file to the MongoDB utility _____
1.bsonlog
2.bsonout
3. bsondump
4.SelectIndexes
Use the ______ option to enable auditing and specify where to output the audit events.
1.–auditLocation
2.–auditOutput
3.–auditDestination
4.None of the mentioned
Administrators can implement collection-level access control through user-defined _____
1.roles
2. replica sets
3.shards
4.None of the mentioned
Command listIndexes.ok returning value 1 indicates ______
1.failure
2.success
3.abnormal exit
4.None of the mentioned
Config servers listen for connections on port _____
1. 27011
2.27019
3.27107
4.None of the mentioned
Config servers, host the _______ database that stores metadata for sharded clusters.
1. head
2.master
3.config
4. none of the mentioned
Data of <database>.system.indexes can be accessed using _____
1.listallIndexes
2.listIndexes
3.ViewIndexes
4. SelectIndexes
Every MongoDB mongod and mongos instance (or mongod.exe or mongos.exe on Windows) must have an associated ______
1.service replica
2. service sets
3.service principal
4.service principle
MongoDB employs _________ to govern access to a MongoDB system.
1.RBAS
2. RBAC
3.RBCC
4.None of the mentioned
MongoDB Enterprise supports proxy authentication through _____
1.SCRAM-SHA-1
2.LDAP
3.MONGODB-CR
4.None of the mentioned
MongoDB stores user credentials in the protected admin.system._____
1.user
2.capped
3.cappeduser
4.users
MongoDB supports _________ certificate authentication for use with a secure TLS/SSL connection.
1.x.590
2.x.509
3. x.950
4.All of the Mentioned
MongoDB users who use VPNs use ________ rather than IPSEC VPNs for performance issues.
1. TTS
2. SSL
3.LTS
4.None of the mentioned
MongoDB __________ supports authentication using a Kerberos service.
1.Standard
2.Express
3.Enterprise
4. none of the mentioned
On Linux systems, the ________ interface provides access to the underlying netfilter firewall.
1. ssip
2. iptables
3.dns
4.All of the Mentioned
On Windows systems _________ command line interface provides access to the underlying Windows Firewall.
1.netsh
2. netstat
3.netln
4.SelectIndexes
On _________ mongo.exe reads the .mongorc.js file from %HOME%.mongorc.js.
1.Windows
2.Linux
3. Mac
4.Solaris
Point out the correct statement.
1.MongoDB provides built-in roles, each with a dedicated purpose for a common use case
2.MongoDB does not enable authorization by default
3.Administrators also can create new roles and privileges to cater to operational needs
4. All of the mentioned
Point out the correct statement.
1. A rule consists of actions and the resources upon which the actions are permissible
2.Document-level access control allows developers to grant users privileges that are scoped to specific record
3.Each privilege action in a role can be scoped to a different record
4.None of the mentioned
Point out the correct statement.
1.The status interface is write-only by default
2.Default port for the status page is 28117
3.Authentication does not control or affect access to this interface
4.None of the mentioned
Point out the correct statement.
1.The mongostat diagnostic tool, when running with the –mode need to be able to reach all components of a cluster
2.All shards in a cluster need to be able to communicate with all other shards to facilitate chunk and balancing operations
3.Authorization does not control or affect access to this interface
4.None of the mentioned
Point out the correct statement.
1.When a process writes to a resource, it takes an exclusive write lock to prevent other processes from writing to or reading from that resource
2.As clients insert new documents into the capped collection, the tailable cursor continues to retrieve documents
3.Write concern allows your application to detect insertion errors or unavailable mongod instances
4. All of the mentioned
Point out the wrong statement.
1.Authorization determines the verified user’s access to resources and operations
2. MongoDB does not support authentication mechanisms
3. To authenticate a client in MongoDB, you must add a corresponding user to MongoDB
4. none of the mentioned
Point out the wrong statement.
1.Changing the port does not meaningfully reduce risk or limit exposure
2.You can use the mongod –bind_ip and mongos –bind_ip option on the command line at run time to limit the network accessibility of a MongoDB program
3. The net.http.RESTInterfaceEnabled configuration makes the http status interface, which is read-only by default, fully interactive
4. none of the mentioned
Point out the wrong statement.
1.REST does provide administrative access, and its accessibility represents a vulnerability in a secure environment
2.REST API does provide any support for insert, update, or remove operations
3.The net.http.RESTInterfaceEnabled configuration makes the http status interface, which is read-only by default, fully interactive
4. none of the mentioned
The enabled setting for mongod and mongos instances disables the ______ status page.
1.home
2.primary
3.secondary
4.None of the mentioned
The HTTP interface is always available on the port numbered _________ greater than the primary mongod port.
1.1000
2.2000
3. 3000
4.None of the mentioned
The mongo program can evaluate JavaScript expressions using the command line ________ option.
1.–opt
2.–js
3.–eval
4.none of the mentioned
The net.http.RESTInterfaceEnabled setting for mongod enables a fully interactive administrative __________ interface, which is disabled by default.
1.Restful
2.Rest
3.WebService
4.All of the Mentioned
The _______ API to MongoDB provides additional information and write access on top of the HTTP status interface.
1. Web
2.REST
3.RestFul
4. All of the mentioned
The ________ setting for mongod and mongos instances changes the main port on which the mongod or mongos instance listens for connections.
1.portp
2. port
3.portIP
4.None of the mentioned
The _________ message limit can result in the truncation of the audit messages.
1. oplog
2.syslog
3.evallog
4.None of the mentioned
The _____________ option accepts either full path name or relative path name.
1.–auditPathLog
2. –logPath
3.–auditPath
4. none of the mentioned
User can grant any role in the database to any user from any database in the system through _________ action.
1.grantRole
2.viewRole
3.killCursors
4.unlock
User can remove any role from any user from any database in the system through _____
1.grantRole
2. viewRole
3.killCursors
4.revokeRole
Which of the following allows the user to view the information of any user in the given database?
1.createUser
2. viewUser
3. killCursors
4.All of the Mentioned
Which of the following flushes user information from in-memory cache?
1.grantCache
2. invalidateUserCache
3.validateUserCache
4.none of the mentioned
You must have the _______ action on a database to create a new user on that database.
1.createUser
2.createSuperUser
3.createSuUser
4.All of the Mentioned
You must have the __________ action on a role’s database to grant the role to another user.
1. grantRole
2.grantRoleAdm
3. grantRolePrivilege
4.None of the mentioned
____ deletes from a shard the orphaned documents whose shard key values fall into a single continuous range.
1. listallshards
2.cleanup
3.cleanupOrphaned
4. SelectIndexes
____ terminates an operation as specified by the operation ID.
1.db.killOp()
2. db.kill()
3.db.remove()
4.None of the mentioned
_____ contains the local ip address and the port number of the running instance.
1.ts
2. local
3.remote
4.users
_____ instances provide query routing for sharded clusters.
1.mongod
2.mongos
3.netstats
4.SelectIndexes
_____ is a challenge-response mechanism that authenticates users through passwords.
1.SCRAM-SHA-1
2.LDAP
3.MONGODB-CR
4. none of the mentioned
______ consists of a specified resource and the actions permitted on the resource.
1.privilege
2. action
3. command
4.right
______ displays the cached query plans for the specified query shape.
1. CacheListPlans
2.displayCacheListPlans
3. planCacheListPlans
4. none of the mentioned
______ provides all the privileges of the read role.
1.delete
2.update
3.readWrite
4.None of the mentioned