C.2.2 CompTIA A+ 220-1102 (Core 2) Domain 2: Security
You are the owner of a small startup company that consists of only five employees. Each employee has their own computer. Due to the type of services your company offers, you don't foresee the employee count increasing much in the next year or two. As a startup company, you want to keep costs low and facilitate easier file sharing and internet, printer, and local network resource access. Which of the following would be the BEST implementation for your business?
A workgroup
What policy allows employees to use their own computers and mobile devices for work purposes?
Bring Your Own Device
You manage a group of 20 Windows workstations that are currently configured as a workgroup. You have been thinking about switching to an Active Directory configuration. Which advantages would you gain by switching to Active Directory? (Select two.)
Centralized authentication, Centralized configuration control
Which of the following can be used to back up a company's certificate database?
Certificate Manager
Which of the following is a firewall type that scans network traffic based on TCP or UDP transmission?
Circuit-layer gateway
Which of the following hard drive destruction methods only works with mechanical hard drives?
Drilling
A user has a file that contains sensitive data. Which of the following security technologies should he or she use to encrypt the single file?
EFS
You are comparing methods for securing your mobile device. Which of the following is the BEST method to secure your device's storage?
Full device encryption
Which formatting method leaves data on a drive in a state that can be recovered using special software?
High-level formatting
Which of the following Bring Your Own Device benefits is a result of users becoming experts in device usage?
Increased productivity
Which of the following door locks provides authentication to a specific lock over a Bluetooth connection?
Key fob
Which of the following should you implement to monitor and manage the risks of a BYOD policy?
Mobile device management
Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or login credentials, through emails or websites that impersonate an online entity that the victim trusts, such as a financial institution or well-known e-commerce site?
Phishing
Which Windows component prompts the user for credentials or permissions to protect against unauthorized activities, such as an unintended software installation?
User Account Control (UAC)
Which of the following is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
Virus
A malicious person calls an employee from a cell phone. She tells the employee that she is the vice president over the accounting department in the employee's company. She relates that she has forgotten her password and demands that the employee give her his password so that she can access the reports she needs for an upcoming presentation. She threatens to fire the employee if he does not comply. Which of the following BEST describes the type of attack that just occurred?
Vishing
Listen to exam instructions A large number of compromised computers are infected with malware that allows an attacker (herder) to control the computers to spread email spam and launch denial-of-service attacks. Which of the following does this security threat describe?
Zombie/botnet
Mobile device applications fall into two categories. Some are reviewed, approved, and signed with a certificate by the app service, while others are not. Which category do apps fall into if they have been reviewed, approved, and signed with a certificate? What category do apps fall into if they have not been reviewed, approved, and signed with a certificate?
trusted, untrusted
Joe, a mobile device user, is allowed to connect his personally owned tablet to a company's network. Which of the following policies defines how company data is protected on Joe's tablet?
BYOD Policy
Your computer has a single NTFS partition that is used for the C: drive with the folders below. C:\Confidential C:\PublicReports In the C:\Confidential folder, you edit the properties for the two files below and assign the Deny Read permission to the Users group. Reports.doc Costs.doc The C:\PublicReports folder allows the Full Control permission for the Users group. There are no other permissions assigned except the default permissions. You then take the following actions. You: Move Reports.doc from C:\Confidential to C:\PublicReports. Copy Costs.doc from C:\Confidential to C:\PublicReports. Which of the following BEST describes the permission the members of the Users group will have for the two files in the C:\PublicReports folder?
Deny Read for Reports.doc and Allow Full Control for Costs.doc.
