Chapter 14
(14.11.5) Which of the following are common symptoms of a compromised mobile device? (Select two.)
-Connectivity issues -Increased data usage
(14.4.11) Which of the following processes is used to prove a user's identity?
Authentication
!!!**** (14.10.7) What is issued to a website in order for it to be validated as a trusted website?
Certificate authority
(14.10.7) While browsing the internet, you notice that your browser performance is continually slowing down. Which of the following would MOST likely increase the overall performance of your web browser?
Clear the data cache.
(14.6.5) Which hard drive destruction method uses a strong magnetic pulse to destroy data?
Degaussing
(14.6.5) Which of the following should you perform when disposing of a computer?
High-level format of the hard drive.
(14.6.5) Which formatting method leaves data on a drive in a state that can be recovered using special software?
High-level formatting
(14.1.5) You are working at the local hospital in the IT department. You have just received a promotion to junior network technician. Part of your new role involves troubleshooting network communication issues. Which of the following user groups should your account be added to?
Network Configuration Operator
(14.4.11) Which of the following authentication combinations is an example of multi-factor authentication?
PIN and authentication app
(14.10.7) While browsing the internet, you are constantly being bombarded by small advertisements with links attached to the web page. Which of the following can you use to prevent these advertisements from appearing?
Pop-up blocker
(14.4.11) Which of the following BEST describes authorization?
The resources that a user can access.
(14.1.5) Which database encryption method can you use to encrypt data at rest?
Transparent data encryption
!!!**** (14.11.5) Your company is creating a financial application that you want to first test on mobile devices. Several customers have asked to be part of the beta testing process. What do the employees need to do on their mobile devices in order to be able to participate in the beta test?
Turn on Developer Mode.
(14.5.7) Which of the following attacks exploits a vulnerability in software that has not been discovered by the developer?
Zero-day attack
(14.1.5) Which of the following are examples of a strong password? (Select two.)
-I love the Linux P3ngu!n Tux -il0ve2EatIceCr3am!
(14.5.7) Which of the following are risks of implementing a BYOD policy? (Select three.)
-Number of different devices -Improper disposal -Data leakage
**** (14.11.5) Which type of file is commonly used by trusted websites to create installation software for mobile devices?
APK file
(14.4.11) Which of the following does Windows use to manage and enforce what a user is authorized to access?
Access control list
(14.4.11) Which of the following is an example of a soft token?
Authentication app
(14.1.5) Which Windows feature can you use to encrypt a hard drive volume?
BitLocker
(14.10.7) You have just created an account for your web browser, and you want to be able to access the bookmarks you create on your home laptop with the same web browser on your company workstation. Which of the following can you use to make these bookmarks accessible on both computers?
Browser synchronization
(14.6.5) Which of the following would be a reason to outsource hard drive destruction?
Cost of special equipment
**** (14.10.7) You want to set up a service on your company network that can be configured with a list of valid websites. The service should give employees a certificate warning if they try to visit a version of an untrusted site. Which of the following services is designed to provide this functionality?
DNS server
(14.6.5) Which of the following hard drive destruction methods only works with mechanical hard drives?
Drilling
**** (14.4.11) Which of the following statements is true regarding hard tokens?
Hard tokens provide a higher level of security.
(14.6.5) Which of the following hard drive destruction methods runs the risk of releasing toxic by-products?
Incineration
(14.3.4) You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: -All pieces of equipment have cable locks installed. -Server racks are locked and have alarms. -The WAP for the guest Wi-Fi is located on the receptionist's desk. -Biometric locks are installed on high security rooms. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Install the WAP on the ceiling or inside of a special locked box.
(14.3.4) Which of the following can be paired with a motion sensor to improve security?
Lights
(14.6.5) Which formatting method is done by the manufacturer to write new sectors and tracks to a hard drive?
Low-level formatting
(14.6.5) Which of the following must be included in a hard drive's Certificate of Destruction?
Method of destruction
(14.3.4) You have been hired to evaluate your client's building security. In your walkthrough, you notice the following: -A high fence is installed around the property. -Visitors are able to enter the building and are checked in by a receptionist. -Security cameras are installed on all buildings. -Server racks are locked and have alarms. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Place a security guard at the entrance gate with an access list to control who comes on the property.
!!!**** (14.1.5) A technician assists Joe, an employee in the sales department who needs access to the client database, by granting him Administrator privileges. Later, Joe discovers that he has access to the salaries in the payroll database. Which of the following security practices was violated?
Principle of least privilege
While browsing the internet, you want to make sure that the browser you are using does not store your search history, cookies, or password information. Which of the following can you enable to prevent this from happening?
Private Browsing Mode
(14.1.5) You are assisting the security administrator and discover that a user was logged in to their workstation after hours. After further investigation, you discover that the user's account was compromised, and someone used the account to steal sensitive data. Which of the following could have BEST prevented this from happening?
Restrict the user's login times to work hours only.
(14.10.7) Which of the following is a risk associated with using a web browser password manager?
Signing in with the browser password gives a hacker control over all passwords stored on the browser.
**** (14.4.11) Which authentication category does a username and password fall under?
Something you know
(14.10.7) You have logged into your banking website using a password, but now the website indicates that it sent you an email with a confirmation code that you need to retrieve and enter before you can continue to access the website. Which of the following security measures is being used?
Two-factor authentication
(14.5.7) What do you call a system that has no anti-malware or firewall installed?
Unprotected
(14.3.4) You have five salespeople who work out of your office and who frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection method to address your concerns?
Use cable locks to chain the laptops to the desks.
!!!**** (14.11.5) Which of the following are the FIRST settings you should check if you suspect that a malware attack has impacted your internet connection? (Select two.)
-Proxy settings -DNS settings
(14.4.11) Your company has recently implemented a BYOD policy. To protect the network, users must install an app on their devices that allows the security administrator to enforce the security policies. Which of the following is this an example of?
Mobile device management
(14.11.5) An employee calls to complain that their browser keeps opening up to a strange search engine page, and a toolbar has been added to their browser. Which of the following malware issues are MOST likely causing the problem?
Software issues
**** (14.11.5) Which of the following are likely symptoms of a malware infection? (Select two.)
-Renamed system files. -Changed file permissions.
(14.6.5) What should be created when you destroy a hard drive?
Certificate of Destruction
(14.3.4) You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to a locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area so that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select two.)
-Disable the network jacks in the reception area. -Train the receptionist to keep their iPad in a locked drawer when not in use.
(14.11.5) While browsing the internet, a pop-up browser window comes up, warning you that your system is infected with a virus. You are directed to click a link to remove the virus. Which of the following are the BEST next actions to take? (Select two.)
-Run a full system scan using the anti-malware software installed on your system. -Update the virus definitions for your locally installed anti-malware software.
(14.3.4) A public library has purchased new laptop computers to replace their older desktop computers and is concerned that they are vulnerable to theft. Which of the following laptop features should they use to physically secure the new laptops?
Cable locks
!!!**** (14.6.5) Which of the following identifies who had possession of a hard drive and for how long before it was actually destroyed?
Chain of Custody
(14.11.5) You are an IT technician for your company. Vivian, an employee, has been receiving error messages, indicating that some of her Windows system files are corrupt or missing. To fix this issue, you ran the Windows System File Checker tool (SFC.exe). Shortly after the files were repaired, Vivian called again because she is still having the same issue. You now suspect that a corruption or a renaming of the system files is being caused by malware. Which of the following is the FIRST step you should take to remove any malware on the system?
Disconnect Vivian's computer from the network.
(14.11.5) You have just visited a website on your mobile device when your web browser locks up, and you receive a warning that your device has a virus. You are given a phone number to call to remove the virus. Which of the following describes the type of malware symptom that you are MOST likely experiencing?
False security warning
(14.1.5) You are establishing a new security policy for user authentication and want to implement multi-factor authentication. Which of the following would BEST accomplish this?
Fingerprint and one-time code text message
(14.1.5) During an airline flight, a laptop user makes last-minute changes to a presentation that contains sensitive company information. Which of the following would make it difficult for other passengers to view this information on the laptop display?
Privacy filter
(14.5.7) A malicious person calls an employee from a cell phone. She tells the employee that she is the vice president over the accounting department in the employee's company. She relates that she has forgotten her password and demands that the employee give her his password so that she can access the reports she needs for an upcoming presentation. She threatens to fire the employee if he does not comply. Which of the following BEST describes the type of attack that just occurred?
Vishing
**** (14.1.5) One of the Windows workstations you manage has three user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Which of the following would MOST likely increase this system's security? (Select two.)
-Set a screen saver password. -Disable Autorun on the system.
(14.3.4) While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following security measures would you MOST likely implement to keep this from happening in the future?
Access control vestibule
(14.5.7) Which type of DoS attack exhausts the target's resources by overloading a specific program or service?
Application layer
(14.10.7) Which of the following password manager features converts a password into a jumbled string of symbols and letters before storing it in the account?
Hashing
(14.10.7) Which of the following is an issue with using an adblocker extension on your web browser?
It can cause certain sites and browsers to no longer work on specific web pages.
(14.3.4) Which of the following should be installed inside the entrance to the building to prevent weapons or unauthorized equipment being brought into the building?
Magnetometer
(14.5.7) Which of the following should you implement to monitor and manage the risks of a BYOD policy?
Mobile device management
(14.4.11) You have been hired to assess a client's security. During your testing, you discover that users have access to other departments' files. Which of the following should you recommend that the company implement?
Principle of least privilege
(14.5.7) You have been hired to investigate a recent cybersecurity attack. You have discovered that the attacker was able to send commands to the server using the login fields and steal user credentials from the database. Which of the following attacks was your client MOST likely the victim of?
SQL injection
!!!**** (14.4.11) You are working as a junior network technician at the local hospital. The security administrator has just finished rolling out a new security policy that requires users to log in to workstations using a fingerprint scanner. Which authentication category does this fall under?
Something you are
(14.5.7) At company headquarters, several employees are having issues with their Wi-Fi access suddenly dropping and then reconnecting to the same wireless network. You decide to investigate and determine that someone has set up a rogue access point near company headquarters and is using it to capture sensitive data from the company network. Which type of social engineering attack is being used?
Evil twin
(14.5.7) You have been hired to help assess the security of your client's organization. During your assessment, you have found a rogue wireless access point that is configured to look identical to the legitimate wireless network. Which of the following attacks was MOST likely being carried out?
Evil twin attack
(14.3.4) You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: -A high fence is installed around the property. -Security cameras are installed on all buildings. -The parking lot has light poles installed in all areas. -Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Install bollards.
!!!**** (14.11.5) Which mobile device vulnerability results in a user unlocking all of a mobile device's features and capabilities?
Jailbreaking
(14.5.7) Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through emails or websites that impersonate an online entity that the victim trusts, such as a financial institution or well-known e-commerce site?
Phishing
(14.1.5) One of the Windows workstations you manage has four user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. The fourth account is the Guest user account, which has been enabled to allow management employees convenient workstation access. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Autorun has also been disabled on the system. Which of the following actions is MOST likely to increase this system's security?
Disable the Guest account.
(14.3.4) Which of the following door locks provides authentication to a specific lock over a Bluetooth connection?
Key fob
