DCOM258: Quiz: Application Security (Ch5), IS 323 Final Stone, CC6003 Digital Crime Investigation quiz 6, CC6003 Digital Crime Investigation quiz 4, Digital Crime Investigation quiz 5, CC6003 Digital Crime Investigation quiz 3, DCI Review Questions 2...

Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows?

Alt+F4

Timothy complains about a lot of pop-ups windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows? (Ctrl+Alt+Del, Alt+F4, Windows Key, Ctrl+Shift+Esc)

Alt+F4

Which of the following does the "A" in "CIA" stand for when relating to IT security? (Select the best answer.)

Availability

Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication?

Backdoor

Which of the following methods of malware delivery is used in computer programs to bypass normal authentication?

Backdoor

Which of the following is an example of whole disk encryption?

BitLocker

Which of the following are examples of virtualization? (Select the three best answers.)

-Hyper-v -virtualBox -VMware Workstation

Of the following, what are three ways to increase the security of Microsoft Outlook? (Select the three best answers.)

-Password protect .PST files. -Increase the junk e-mail security level. -Install the latest Office update or service pack.

What are two ways of discouraging bluesnarfing? (Select the two best answers.)

-Select a pairing key that is not easy to guess. -Set the device to undiscoverable.

Which of the following can help to secure the BIOS of a computer? (Select the two best answers.)

-Use a case lock. -Use a BIOS supervisor password.

Which of the following should you implement to keep a well-maintained computer? (Select the three best answers.)

-Use a surge protector. - Update the BIOS and/or UEFI. - Update the firewall.

Which of the following should be done to maintain and harden a hard disk? (Select the two best answers.)

-defragment the drive -Consider a whole disk encryption

Which of the following should you include as general browser security practices? (Select the two best answers.)

-use a proxy server -train your users

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections?

80

Which of the following might include syntax errors in the code and type-checking errors?

Compile-time error

Which of the following is the greatest risk for removable storage?

Confidentiality of data

Which tab in the Internet options dialog box of Internet Explorer enables a person to make secure connections through a VPN? (Programs tab, Content tab, Advanced tab, Connections tab)

Connections tab

Your boss wants you to make changes to 20 computers' Internet Explorer Programs. To do this quickly what is the best solution? (Use a proxy, Create an OU, Create a Script,Create and Use a Template)

Create and Use a Template

Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution?

Create and use a template.

James doesn't want people to see where he browsed to on the Internet. What is a good way to clear his internet browsing history? (Check Empty Temporary Internet Files Folder When Browser is Closed, Use XSS, Use the disk defragmenter, clear all cookies in advanced privacy settings)

Empty Temporary Internet Files Folder When Browser is Closed

Which of the following is NOT a typical symptom of a virus?

Excessive pop-up windows appear.

A system can easily be completely secure.

False

Active interception is the act of exploiting a bug or design flaw in software.

False

ActiveX controls can run on any browser platform.

False

ActiveX controls can run on any browser platform. (T/F)

False

Alt+F8 is the key combination that closes pop-up Windows (T/F)

False

Alt+F8 is the key combination that closes pop-up windows.

False

An example of a Windows firewall is iptables.

False

Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection.

False

Botnets do not affect mobile devices.

False

Microsoft's Disk Defragmenter can be used to revert to a previous restore point.

False

One way of protecting Microsoft Outlook is to use a password for opening or modifying documents.

False

One way of protecting Microsoft Outlook is to use a password for opening or modifying documents. (T/F)

False

Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server.

False

SDLC is an acronym for Security Development Life Cycle.

False

The convert command converts an NTFS drive to FAT32.

False

The net stop command disables services in Windows.

False

To accept fewer cookies, you would add them to the Restricted Sites zone (T/F)

False

To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt.

False

To turn off services, you would access the Programs and Features section of the Control Panel.

False

Viruses self-replicate whereas worms do not.

False

Which of the following occurs when an IDS identifies legitimate activity as something malicious?

False positive

How can Internet Explorer be centrally managed for several computers? (Advanced tab of Internet options dialog box, Group Policy, Creating an Organizational Unit, In the Registry)

Group Policy

Of the following, which can be a security benefit when using virtualization?

If a virtual machine is compromised, the adverse effects can be compartmentalized.

Which of the following would protect against an attacker entering malicious code into a web form? (White box testing, Fuzzing, Black-box testing, Input Validation)

Input Validation

Which of the following is an example of spyware?

Internet Optimizer

Which of the following can run on any platform?

Java applets

Which of the following can run on any platform? ( ActiveX controls, Java applets, Internet Explorer, Sandbox)

Java applets

Which of the following is the best file system to use in Windows?

NTFS

In which of the following Windows locations would you turn off file sharing?

Network and Sharing Center

Which of the following is an inline device that checks all packets?

Network intrusion detection system

Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails?

Nonrepudiation

Which type of virus can change every time it is executed in an attempt to avoid antivirus detection?

Polymorphic

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP Connections (53, 80, 443, 21)

Port 80

Which command lists the hotfixes installed to Windows?

Systeminfo

Which of the following is a phase of the SDLC where a system is checked thoroughly for bugs (Implementation, Deployment, Testing, Maintenance)

Testing

Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs?

Testing

What is baselining?

The process of measuring changes in networking, hardware, and software

A RAT is an example of a Trojan horse.

True

A master computer controls a botnet.

True

A proxy server acts as a go-between for the clients on the network and the Internet.

True

A proxy server acts as a go-between of a client computer's web browser and the web server (T/F)

True

A service pack is a group of updates, bug fixes, updated drivers, and security fixes.

True

Back Orifice is an example of a backdoor.

True

Black-box testing is when the tester has no knowledge of the system (T/F)

True

Black-box testing uses testers with no advanced knowledge of the system.

True

Encryption, authentication, and anti-malware are all ways to protect against malicious threats.

True

Flashing is a term that describes the updating of the BIOS.

True

Full device encryption is one way of protecting a mobile device's data if the device is stolen.

True

Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications.

True

In information security, the three core principles are known as confidentiality, integrity, and availability.

True

In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program.

True

Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats.

True

Input validation is a process that ensures the correct usage of data.

True

Input validation is a process that ensures the correct usage of data. (T/F)

True

Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits.

True

Malware is software designed to infiltrate a computer system without the user's consent.

True

Personal firewalls are applications that protect an individual computer from unwanted Internet traffic

True

RCE is when an attacker takes control of a server from a remote location using shell code.

True

RCE is when an attacker takes control of a server from a remote location using shell code. (T/F)

True

Ransomware holds a user's files for ransom by encrypting them.

True

Social engineering includes viruses, worms, and Trojan horses.

True

Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest.

True

The Network tab in Firefox is used to connect to a proxy server. (T/F)

True

The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions.

True

The second step in a patch management strategy is testing.

True

The systeminfo command displays the version number, build number, and the patch level of the operating system.

True

To make changes to Internet Explorer policies that correspond to an OU, you need a domain controller (T/F)

True

To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller.

True

UAC keeps every user in standard mode instead of in administrator mode by default.

True

Which of the following can help to prevent spam? (Select the two best answers.)

Use a spam filter. Close open mail relays.

Which of the following is NOT a common safeguard for Microsoft Excel?

Using a digital certificate

What is the best option to use to isolate an operating system?

Virtualization software

Which of the following is the best option to use to prevent spyware?

Windows Defender

Which of the following is an example of a personal software firewall?

ZoneAlarm

Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication? (Input Validation, Sandbox, Backdoor, Virus)

back door

Which type of hacker has no affiliation with an organization, yet will hack systems without malicious intent?

grey hat

Which of the following would protect against an attacker entering malicious code into a web form?

input validation

For information security, what is the I in CIA?

integrity

Which command disables a service in the command line?

sc config