DCOM258: Quiz: Application Security (Ch5), IS 323 Final Stone, CC6003 Digital Crime Investigation quiz 6, CC6003 Digital Crime Investigation quiz 4, Digital Crime Investigation quiz 5, CC6003 Digital Crime Investigation quiz 3, DCI Review Questions 2...
Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows?
Alt+F4
Timothy complains about a lot of pop-ups windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows? (Ctrl+Alt+Del, Alt+F4, Windows Key, Ctrl+Shift+Esc)
Alt+F4
Which of the following does the "A" in "CIA" stand for when relating to IT security? (Select the best answer.)
Availability
Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication?
Backdoor
Which of the following methods of malware delivery is used in computer programs to bypass normal authentication?
Backdoor
Which of the following is an example of whole disk encryption?
BitLocker
Which of the following are examples of virtualization? (Select the three best answers.)
-Hyper-v -virtualBox -VMware Workstation
Of the following, what are three ways to increase the security of Microsoft Outlook? (Select the three best answers.)
-Password protect .PST files. -Increase the junk e-mail security level. -Install the latest Office update or service pack.
What are two ways of discouraging bluesnarfing? (Select the two best answers.)
-Select a pairing key that is not easy to guess. -Set the device to undiscoverable.
Which of the following can help to secure the BIOS of a computer? (Select the two best answers.)
-Use a case lock. -Use a BIOS supervisor password.
Which of the following should you implement to keep a well-maintained computer? (Select the three best answers.)
-Use a surge protector. - Update the BIOS and/or UEFI. - Update the firewall.
Which of the following should be done to maintain and harden a hard disk? (Select the two best answers.)
-defragment the drive -Consider a whole disk encryption
Which of the following should you include as general browser security practices? (Select the two best answers.)
-use a proxy server -train your users
What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections?
80
Which of the following might include syntax errors in the code and type-checking errors?
Compile-time error
Which of the following is the greatest risk for removable storage?
Confidentiality of data
Which tab in the Internet options dialog box of Internet Explorer enables a person to make secure connections through a VPN? (Programs tab, Content tab, Advanced tab, Connections tab)
Connections tab
Your boss wants you to make changes to 20 computers' Internet Explorer Programs. To do this quickly what is the best solution? (Use a proxy, Create an OU, Create a Script,Create and Use a Template)
Create and Use a Template
Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution?
Create and use a template.
James doesn't want people to see where he browsed to on the Internet. What is a good way to clear his internet browsing history? (Check Empty Temporary Internet Files Folder When Browser is Closed, Use XSS, Use the disk defragmenter, clear all cookies in advanced privacy settings)
Empty Temporary Internet Files Folder When Browser is Closed
Which of the following is NOT a typical symptom of a virus?
Excessive pop-up windows appear.
A system can easily be completely secure.
False
Active interception is the act of exploiting a bug or design flaw in software.
False
ActiveX controls can run on any browser platform.
False
ActiveX controls can run on any browser platform. (T/F)
False
Alt+F8 is the key combination that closes pop-up Windows (T/F)
False
Alt+F8 is the key combination that closes pop-up windows.
False
An example of a Windows firewall is iptables.
False
Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection.
False
Botnets do not affect mobile devices.
False
Microsoft's Disk Defragmenter can be used to revert to a previous restore point.
False
One way of protecting Microsoft Outlook is to use a password for opening or modifying documents.
False
One way of protecting Microsoft Outlook is to use a password for opening or modifying documents. (T/F)
False
Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server.
False
SDLC is an acronym for Security Development Life Cycle.
False
The convert command converts an NTFS drive to FAT32.
False
The net stop command disables services in Windows.
False
To accept fewer cookies, you would add them to the Restricted Sites zone (T/F)
False
To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt.
False
To turn off services, you would access the Programs and Features section of the Control Panel.
False
Viruses self-replicate whereas worms do not.
False
Which of the following occurs when an IDS identifies legitimate activity as something malicious?
False positive
How can Internet Explorer be centrally managed for several computers? (Advanced tab of Internet options dialog box, Group Policy, Creating an Organizational Unit, In the Registry)
Group Policy
Of the following, which can be a security benefit when using virtualization?
If a virtual machine is compromised, the adverse effects can be compartmentalized.
Which of the following would protect against an attacker entering malicious code into a web form? (White box testing, Fuzzing, Black-box testing, Input Validation)
Input Validation
Which of the following is an example of spyware?
Internet Optimizer
Which of the following can run on any platform?
Java applets
Which of the following can run on any platform? ( ActiveX controls, Java applets, Internet Explorer, Sandbox)
Java applets
Which of the following is the best file system to use in Windows?
NTFS
In which of the following Windows locations would you turn off file sharing?
Network and Sharing Center
Which of the following is an inline device that checks all packets?
Network intrusion detection system
Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails?
Nonrepudiation
Which type of virus can change every time it is executed in an attempt to avoid antivirus detection?
Polymorphic
What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP Connections (53, 80, 443, 21)
Port 80
Which command lists the hotfixes installed to Windows?
Systeminfo
Which of the following is a phase of the SDLC where a system is checked thoroughly for bugs (Implementation, Deployment, Testing, Maintenance)
Testing
Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs?
Testing
What is baselining?
The process of measuring changes in networking, hardware, and software
A RAT is an example of a Trojan horse.
True
A master computer controls a botnet.
True
A proxy server acts as a go-between for the clients on the network and the Internet.
True
A proxy server acts as a go-between of a client computer's web browser and the web server (T/F)
True
A service pack is a group of updates, bug fixes, updated drivers, and security fixes.
True
Back Orifice is an example of a backdoor.
True
Black-box testing is when the tester has no knowledge of the system (T/F)
True
Black-box testing uses testers with no advanced knowledge of the system.
True
Encryption, authentication, and anti-malware are all ways to protect against malicious threats.
True
Flashing is a term that describes the updating of the BIOS.
True
Full device encryption is one way of protecting a mobile device's data if the device is stolen.
True
Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications.
True
In information security, the three core principles are known as confidentiality, integrity, and availability.
True
In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program.
True
Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats.
True
Input validation is a process that ensures the correct usage of data.
True
Input validation is a process that ensures the correct usage of data. (T/F)
True
Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits.
True
Malware is software designed to infiltrate a computer system without the user's consent.
True
Personal firewalls are applications that protect an individual computer from unwanted Internet traffic
True
RCE is when an attacker takes control of a server from a remote location using shell code.
True
RCE is when an attacker takes control of a server from a remote location using shell code. (T/F)
True
Ransomware holds a user's files for ransom by encrypting them.
True
Social engineering includes viruses, worms, and Trojan horses.
True
Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest.
True
The Network tab in Firefox is used to connect to a proxy server. (T/F)
True
The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions.
True
The second step in a patch management strategy is testing.
True
The systeminfo command displays the version number, build number, and the patch level of the operating system.
True
To make changes to Internet Explorer policies that correspond to an OU, you need a domain controller (T/F)
True
To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller.
True
UAC keeps every user in standard mode instead of in administrator mode by default.
True
Which of the following can help to prevent spam? (Select the two best answers.)
Use a spam filter. Close open mail relays.
Which of the following is NOT a common safeguard for Microsoft Excel?
Using a digital certificate
What is the best option to use to isolate an operating system?
Virtualization software
Which of the following is the best option to use to prevent spyware?
Windows Defender
Which of the following is an example of a personal software firewall?
ZoneAlarm
Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication? (Input Validation, Sandbox, Backdoor, Virus)
back door
Which type of hacker has no affiliation with an organization, yet will hack systems without malicious intent?
grey hat
Which of the following would protect against an attacker entering malicious code into a web form?
input validation
For information security, what is the I in CIA?
integrity
Which command disables a service in the command line?
sc config