ITSP 134 TESTOUT "Security" study questions

Which type of file is commonly used by trusted websites to create installation software for mobile devices? Answer EXE file BAT file APK file SYS file

APK file

While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following security measures would you MOST likely implement to keep this from happening in the future? Answer Lo-jack recovery service Cable locks Access control vestibule Door locks with card readers

Access control vestibule

Which Windows feature can you use to encrypt a hard drive volume? Answer: EFS NTFS BitLocker to Go BitLocker

BitLocker

You have just created an account for your web browser, and you want to be able to access the bookmarks you create on your home laptop with the same web browser on your company workstation. Which of the following can you use to make these bookmarks accessible on both computers? Answer Data cache clearing Pop-up blocker Browser synchronization Private Browsing Mode

Browser synchronization

As part of the response to a security incident on your company network, you have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up to the time of presentation in court. Which document have been asked to draft? Answer Rules of evidence Chain of custody CPS (Certificate Practice Statement) FIPS-140

Chain of custody

Which of the following are likely symptoms of a malware infection? (Select two.) Answer Receipts of phishing emails in your inbox. Changed file permissions. Renamed system files. Cookies placed by a recently visited website. Operating system updates that were installed without your knowledge.

Changed file permissions. Renamed system files.

Which of the following is a firewall type that scans network traffic based on TCP or UDP transmission? Answer Application-level gateway Packet filtering Circuit-layer gateway Access control list

Circuit-layer gateway

You want to set up a service on your company network that can be configured with a list of valid websites. The service should give employees a certificate warning if they try to visit a version of an untrusted site. Which of the following services is designed to provide this functionality? Answer Extensions DHCP server DNS server Hashing

DNS server

Which of the following are the FIRST settings you should check if you suspect that a malware attack has impacted your internet connection? (Select two.) Answer BIOS settings VPN settings DNS settings Internet Connection Sharing settings Proxy settings

DNS settings Proxy settings

Which hard drive destruction method uses a strong magnetic pulse to destroy data? Answer Drilling Incineration Disk shredder Degaussing

Degaussing

Which of the following hard drive destruction methods only works with mechanical hard drives? Answer Incineration Drilling Low-level format Disk shredder

Drilling

Which of the following keeps track of various network devices while ensuring that the software is secure? Answer All-in-one security appliance Endpoint management server Firewall Syslog server

Endpoint management server

You have just visited a website on your mobile device when your web browser locks up, and you receive a warning that your device has a virus. You are given a phone number to call to remove the virus. Which of the following describes the type of malware symptom that you are MOST likely experiencing? Answer Increased data usage Connectivity issue False security warning Spoofed application

False security warning

You are establishing a new security policy for user authentication and want to implement multi-factor authentication. Which of the following would BEST accomplish this? Answer Fingerprint and iris scan Smart card and one-time code text message Fingerprint and one-time code text message Username and password

Fingerprint and one-time code text message

You are trying to connect from outside the company network to a server inside the company network using RDP (Remote Desktop Connection). However, the connection is failing. Which network device does your network administrator MOST likely need to configure to allow this connection? Answer Firewall Access point Switch Hub

Firewall

As a network administrator for your company, you want to set up a network device that manages traffic leaving and entering your network from the outside. Which of the following would BEST meet your requirements? Answer VPN Forward proxy server Content filter Reverse proxy server

Forward proxy server

Two employees are unable to access any websites on the internet, but they can still access servers on the local network, including those residing on other subnets. Other employees are not experiencing the same problem. Which of the following actions would BEST resolve this issue? Answer Identify the proxy server name and port number in Internet Options. Identify the filter settings on the proxy server for specific internet sites. Use ipconfig to confirm that APIPA has not assigned an IP address. Reconfigure the clients to send all traffic directly to the ISP, bypassing the proxy server.

Identify the proxy server name and port number in Internet Options.

A local dentist has contracted with you to implement a network in her new office. Because of security concerns related to patient privacy laws, she has asked that the new network meet the following criteria and be cost effective: No one from the internet should be able to access her internal network. Email messages should be scanned for spam, phishing attacks, and malware before they reach users' workstations. Employees access to non-work-related websites, especially sites that contain inappropriate content, should be blocked. A system should be put in place to detect and prevent external attacks on her network. Which of the following would BEST meet your client's criteria? Answer Implement an intrusion prevention system (IPS). Implement an all-in-one UTM security appliance. Implement a content filter. Implement an email security appliance. Implement a firewall.

Implement an all-in-one UTM security appliance

Which of the following hard drive destruction methods runs the risk of releasing toxic by-products? Answer Drilling Incineration Shredding Degaussing

Incineration

You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: All pieces of equipment have cable locks installed. Server racks are locked and have alarms. The WAP for the guest Wi-Fi is located on the receptionist's desk. Biometric locks are installed on high security rooms. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Answer Install biometric locks on the server racks. Install the WAP on the ceiling or inside of a special locked box. Upgrade the equipment cable locks. Replace the biometric locks with standard locks.

Install the WAP on the ceiling or inside of a special locked box.

Which of the following all-in-one security appliance (UTM) functions detects intrusions and alerts the network but does not block traffic? Answer Anti-spam Intrusion detection VPN Intrusion protection

Intrusion detection

Which of the following door locks provides authentication to a specific lock over a Bluetooth connection? Answer Smart card Standard lock Key fob Biometric

Key fob

Which of the following can be paired with a motion sensor to improve security? Answer Door lock Magnetometer Cable lock Lights

Lights

Which of the following should you perform when disposing of a computer? Answer Lock the hard drive in storage. Low-level format of the hard drive. Document the Chain of Custody. Run the motherboard through a shredder.

Low-level format of the hard drive.

Which formatting method is done by the manufacturer to write new sectors and tracks to a hard drive? Answer Full format Deep format Low-level formatting High-level formatting

Low-level formatting

Which of the following should be installed inside the entrance to the building to prevent weapons or unauthorized equipment being brought into the building? Answer Cable lock Access control vestibule Magnetometer Badge reader

Magnetometer

You are working at the local hospital in the IT department. You have just received a promotion to junior network technician. Part of your new role involves troubleshooting network communication issues. Which of the following user groups should your account be added to? Answer Remote Desktop Users Administrator Network Configuration Operator Cryptographic Operator

Network Configuration Operator

Which of the following authentication combinations is an example of multi-factor authentication? Answer PIN and authentication app Username and password Smart card and one-time code Fingerprint and retinal scan

PIN and authentication app

A technician assists Joe, an employee in the sales department who needs access to the client database, by granting him Administrator privileges. Later, Joe discovers that he has access to the salaries in the payroll database. Which of the following security practices was violated? Answer Entry control roster Multi-factor authentication Strong password policy Principle of least privilege

Principle of least privilege

You are assisting the security administrator and discover that a user was logged in to their workstation after hours. After further investigation, you discover that the user's account was compromised, and someone used the account to steal sensitive data. Which of the following could have BEST prevented this from happening? Answer Implement a password reset policy. Implement a screen saver lock. Require a stronger password. Restrict the user's login times to work hours only.

Restrict the user's login times to work hours only.

Which of the following BEST describes authorization? Answer The policy of allowing employees to use their own devices for work purposes. The resources that a user can access. The process of verifying a user's identity. The process of giving users access to only the resources they need.

The resources that a user can access.

Your company is creating a financial application that you want to first test on mobile devices. Several customers have asked to be part of the beta testing process. What do the employees need to do on their mobile devices in order to be able to participate in the beta test? Answer Turn on Developer Mode. Jailbreak their mobile devices. Enable authentication on their mobile devices. Install and use a password manager.

Turn on Developer Mode.

You have five salespeople who work out of your office and who frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection method to address your concerns? Answer: Encrypt all company data on the hard drives. Implement screen saver passwords. Require strong passwords in the Local Security Policy. Use cable locks to chain the laptops to the desks.

Use cable locks to chain the laptops to the desks.

Which of the following proxy server roles allows users to connect to the internet anonymously with their data encrypted during transmission? Answer Sharing Internet Connections VPN Firewall Caching

VPN

In which of the following situations should you install a firewall? Answer You want to improve internet performance by saving popular websites locally. You want to implement a password system for internet users who access your private website. You want to restrict internet users from accessing private data on your network. You want internet users to see a single IP address when accessing your company network.

You want to restrict internet users from accessing private data on your network.

Which of the following processes is used to prove a user's identity? Answer Authorization Logical security Certificate Manager Authentication

Authentication

While browsing the internet, you are constantly being bombarded by small advertisements with links attached to the web page. Which of the following can you use to prevent these advertisements from appearing? Answer Browser synchronization Pop-up blocker Private Browsing Mode Data cache clearing

Pop-up blocker

A security technician is conducting a forensic analysis. Which of the following actions is MOST likely to destroy critical evidence? Answer Copying the contents of memory to removable media Disconnecting the system from the network Shutting down the system Restricting physical access to the system

Shutting down the system

Which authentication category does a username and password fall under? Answer Something you are Something you have Soft token Something you know

Something you know

You have logged into your banking website using a password, but now the website indicates that it sent you an email with a confirmation code that you need to retrieve and enter before you can continue to access the website. Which of the following security measures is being used? Answer Two-factor authentication Hash code Certificate authority Extensions

Two-factor authentication

Which of the following provides a set of rules that specify which types of network traffic are allowed through a firewall? Answer Packet filtering ACL Application-level gateway Circuit-layer gateway

ACL

Which of the following is an example of a soft token? Answer USB security device Key fob Authentication app Smart card

Authentication app

Which of the following is an important aspect of evidence gathering in response to a security incident? Answer Purge transaction logs. Monitor user access to compromised systems. Back up all log files and audit trails. Restore damaged data from backup media.

Back up all log files and audit trails

Which of the following functions are performed by proxy servers? (Select two.) Answer Cache web pages. Filter unwanted email. Store client files. Block employees from accessing certain websites. Block unwanted packets from entering your private network.

Cache web pages. Block employees from accessing certain websites.

Which of the following proxy server roles stores frequently accesses data so that a user's request never has to leave the network for retrieval? Answer VPN Sharing Internet Connections Firewall Caching

Caching

You are an IT technician for your company. Vivian, an employee, has been receiving error messages, indicating that some of her Windows system files are corrupt or missing. To fix this issue, you ran the Windows System File Checker tool (SFC.exe). Shortly after the files were repaired, Vivian called again because she is still having the same issue. You now suspect that a corruption or a renaming of the system files is being caused by malware. Which of the following is the FIRST step you should take to remove any malware on the system? Answer Back up Vivian's critical files and perform a clean install of Windows. Disable System Restore. Perform a scan using anti-malware software. Disconnect Vivian's computer from the network.

Disconnect Vivian's computer from the network.

For some time now, you have been using an application on your Windows 11 computer at home and while in the office. This application communicates with the internet. Today, your team lead decides to have a special team meeting at a local hotel. During this meeting, you obtain access to the internet using the hotel's network, but when you try to run your application, it cannot communicate with the internet. Which of the following Windows settings is MOST likely causing this behavior? Answer Firewall & security Windows permissions Network & internet Bluetooth & devices

Firewall & security

You want to be able to access your home computer using Remote Desktop while traveling. You enable Remote Desktop, but you find that you cannot access your computer outside of your home network. Which of the following is the BEST solution to your problem? Answer Open the firewall port for the Remote Desktop protocol. Configure a VPN connection to your computer. Move your home computer outside of the firewall. Open the Telnet and SSH ports in your firewall.

Open the firewall port for the Remote Desktop protocol.

Which of the following is a type of firewall? Answer Packet rearranging Packet filtering Encrypting FTP hosting Protocol converting

Packet filtering

During an airline flight, a laptop user makes last-minute changes to a presentation that contains sensitive company information. Which of the following would make it difficult for other passengers to view this information on the laptop display? Answer Smart card Cable lock Mantrap Privacy filter

Privacy filter

While browsing the internet, you want to make sure that the browser you are using does not store your search history, cookies, or password information. Which of the following can you enable to prevent this from happening? Answer Private Browsing Mode Data cache clearing Browser synchronization Pop-up blocker

Private Browsing Mode

An after-school care center allows children to browse the internet. They want to limit the websites that the children can access. Which of the following network hosts would MOST likely provide this service? Answer Proxy server Web server DHCP server Print server

Proxy server

As a network administrator for your company, you want to set up a network device that manages internal traffic between servers and clients. Which of the following would BEST meet your requirements? Answer VPN Content filter Reverse proxy server Forward proxy server

Reverse proxy server

Which of the following is an example of personal, government-issued information? Answer Student records Social security number Credit score Healthcare record

Social security number

You are working as a junior network technician at the local hospital. The security administrator has just finished rolling out a new security policy that requires users to log in to workstations using a fingerprint scanner. Which authentication category does this fall under? Answer Something you know Something you have Soft token Something you are

Something you are

Which database encryption method can you use to encrypt data at rest? Answer Trusted Platform Module Application-level encryption Transparent data encryption Column-level encryption

Transparent data encryption

Which of the following does Windows use to manage and enforce what a user is authorized to access? Answer Certificate Manager Soft token Multi-factor authentication Access control list

Access control list

A public library has purchased new laptop computers to replace their older desktop computers and is concerned that they are vulnerable to theft. Which of the following laptop features should they use to physically secure the new laptops? Answer A multi-factor password policy An external encryption device Biometric authentication Cable locks

Cable locks

A public library has purchased new laptop computers to replace their older desktop computers and is concerned that they are vulnerable to theft. Which of the following laptop features should they use to physically secure the new laptops? Answer: Cable locks A multi-factor password policy Biometric authentication An external encryption device

Cable locks

What is issued to a website in order for it to be validated as a trusted website? Answer DNS Certificate authority Hash code Extension

Certificate authority

What should be created when you destroy a hard drive? Answer Certificate of Destruction Outsourcing Record Chain of Custody Record of Format

Certificate of Destruction

Which of the following identifies who had possession of a hard drive and for how long before it was actually destroyed? Answer Chain of Custody Certificate of Destruction Outsourcing Record Record of Format

Chain of Custody

One of the Windows workstations you manage has four user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. The fourth account is the Guest user account, which has been enabled to allow management employees convenient workstation access. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Autorun has also been disabled on the system. Which of the following actions is MOST likely to increase this system's security? Answer Disable the Guest account. Change your user account to a Limited user. Enable Autorun on the system. Change the two Limited user accounts to Administrative users.

Disable the Guest account.

You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to a locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area so that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select two.) Answer Require users to use screen saver passwords. Disable the network jacks in the reception area. Replace the biometric locks with smart cards. Move the receptionist's desk to the secured area. Train the receptionist to keep their iPad in a locked drawer when not in use.

Disable the network jacks in the reception area. Train the receptionist to keep their iPad in a locked drawer when not in use.

A technician was able to stop a security attack on a user's computer. Which of the following actions should be performed FIRST when conducting the subsequent forensic investigation? Answer Remove the hard drive. Document what is on the screen. Turn off the system. Stop all running processes.

Document what is on the screen.

Which of the following statements is true regarding hard tokens? Answer Hard tokens provide protection even if they are lost or stolen. Hard tokens provide a higher level of security. Hard tokens are inexpensive to implement. Hard tokens are easy to replace if they are lost or stolen.

Hard tokens provide a higher level of security.

Which of the following password manager features converts a password into a jumbled string of symbols and letters before storing it in the account? Answer Cloud access Two-factor authentication Extensions Hashig

Hashing

Which formatting method leaves data on a drive in a state that can be recovered using special software? Answer Deep format High-level formatting Low-level formatting Full format

High-level formatting

Your company has recently implemented a BYOD policy. To protect the network, users must install an app on their devices that allows the security administrator to enforce the security policies. Which of the following is this an example of? Answer Access control list Soft token Certificate Manager Mobile device management

Mobile device management

You have been hired to evaluate your client's building security. In your walkthrough, you notice the following:A high fence is installed around the property.Visitors are able to enter the building and are checked in by a receptionist.Security cameras are installed on all buildings.Server racks are locked and have alarms. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Answer Place a security guard at the entrance gate with an access list to control who comes on the property. Upgrade the security cameras. Install biometric locks on all server racks. Install barbed wire around the top of the fence.

Place a security guard at the entrance gate with an access list to control who comes on the property.

You have been hired to assess a client's security. During your testing, you discover that users have access to other departments' files. Which of the following should you recommend that the company implement? Answer Certificate Manager Mobile device management Principle of least privilege Bring Your Own Device

Principle of least privilege

Which of the following is a risk associated with using a web browser password manager? Answer Passwords stored in the password manager may not work on newer web pages. Web browser password managers cannot store complex passwords. Signing in with the browser password gives a hacker control over all passwords stored on the browser. You are limited to the number of passwords you can store in a web browser password manager.

Signing in with the browser password gives a hacker control over all passwords stored on the browser.

While browsing the internet, a pop-up browser window comes up, warning you that your system is infected with a virus. You are directed to click a link to remove the virus. Which of the following are the BEST next actions to take? (Select two.) Answer Click on the link provided to scan for and remove the virus. Update the virus definitions for your locally installed anti-malware software. Close the pop-up window and ignore the warning. Use an online search engine to learn how to manually remove the virus. Run a full system scan using the anti-malware software installed on your system.

Update the virus definitions for your locally installed anti-malware software. Run a full system scan using the anti-malware software installed on your system.

You want to configure a Windows workstation with your network proxy server's IP address from Control Panel using the Internet Properties window. Click on the tab in the Internet Properties window that you would use to do this.

Connection tab

Which of the following would be a reason to outsource hard drive destruction? Answer Against the law to do it internally Availability of low-level formatting Required COD Cost of special equipment

Cost of special equipment

Match each incident detection method on the left with the appropriate description on the right. (Each method may be selected more than once.) match to the following: Passive Active Proactive 1. An organization looks for existing security flaws in their system. 2. A network intrusion detection system (IDS) detects malicious traffic. 3. A technician performing maintenance on a computer discovers prohibited content. 4. A device or practice helps determine how and why a security incident occurred.

1. proactive ( An organization looks for existing security flaws in their system.) 2. Active (A network intrusion detection system (IDS) detects malicious traffic.) 3. Passive (A technician performing maintenance on a computer discovers prohibited content. A device or practice helps determine how and why a security incident occurred.) 4. Passive (same as above)

Which of the following are common symptoms of a compromised mobile device? (Select two.) Answer Wi-Fi spoofing Connectivity issues Screen flickering Increased data usage An increase in junk email

Connectivity issues Increased data usage

As the principal of a private school, you have discovered that an office assistant has shared a student's home address with an unauthorized individual. Which of the following regulations is your school in violation of? Answer HIPAA FERPA SOX CCPA

FERPA

You have accepted a position working in a local hospital's IT department. Which of the following government regulations would be the most important for the hospital to be in compliance with? Answer PCI DSS GDPR FERPA HIPAA

FERPA

Which of the following must be included in a hard drive's Certificate of Destruction? Answer Name of security administrator Cost of destruction Location of destruction Method of destruction

Method of destruction

You work for a company that offers their services through the internet. It is critical that your website performs well. As a member of the IT technician staff, you receive a call from a fellow employee who informs you that customers are complaining that they can't access your website. After doing a little research, you have determined that you are a victim of a denial-of-service attack. As a first responder, which of the following is the next step you need to perform in response to the security incident? Answer Eradicate the issue. Investigate how the attack occurred. Identify the issue further. Secure the affected system.

Secure the affected system.

One of the Windows workstations you manage has three user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Which of the following would MOST likely increase this system's security? (Select two.) Answer Change the two Limited user accounts to Restricted users. Enable the Guest account. Set a screen saver password. Assign each user a simple password so that they won't be tempted to write it down. Disable Autorun on the system.

Set a screen saver password. Disable Autorun on the system.

An employee calls to complain that their browser keeps opening up to a strange search engine page, and a toolbar has been added to their browser. Which of the following malware issues are MOST likely causing the problem? Answer Internet connectivity issues Software issues Altered file issues Internet setting issues

Software issues

You have five salespeople who work out of your office and who frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection method to address your concerns? Answer Encrypt all company data on the hard drives. Use cable locks to chain the laptops to the desks. Require strong passwords in the Local Security Policy. Implement screen saver passwords.

Use cable locks to chain the laptops to the desks.

While browsing the internet, you notice that your browser performance is continually slowing down. Which of the following would MOST likely increase the overall performance of your web browser? Answer Enable a pop-up blocker. Synchronize your web browser data. Switch to Private Browsing Mode. Clear the data cache.

Clear the data cache.

You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Security cameras are installed on all buildings. The parking lot has light poles installed in all areas. Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Answer Install barbed wire on the fence. Upgrade the light poles to LED lights. Upgrade the security cameras to a better quality option. Install bollards.

Install bollards.

You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Security cameras are installed on all buildings. The parking lot has light poles installed in all areas. Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Answer Upgrade the light poles to LED lights. Install barbed wire on the fence. Install bollards. Upgrade the security cameras to a better quality option.

Install bollards.

You connect your computer to a wireless network available at the local library. You find that you cannot access several websites on the internet. Which of the following is the MOST likely cause of this problem? Answer A firewall is blocking ports 80 and 443. The router has not been configured to perform port forwarding. Port triggering is redirecting traffic to the wrong IP address. A proxy server is filtering access to websites.

A proxy server is filtering access to websites.

Which of the following are examples of a strong password? (Select two.) Answer I love the Linux P3ngu!n Tux il0ve2EatIceCr3am! skippy NewYorkCity Morganstern

I love the Linux P3ngu!n Tux il0ve2EatIceCr3am!

ou would like to control internet access based on user, time of day, and websites visited. Which of the following actions would BEST meet your criteria? Answer Configure each system's Local Security Policy to add access restrictions based on time of day and content. Enable Windows Firewall on each system. Add or remove exceptions to control access based on time of day and content. Install a proxy server. Allow internet access only through the proxy server. Configure internet zones using Internet Options. Configure a packet-filtering firewall. Add rules to allow or deny access based on time of day and content.

Install a proxy server. Allow internet access only through the proxy server.

Which of the following is an issue with using an adblocker extension on your web browser? Answer It can prevent you from synchronizing bookmarks from one computer to the next. It can prevent the web browser from retaining password information. It can cause certain sites and browsers to no longer work on specific web pages. It can be a security risk to your stored password information.

It can cause certain sites and browsers to no longer work on specific web pages.

Which mobile device vulnerability results in a user unlocking all of a mobile device's features and capabilities? Answer Jailbreaking An APK signature Developer Mode Spoofed application

Jailbreaking

A security incident is currently occurring on your company's network. You discover that the attack involves a computer system that is attached to the network. You are unsure what kind of damage is being done to the network systems or data. Which of the following actions should you take FIRST? Answer Document and photograph the entire crime scene, including the current state of the attached computer system. Stop the attack and contain the damage by disconnecting the system from the network. Examine the active computer system to analyze the live network connection, memory contents, and running programs. Determine whether you have the expertise to conduct an investigation or whether you need to call in additional help.

Stop the attack and contain the damage by disconnecting the system from the network.

You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to a locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area so that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select two.) Answer Train the receptionist to keep their iPad in a locked drawer when not in use. Disable the network jacks in the reception area. Replace the biometric locks with smart cards. Move the receptionist's desk to the secured area. Require users to use screen saver passwords.

Train the receptionist to keep their iPad in a locked drawer when not in use. Disable the network jacks in the reception area.