Security+ Chapter 4 Review Questions

Which of these is NOT a state of data that DLP examines? a. data in-use b. data in-process c. data in-transit d. data at-rest

data in-process Data that DLP examines: data in-use data in-transit data at-rest

A lock that extends a solid metal bar into the door frame for extra security is the ______________________ a. triple bar lock b. deadman's lock c. full bar lock d. deadbolt lock

deadbolt lock

A ____ addresses a specific customer situation and often may not be distributed outside that customers organization. a. rollup b. service pack c. patch d. hotfix

hotfix

What type of controls are the processes for developing and ensuring that policies and procedures are carried out? a. technical controls b. active controls c. administrative controls d. policy controls

Administrative controls

Which of the following is not designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow? a. barricade b. fencing c. roller barrier d. type V controls

barricade

A___________ can be used to secure a mobile device. a. mobile connector b. cable lock c. mobile chain d. security tab

cable lock

How does heuristic detection detect a Virus? a. A virtualized environment is created and the code is executed in it. b. A string of bytes from the virus is compared against the suspected file. c. The bytes of a virus are placed in different "piles" and then used to create a profile. d. The virus signature file is placed in a suspended chamber before streaming to the CPU.

A virtualized environment is created and the code is executed in it

Which is the first step in securing an operating system? a. Develop the security policy. b. Implement patch management. c. Configure operating system security and settings. d. Perform host software baselining

Develop the security policy

______ allows for a single configuration to be set and then deployed to many or all users. a. Active Directory b. Group Policy c. Snap-In Replication (SIR) d. Command Configuration

Group policy

Which statement about data loss prevention (DLP) is NOT true? a. It can only protect data while it is on the user's personal computer. b. It can scan data on a DVD. c. It can read inside compressed files. d. A policy violation can generate a report or block the data.

It can only protect data while it is on the users personal computer

Which statement about mantrap is true? a. It is illegal in the U.S. b. It monitors and controls two interlocking doors to a room. c. It is a special keyed lock. d. It requires the use of a cipher lock.

It monitors and controls two interlocking doors to a room

Which of the following is NOT a Microsoft Windows setting that can be configured through a security template? a. Account Policies b. User Rights c. Keyboard Mapping d. System Services

Keyboard Mapping

Which of the following is NOT an advantage to an automated patch update service? a. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs. b. Downloading patches from a local server instead of using the vendor's online update service can save bandwidth and time because each computer does not have to connect to an external server. c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service. d. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available.

Users can disable or circumvent updates just as they can if their computer is configured to use the vendors online update service!

Which of these is a list of approved email senders? a. blacklist b. whitelist c. greylist d. greenlist

Whitelist

the residential lock most often used for keeping out intruders is the _________________________ a. encrypted key lock b. privacy lock c. passage lock d. keyed entry lock

keyed entry lock

Which of the following is NOT a motion detection method? a. radio frequency b. moisture c. magnetism d. infrared

moisture Motion Detection Method: radio frequency magnetism infrared

A typical configuration baseline would include each of the following except a. changing any default settings that are insecure b. eliminating any unnecessary software c. enabling operating system security features d. performing a security risk assessment

performing a security risk assessment

Which of the following is NOT a characteristic of an alarmed carrier PDS? a. periodic visual inspections b. continuous monitoring c. carrier can be hidden below a floor d. eliminates the need to seal connections

periodic visual inspections

Which of the following is NOT an activity phase control? a. compensating control b.detective control c. resource control d. deterrent control

resource Control Activity Phase Control: compensating control detective control deterrent control

Which of the following cannot be used along with fencing as a security perimeter? a. vapor barrier b. rotating spikes c. roller barrier d. anticlimb paint

vapor barrier