Security + Test 1 correct answers
Of the following, which can be a security benefit when using virtualization? A. Patching a computer patches all virtual machines running on the computer. B. If one virtual machine is compromised, none of the other virtual machines can be compromised. C. If a virtual machine is compromised, the adverse effects can be compartmentalized. D. Virtual machines cannot be affected by hacking techniques.
If a virtual machine is compromised, the adverse effects can be compartmentalized.
For information security, what is the "I" in CIA? A. Insurrection B. Information C. Indigestion D. Integrity
Integrity
Which of the following is the best file system to use in Windows? A. FAT32 B. FAT C. NTFS D. FAT16
NTFS
Which of the following commands can be used to turn off a service? A. Net stop B. Net start C. Sc config D. # chkconfig <service> off
Net Stop
Which of the following is an inline device that checks all packets? A. Host-based intrusion detection system B. Statistical anomaly C. Network intrusion detection system D. Personal software firewall
Network intrusion detection system
Tom sends out many emails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the emails? A. Authenticity B. Nonrepudiation C. Confidentiality D. Integrity
Nonrepuditaion
Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data? A. DoS B. Session hijacking C. Null session D. Domain name kiting
Session hijacking
What are two ways of discouraging bluesnarfing? A. Configure the device to use a class C private network B. Turn off the device. C. Use infrared. D. Set the device to undiscoverable.
Set the device to undiscoverable
Which of the following should you implement to keep a well-maintained computer? A. Deploy VPN encryption B. Update the BIOS. C. Use a surge protector on the network switch D. Remove the unnecessary firewall.
Update the BIOS
Which of the following can help to secure the BIOS of a computer? A. Use a case lock. B. Use a Windows boot-up password C. Configure a Microsoft Management Console admin password. D. Disable USB ports.
Use a case lock
Which of the following can help to prevent spam? A. Use a spam filter. B. Run a Trojan scan. C. close SMTP port 25 to inbound and outbound traffic D. Consider technologies that discourage spyware.
Use a spam filter
Which of the following ways can help secure a modem? A. Use the callback feature. B. Mount the modem to the floor. C. Use telnet. D. Used strong passwords on the email server
Use the callback feature
Which of the following are examples of virtualization? A. Mainframe and dumb terminal technology B. Microsoft Server 2008 C. VMware D. Microsoft Visio
VMware
What is the best option to use to isolate an operating system? A. Host-based intrusion detection system B. Network-based intrusion detection system C. Antivirus software D. Virtualization software
Virtualization software
Which commands disable a service in the command line? A. net stop B. net start C. net disable D. sc config
sc config
Which of the following ranges comprise the well-known ports category? A. 1024-49,151 B. 0-1023 C. 49,152-65,535 D. 10.0.0.0-10.255.255.255
0-1023
Which of the following port numbers is used by the Character Generator? A. 21 B. 7 C. 19 D. 53
19
What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections? A. 53 B. 80 C. 443 D. 21
80
Timothy complains about a lot of pop-up Windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up Windows? A. Ctrl+Alt+Del B. Alt+F4 C. Ctrl+Shift+Esc D. Windows key
Alt+F4
Which of the following does the "A" in CIA stand for when it comes to IT security? Select the best answer. A. Accountability B. Assessment C. Availability D. Auditing
Availability
Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication? A. Input validation B. Sandbox C. Back door D. Virus
Backdoor
Which of the following methods of malware delivery is used in computer programs to bypass normal authentication? A. Privilege escalation B. Active interception C. Backdoor D. Rootkit
Backdoor
Which of the following is an example of whole disk encryption? A. Windows Vista Ultimate B. AES C. Bluesnarfing D. BitLocker
BitLocker
How can Internet Explorer be centrally managed for several computers? A. In the Advanced tab of the Internet Options dialog box B. By way of a group policy C. By creating an organizational unit D. In the Registry
By way of a group policy
Your boss wants you to make changes to the Internet Explorer programs on 20 computers. To do this quickly, what is the best solution? A. Use a proxy server. B. Create an organizational unit. C. Create a script. D. Create and use a template.
Create and use a template.
Which of the following attacks uses a JavaScript image tag in an email? A. SQL injection B. Cross-site scripting C. Cross-site request forgery D. Directory traversal
Cross-site scripting
James doesn't want people to see where he browsed to on the Internet. What is a good way to clear his Internet browsing history? A. Checkmark the Empty Temporary Internet Files Folder When the Browser Is Closed check box. B. Use cross-site scripting. C. Use the disk defragmenter. D. Clear all cookies in the Advanced Privacy Settings dialog box.
Checkmark the Empty Temporary Internet Files Folder When the Browser Is Closed check box
Which one of the following navigational paths shows the current service pack level to the user? A. Click Start, right-click Network, and select Properties. B. Click Start, right-click Computer, and select Properties. C. Click Start, right-click Computer, and select Manage. D. Click Start, right-click Network, and select Manage.
Click Start, right-click Computer, and select Properties
Which of the following is the greatest risk for removable storage? A. Integrity of data B. Availability of data C. Confidentiality of data D. Accountability of data
Confidentiality of data
Which tab in the Internet Options dialog box of Internet Explorer enables a person to make secure connections through a VPN? A. Advanced tab B. Content tab C. Programs tab D. Connections tab
Connections tab
Which of the following should be done to maintain and harden a hard disk? A. Deploy biometric security to access the server room B. Consider a whole disk encryption. C. Install third-party applications. D. Sanitize the drive.
Consider a whole disk encryption.
Which of the following occurs when an IDS identifies legitimate activity as something malicious? A. False-negative B. False-positive C. Monitoring positive D. Misidentification
False-positive
If a server has inbound Port 21 open, what service is it running? A. File Transfer Protocol B. Simple Mail Transfer Protocol C. Hypertext Transfer Protocol D. Kerberos
File Transfer Protocol
Which type of hacker has no affiliation with an organization yet will hack systems without malicious intent? A. Gray hat B. Blue hat C. White hat D. Black hat
Gray Hat
Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this? A. POP3-110 B. LDAP-389 C. RDP-3389 D. HTTPS-443
HTTPS-443
Of the following, what is the best way to increase the security of Microsoft Outlook? A. Password protect .PST files. B. Update the browser C. Set macro security levels. D. Install the latest service pack on the network router
Password protect .PST files.
Which of the following type of virus can change every time it is executed in an attempt to avoid antivirus detection? A. Macro B. Polymorphic C. Armored D. Boot sector
Polymorphic
What is baselining? A. The act of securing an operating system and updating it B. A group of updates, bug fixes, and security fixes C. The process of measuring changes in networking devices, hardware, and software D. A type of patch management
The process of measuring changes in networking devices, hardware, and software
Which of the following should you include as general browser security practices? A. Use the latest browser. B. Use a Virtual Server C. Train your users. D. Use multiple web browsers.
Train your users
Which of the following is an example of a personal software firewall? A. Proxy server B. ZoneAlarm C. Microsoft ISA server D. Antivirus software
ZoneAlarm
Here are three statements that relate to Chapter 4: Application Security 1. Input validation is a process that ensures the correct usage of data. 2. Alt+F8 is the key combination that closes pop-up windows. 3. ActiveX controls can run on any browser platform. Which of the following choices is the most correct description of the three statements above? a. statement 1 is correct b. statements 1and 2 are correct c. statements 1, 2 and 3 are correct d. statements 2 and 3 are correct
statement 1 is correct
Here are three statements that relate to Chapter 2: Computer Systems Security. 1. Viruses self-replicate, whereas worms do not. 2. Active interception is the act of exploiting a bug or design flaw in software. 3. A RAT is an example of a Trojan horse. Which of the following choices is the most correct description of the three statements above? a. statement 2 is correct b. statements 1,2, and 3 are correct c. statement 3 is correct d. statements 1 and 3 are correct
statement 3 is correct
Here are three statements that relate to Chapter 3: OS Hardening and Virtualization. 1. The systeminfo commands show a list of hot fixes that have been installed to the operating system. 2. The second step in a patch management strategy is testing. 3. The convert command converts an NTFS drive to FAT32. Which of the following choices is the most correct description of the three statements above? a. statements 1 and 3 are correct b. statements 1and 2 are correct c. statements 1, 2 and 3 are correct d. statements 2 and 3 are correct
statements 1and 2 are correct
Here are three statements that relate to Chapter 2: Computer Systems Security. 1. Opening mail relays can decrease the amount of spam that an organization receives on its email server. 2. Back Orifice is an example of a backdoor. 3. By turning on the phishing filter, a person can prevent spyware. Which of the following choices is the most correct description of the three statements above? a. statement 1 is correct b. statements 1and 2 are correct c. statements 1, 2 and 3 are correct d. statements 2 and 3 are correct
statements 2 and 3 are correct