C.2.2 220-1002 Domain 2: Security
Support secured communications over an untrusted network
A VPN is used primary for what purpose?
Implement directional access points.
A small business named BigBikes, Inc. has hired you to evaluate their wireless network security practices. As you analyze their facility, you note the following: They use an 802.11a wireless network. The wireless network SSID is set to BWLAN. The wireless network is not broadcasting the network SSID. The wireless network uses WPA2 with AES security. Omnidirectional access points are positioned around the periphery of the building. Which of the following would you MOST likely recommend your client do to increase their wireless network security?
Decrease radio power levels. Implement a directional antennae.
A small company hires a technician to review their wireless security. The technician discovers that the wireless signal is available outside of the building. Which of the following could the technician recommend to correct this problem? (Select TWO).
Using Mobile Device Management (MDM).
A technician was tasked with implementing a solution that would allow the IT department to push OS updates to mobile devices in order to keep them updated and secure. Which of the following would provide that capability?
Swipe lock
A user is choosing a method to secure a mobile device. Which of the following types of screen locks is LEAST secure?
You want to restrict internet users from accessing private data on your network.
In which of the following situations should you install a firewall?
Configure the device to remote wipe as soon as it reported lost.
Jose, a medical doctor, has a mobile device that contains sensitive patient information. He is concerned about unauthorized access to the data if the device is lost or stolen. Which of the following is the BEST option to prevent this from happening?
Deny Full Control to D:\Reports\2010reports.doc; Allow Full Control to D:\Sales\2010sales.doc.
The D:\ drive in your computer has been formatted with NTFS. The Rachel user account has been assigned the following permissions: Allow Full Control to the D:\Reports folder. Deny Full Control to the D:\Sales folder. Deny Full Control to the D:\Reports\2010reports.doc file. Allow Full Control to the D:\Sales\2010sales.doc file. Which of the following BEST describes the effective permissions Rachel will have for both files?
C:\Windows
Which file system path is the default location for system files in Windows 10?
An attacker intercepts communications between two network hosts by impersonating each host.
Which of the following describes a man-in-the-middle attack?
Remediation
Which of the following is the process of fixing problems detected by anti-virus software so that the computer is restored to its original state?
Fingerprint scanner
Which of the following security measures is a form of biometrics?
All users on a Windows workstation are limited users except for one user, who is responsible for maintaining the system.
Which of the following security practices are the BEST example of the principle of least privilege?
Locator applications A screen lock Remote wipe
Which of the following will improve the security of sensitive information on your device if it is lost or stolen? (Select THREE.)
Disable the network jacks in the reception area. Train the receptionist to keep her iPad in a locked drawer when not in use.
You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to the locked door in the reception area. She uses an iPad application to log any security events that may occur. She also uses her iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area such that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select TWO).
Disable the switch ports connected to the network jacks in the reception area.
You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a smart card reader. Network jacks are provided in the reception area such that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations would you MOST likely make to this organization to increase their security?
Local Group Policy Editor
You are managing a workstation that is not part of a Windows domain. Users on this computer should not be permitted to download applications from the Windows Store. Which administration tool can you use to enable a policy that turns off the Store application for all users on this computer?
Configure both share and NTFS permissions. Place the files on an NTFS partition.
You have a folder that you would like members of your development team to access. You want to restrict network and local access to only specific users. All other users must not be able to view or modify the files in the folder. Which of the following would be the BEST actions to take next? (Select TWO).
Type 'Admin' for the username and specify the password.
You manage two computers with the following user accounts: Wrk1 has user accounts Mary and Admin. The Mary account does not have a password set; the Admin account does. Wrk2 has user accounts Mary and Julia. The Mary account has a password set; the Julia account does not. You are working from Wrk2 and would like to access a shared folder on Wrk1. Which of the following credentials would BEST allow you to access the shared folder?
Implement a virtual firewall within the hypervisor.
You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?
