Core 2: Domain 2: Security
You manage a group of 20 Windows workstations that are currently configured as a workgroup. You have been thinking about switching to an Active Directory configuration. Which advantages would you gain by switching to Active Directory? (Select two.)
- Centralized authentication - Centralized configuration control
Which of the following are examples of social engineering? (Select two.)
- Dumpster diving - Shoulder surfing
Which of the following are the most common means of virus distribution? (Select two.)
- Email - Malicious websites
Which of the following BYOD risks can leave old information, even financial data and credit card details, vulnerable to malicious purposes?
- Improper disposal
You have an executive user who keeps sensitive information about the company on a company-owned mobile device. You want to be prepared to keep company information secure if he loses this device or if it is stolen. Which of the following solutions should you use? (Select two.)
- Mobile device management software that performs remote wipes. - Mobile device management software that performs full device encryption.
Administrative Templates are Registry-based settings that you can configure within a GPO to control a computer system and its overall user experience. Which of the following can you do with an Administrative Template? (Select two.)
- Restrict access to Control Panel features. - Control notifications.
Computer configuration policies (also called machine policies) are enforced for the entire computer and are applied when the computer boots. Which of the following are computer configuration policies? (Select two).
- Software that has been installed on the local system. - Network communication security settings.
You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to a locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area so that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select two.)
- Train the receptionist to keep their iPad in a locked drawer when not in use. - Disable the network jacks in the reception area.
Which of the following are risks of implementing a BYOD policy? (Select three.)
- data leakage - number of different devices - improper disposal
Which of the following are benefits of a BYOD policy? (Select three.)
- work flexibility - increased productivity -lower costs
1. A collection of network resources that share a common directory database. 2. A folder-like container that organizes network resources. 3. Default containers used to organize Active Directory objects that cannot be deleted. 4. A resource within Active Directory. 5. A Windows server that holds a copy of the Active Directory database.
1. Domain 2. Organizational unit (OU) 3. Built-in containers 4. Object 5. Domain Controller
1. Causes the policy to be enforced 2. Does not change the current setting for the policy 3. Prevents the policy from being enforced
1. Enabled 2. Not configured 3. Disabled
While Advanced Encryption Standard (AES) keys can be either 128, 192, or 256 bits in length, AES encrypts everything in one-size data chunks. Which of the following is the size of those AES data chunks?
128
Which of the following is true of a domain controller?
A domain controller is a Windows server that holds a copy of the Active Directory database.
You are the owner of a small startup company that consists of only five employees. Each employee has their own computer. Due to the type of services your company offers, you don't foresee the employee count increasing much in the next year or two. As a startup company, you want to keep costs low and facilitate easier file sharing and internet, printer, and local network resource access. Which of the following would be the BEST implementation for your business?
A workgroup
Which of the following encryption algorithms is considered one of the strongest encryption protocols and is used in more than just wireless networks?
AES
Which of the following does Windows use to manage and enforce what a user is authorized to access?
Access control list
While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following security measures would you MOST likely implement to keep this from happening in the future?
Access control vestibule
What is the name of the service included with the Windows Server operating system that manages a centralized database containing user account and security information?
Active Directory
While browsing the internet, you notice that your browser displays pop-ups containing advertisements that are related to recent keyword searches that you have performed. Which of the following is this an example of?
Adware
Which of the following security practices is the BEST example of the principle of least privilege?
All users on a Windows workstation are Limited users except for one, who is responsible for maintaining the system.
Which of the following is true of an organizational unit (OU)?
An organizational unit is like a folder that subdivides and organizes network resources within a domain.
Which type of DoS attack exhausts the target's resources by overloading a specific program or service?
Application layer
Which of the following processes is used to prove a user's identity?
Authentication
Which of the following is an example of a soft token?
Authentication app
What policy allows employees to use their own computers and mobile devices for work purposes?
Bring Your Own Device
A public library has purchased new laptop computers to replace their older desktop computers and is concerned that they are vulnerable to theft. Which of the following laptop features should they use to physically secure the new laptops?
Cable locks
Which of the following can be used to back up a company's certificate database?
Certificate Manager
What does Active Directory use to locate and name network objects?
DNS
You manage a large number of workstations that belong to a Windows domain. You want to prevent someone from gaining access to login information by trying multiple passwords. Which default GPO contains a policy you can enable to guard all computers in the domain against this security breach?
Default Domain Policy
Which of the following attacks is designed to bombard a target with more data than it can handle?
Denial-of-service
Which type of password cracking attack uses a list of words and phrases to guess the password?
Dictionary attack
What do you call an operating system that no longer receives security patches or updates?
End-of-life
At company headquarters, several employees are having issues with their Wi-Fi access suddenly dropping and then reconnecting to the same wireless network. You decide to investigate and determine that someone has set up a rogue access point near company headquarters and is using it to capture sensitive data from the company network. Which type of social engineering attack is being used?
Evil twin
You have been hired to help assess the security of your client's organization. During your assessment, you have found a rogue wireless access point that is configured to look identical to the legitimate wireless network. Which of the following attacks was MOST likely being carried out?
Evil twin attack
You are trying to connect from outside the company network to a server inside the company network using RDP (Remote Desktop Connection). However, the connection is failing. Which network device does your network administrator MOST likely need to configure to allow this connection?
Firewall
A user has complained about not being able to remove a program that is no longer needed on a computer. The Programs option is not available in Control Panel. You suspect that a policy is enabled that hides this option from the user. But after opening the Local Group Policy Editor, you see that the policy to hide Programs is not configured. You know that other users in this domain can access the Programs option. Where should you look next to determine whether the policy is enabled?
GPOs linked to organizational units that contain this user's object.
Which of the following statements is true regarding hard tokens?
Hard tokens provide a higher level of security.
Which of the following is the best defense against an insider network threat?
Immediately revoke the employee's credentials when they leave.
Which of the following Bring Your Own Device benefits is a result of users becoming experts in device usage?
Increased productivity
There are two main types of firewalls that you should be familiar with. Which of the following describes a feature of a network-based firewall?
Inspects traffic as it flows between networks.
You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Security cameras are installed on all buildings. The parking lot has light poles installed in all areas. Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Install bollards.
You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: All pieces of equipment have cable locks installed. Server racks are locked and have alarms. The WAP for the guest Wi-Fi is located on the receptionist's desk. Biometric locks are installed on high security rooms. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Install the WAP on the ceiling or inside of a special locked box.
Which of the following describes spyware?
It monitors the actions you take on your machine and sends the information back to the originating source.
The AAA security standard includes authentication, authorization, and accounting (logging of user actions). Which of the following authentication protocols only provides authentication?
Kerberos
Which of the following door locks provides authentication to a specific lock over a Bluetooth connection?
Key fob
Which of the following can be paired with a motion sensor to improve security?
Lights
What are the security measures that are implemented through the operating system and software known as?
Logical security
Which of the following is a benefit of BYOD?
Lower costs
Listen to exam instructions Which of the following should be installed inside the entrance to the building to prevent weapons or unauthorized equipment being brought into the building?
Magnetometer
Which of the following is a valid distinguished name for the MarketSpace common domain name?
MarketSpace.org
Where is the access control list stored on a Windows system?
Master File Table
Which of the following Bring Your Own Device (BYOD) risks is both a security issue for an organization and a privacy issue for a BYOD user?
Mixing of personal and corporate data
Which of the following should you implement to monitor and manage the risks of a BYOD policy?
Mobile device management
Your company has recently implemented a BYOD policy. To protect the network, users must install an app on their devices that allows the security administrator to enforce the security policies. Which of the following is this an example of?
Mobile device management
After entering a user ID and password, an online banking user must enter a PIN that was sent as a text message to their mobile phone. Which of the following digital security methods is being used?
Multifactor authentication
You are working at the local hospital in the IT department. You have just received a promotion to junior network technician. Part of your new role involves troubleshooting network communication issues. Which of the following user groups should your account be added to?
Network Configuration Operator
You have just implemented several lockout policies. Which of the following password attacks will these policies MOST effectively protect against?
Online attack
You are your company's Active Directory system administrator. The company has branch offices in several countries, including Mexico, Argentina, Canada, and the UK. The company only has a total of 250 employees organized in the same departments in each office. However, the company is projected to expand rapidly in the next two years. You want to create a tree of organizational units (OUs) that can adapt to the rapid growth without re-organizing the OU structure in the near future. You also want to be able to easily assign rights to certain network resources based on departmental organizational roles. Which of the following solutions would BEST meet your requirements?
Organize the OUs at the top level by office (country); then use group accounts to help control resource rights.
Which of the following authentication combinations is an example of multi-factor authentication?
PIN and authentication app
Which of the following is a type of firewall?
Packet filtering
Which of the following types of password cracking attacks is designed to avoid lockout policies?
Password spraying
Which of the following is released by software vendors to address issues or vulnerabilities?
Patches
Jared receives an email relating that an account containing a large sum of money has been frozen by the government of a small African nation. Jared is offered a 25 percent share of this account if he will help the sender transfer it to a bank in the United States. Jared replies to the sender and is instructed to send his bank account number so that it can be used to facilitate the transfer. Jared sends the requested information, and then the sender uses the information to drain Jared's bank account. Which type of attack occurred?
Phishing
Joe, a user, receives an email from a popular video streaming website. The email urges him to renew his membership. The message appears official, but Joe has never had a membership before. When Joe looks closer, he discovers that a hyperlink in the email points to a suspicious URL. Which of the following security threats does this describe?
Phishing
Several users have forwarded you an email stating that your company's health insurance provider has just launched a new website for all employees. To access the site, you are told to click a link in the email and provide your personal information. Upon investigation, you discover that your company's health insurance provider did not send this email. Which of the following BEST describes the type of attack that just occurred?
Phishing
Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through emails or websites that impersonate an online entity that the victim trusts, such as a financial institution or well-known e-commerce site?
Phishing
You have been hired to evaluate your client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Visitors are able to enter the building and are checked in by a receptionist. Security cameras are installed on all buildings. Server racks are locked and have alarms. Which of the following would you MOST likely recommend that your client do to increase security based on this information?
Place a security guard at the entrance gate with an access list to control who comes on the property.
A technician assists Joe, an employee in the sales department who needs access to the client database, by granting him Administrator privileges. Later, Joe discovers that he has access to the salaries in the payroll database. Which of the following security practices was violated?
Principle of least privilege
You have been hired to assess a client's security. During your testing, you discover that users have access to other departments' files. Which of the following should you recommend that the company implement?
Principle of least privilege
A user is unable to read their computer files. A pop-up explains that the files have been encrypted and gives instructions on how to purchase a decryption key. Which of the following BEST describes this malware?
Ransomware
Which encryption method is used in WPA3 to generate a new key for every transmission?
SAE
You have been hired to investigate a recent cybersecurity attack. You have discovered that the attacker was able to send commands to the server using the login fields and steal user credentials from the database. Which of the following attacks was your client MOST likely the victim of?
SQL injection
Which of the following is a common form of a social engineering attack?
Sending phishing emails.
In which of the following security attacks does the hacker intercept session cookies in order to access the victim's account?
Session Hijacking
Which of the following is an example of a hard token?
Smart card
Joe, an executive, receives an email that appears to be from the financial institution that provides his company credit card. The text of the email includes Joe's name and the company name and states that there is a problem with Joe's credit card. The email provides a link to verify the credit card, but when Joe hovers over the link, he thinks the web address seems strange. Which of the following BEST describes this type of attack?
Social engineering
You are working as a junior network technician at the local hospital. The security administrator has just finished rolling out a new security policy that requires users to log in to workstations using a fingerprint scanner. Which authentication category does this fall under?
Something you are
Which authentication category does a username and password fall under?
Something you know
Which type of malicious activity can be described as numerous unwanted and unsolicited email messages that are sent to a wide range of victims?
Spamming
A new computer has been added to the sales department and needs to be joined to the CorpNet domain. Which of the following System Properties settings must you use to make the change?
System Properties > Computer Name
You want to perform a Windows update on your Windows 11 computer. Before doing so, you want to make sure you can easily go back to the state it was in prior to the update. Which of the following Control Panel utilities is BEST to enable and use prior to the update?
System protection
Which of the following is an encryption algorithm that includes a base key, the MAC address of the wireless access point, and a unique packet serial number for each transmitted packet?
TKIP
An intruder waits near an organization's secure entrance until an employee approaches the entrance and unlocks it with a security badge. The intruder falls in line behind the employee, who assumes the intruder is another employee and holds the door open for her. Which of the following BEST describes the type of attack that just occurred?
Tailgating
An unauthorized person gains access to a secure area by following an authorized person through a door controlled by a badge reader. Which of the following security threats does this example describe?
Tailgating
You are a security consultant. An organization has hired you to review their security measures. The employees in the organization often receive calls from hackers trying to gain sensitive information using high-pressure tactics. Which of the following actions would you MOST likely recommend to mitigate these social engineering attacks?
Teach users how to recognize and respond to these attacks.
The Hide Programs setting is configured for a specific user as follows: Local Group Policy-Enabled Default Domain Policy GPO-Not configured GPO linked to the user's organizational unit-Disabled After logging in, the user is able to see the Programs and Features option. Why did this happen?
The GPO linked to the user's organizational unit is applied last, so this setting takes precedence.
Which of the following BEST describes authorization?
The resources that a user can access.
Anna, a user, downloaded a free PDF editing application from the internet. Now her laptop constantly displays desktop pop-ups, and several applications don't start. Which of the following types of malware was Anna the victim of?
Trojan
Which of the following is a program that appears to be a legitimate application, utility, game, or screen saver, but performs malicious activities surreptitiously?
Trojan horse
What do you call a system that has no anti-malware or firewall installed?
Unprotected
You have five salespeople who work out of your office and who frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection method to address your concerns?
Use cable locks to chain the laptops to the desks.
Which of the following is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
Virus
A malicious person calls an employee from a cell phone. She tells the employee that she is the vice president over the accounting department in the employee's company. She relates that she has forgotten her password and demands that the employee give her his password so that she can access the reports she needs for an upcoming presentation. She threatens to fire the employee if he does not comply. Which of the following BEST describes the type of attack that just occurred?
Vishing
Which of the following wireless security methods uses a common shared key that is configured on the wireless access point and all wireless clients?
WEP, WPA Personal, and WPA2 Personal
While configuring a wireless access point device, a technician is presented with several security mode options. Which of the following options provides the most secure access?
WPA2 and AES
Which of the following authentication methods allows you to securely connect a printer to the wireless network with the least amount of effort?
WPS
In which of the following situations should you install a firewall?
You want to restrict internet users from accessing private data on your network.
Which of the following attacks exploits a vulnerability in software that has not been discovered by the developer?
Zero-day attack
A large number of compromised computers are infected with malware that allows an attacker (herder) to control the computers to spread email spam and launch denial-of-service attacks. Which of the following does this security threat describe?
Zombie/botnet
