Meeeerkat (Topic 2 Security)

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

QUESTION NO: 177 Which of the following security threats is BEST mitigated through proper user training? A. A Worm B. Rootkits C. Social Engineering D. Browser Adware

Answer: C Reference: http://www.veracode.com/blog/2013/03/hacking-the-mind-how-why-social-engineeringworks/

QUESTION NO: 139 Which of the following security threats is defined by its self propagating characteristic? A. Virus B. Rootkit C. Trojan D. Worm

Answer: D Reference: http://www.pcworld.com/article/111965/article.html

QUESTION NO: 184 A user receives a phone call from a person claiming to be from technical support. This person knows the user's name and that the user has Windows installed on their computer. The technician directs the user to open Event Viewer and look at some event log entries to demonstrate the effects of a virus on the computer. The technician also asks the user for their user ID and password so that they can clean the computer. This is an example of which of the following security threats? A. Social engineering B. Phishing C. Malware D. Virus

Answer: A Reference: http://www.pcworld.com/article/182180/top_5_social_engineering_exploit_techniques.html

QUESTION NO: 202 Browser redirection is caused by which of the following types of viruses? A. Hijack B. Trojan C. Worm D. Keylogger

Answer: A Reference: http://en.wikipedia.org/wiki/Browser_hijacking

QUESTION NO: 200 Which of the following security threats do shredders help prevent? A. Dumpster diving B. Malware C. Phishing D. Worms

Answer: A Reference: http://en.wikipedia.org/wiki/Garbage_picking

QUESTION NO: 178 The practice of following an authorized person through an entrance without using a badge to defeat security is called: A. tailgating B. spamming C. shredding D. phishing

Answer: A Reference: http://en.wikipedia.org/wiki/Tailgating

QUESTION NO: 197 Which of the following is a security threat that uses email to trick users? A. Phishing B. Virus C. Spyware D. Shoulder surfing

Answer: A Reference: http://kb.iu.edu/data/arsf.html

QUESTION NO: 133 Which of the following would be the QUICKEST means of removing data from a hard drive, when there is no consideration regarding the total destruction of the data? A. Standard format B. Low level format C. Overwrite program D. Drive wipe

Answer: A Reference: http://pcsupport.about.com/od/windows7/ht/format-hard-drive-windows-7.htm

QUESTION NO: 193 Which of the following security measures is usually found in a laptop? A. Biometrics B. Bollard C. Hypervisor D. Key fobs

Answer: A Reference: http://searchsecurity.techtarget.com/definition/biometrics

QUESTION NO: 213 Which of the following would be the BEST way to combat social engineering? A. User education B. Deny social networks through the firewall C. Badges D. Strong password usage

Answer: A Reference: http://searchsecurity.techtarget.com/magazineContent/Gaining-awareness-to-preventsocial- engineering-techniques-attacks

QUESTION NO: 143 An administrator is concerned about users accessing network shares outside of their job role. Which of the following would BEST prevent this? A. Set up shares with permissions based upon group membership. B. Implement a written policy addressing the issue for all users. C. Monitor access to the network shares using SNMP. D. Prevent remote logins to all network shares and drives.

Answer: A Reference: http://technet.microsoft.com/en-us/library/cc768050.aspx

QUESTION NO: 157 In order to prevent other users from editing files in 'C:\ Files', which of the following steps should be taken? A. Set NTFS permissions to read only B. Set the folder to index files for search C. Set the local administrator as the owner of the folder D. Set network share permissions to read only

Answer: A Reference: http://technet.microsoft.com/en-us/magazine/2005.11.howitworksntfs.aspx

QUESTION NO: 172 A user reports that every time they use a search engine and click on a link to go to a website, they instead are taken to a site blocked by their company's content filter. The user is not trying to go to the blocked site and needs to be able to successfully use the search engine to complete their assignment. Which of the following tools would a technician use to BEST resolve this issue? A. Anti-malware software B. Factory pre-installation C. System restore D. Recovery console

Answer: A Reference: http://wiki.answers.com/Q/How_does_anti-malware_scanners_work

QUESTION NO: 210 A user does not want their kids to be able to install software on their home desktop. Which of the following types of accounts should the user set up in Windows 7? A. Standard B. Remote Desktop Users C. Administrator D. Power User

Answer: A Reference: http://windows.microsoft.com/en-us/windows-vista/what-is-a-standard-user-account

QUESTION NO: 152 For the last year, a company has gathered statistics on the most common security incidents. The highest percentage deals with opening email attachments that contain malware. Which of the following would mitigate this issue without reducing productivity? A. Annual cyber security education B. Update antivirus signatures more often C. Block all email attachments D. Install an IPS on each workstation

Answer: A Reference: http://www.aps.anl.gov/Safety_and_Training/Training/Courses/esh223/start.html

QUESTION NO: 168 A user regularly has to walk away from their computer and is worried someone may access their workstation. Which of the following would BEST prevent this? A. Lock the workstation B. Shutdown the computer C. Logon using the unprivileged guest account D. Set the screensaver password

Answer: A Reference: http://www.dummies.com/how-to/content/how-to-lock-your-pc.navId-323066.html

QUESTION NO: 223 IT suspects that other people are frequently making changes to a computer when a user leaves their desk. Which of the following security policies can be implemented in order to prevent this situation? A. Auto-lock B. Password complexity C. Change the default username D. Disable the guest account

Answer: A Reference: http://www.inf.aber.ac.uk/advisory/faq/156

QUESTION NO: 158 Which of the following security threats requires the attacker to be physically located near the target machine? A. Shoulder surfing B. Social engineering C. Phishing D. Rootkit

Answer: A Reference: http://www.lifelock.com/education/id-theft-types/shoulder-surfing/

QUESTION NO: 224 A client has asked a technician about drive sanitation and wants to know what the difference is between overwriting a drive and formatting a drive. Which of the following would be the BEST response from the technician? A. "Overwriting writes 1s and 0s to a hard drive replacing the data, while formatting only clears the reference to the data and only overwrites as space is used." B. "Nothing is different. They both destroy the data so no one can recover it." C. "Overwriting writes 1s and 0s to the drive replacing only the user's data but not the OS data, while formatting destroys the hard drive." D. "Overwriting replaces all the data with a single file that fills the hard drive destroying the data, while formatting erases all the data."

Answer: A Reference: http://www.pcworld.com/article/261702/how_to_securely_erase_your_hard_drive.html

QUESTION NO: 190 A technician is trying to setup a non-domain user account on a workstation, but receives the following error message "Password does not meet the complexity requirements." Which of the following utilities should the technician use to identify the criteria? A. Local Security Policy B. Users and Groups C. Performance Monitor D. MSCONFIG

Answer: A Reference: http://www.tomshardware.com/forum/23713-63-password-meet-password-policyrequirements

QUESTION NO: 161 Which of the following is solely designed to avoid detection by an antivirus program by using the underlying operating system to its advantage? A. Rootkit B. Virus C. Trojan D. Worm

Answer: A Reference: http://www.webopedia.com/TERM/R/rootkit.html

QUESTION NO: 185 A user has just purchased a wireless router for their home. Which of the following should be done to BEST secure the router from unauthorized access? (Select TWO). A. Change router default logins B. Change the security settings on their computer C. Set encryption on the router D. Update router firmware E. Change the encryption on the computer's wireless adapter

Answer: A,C Explanation: First change default router logins to avoid guesswork by hackers. Set encryption on the router using WPA and/or WPA2.

QUESTION NO: 147 A technician must secure company documents from accidental disclosure. Which of the following should be implemented? (Select TWO). A. User training B. Anti-malware C. Paper shredding D. Time of day restrictions E. Employee badges F. Mantraps

Answer: A,C Reference: http://en.wikipedia.org/wiki/Paper_shredder

QUESTION NO: 182 A technician is configuring a PC that will have confidential information stored on it. To ensure that only authorized users can access this PC, which of the following should the technician do? (Select TWO). A. Disable the guest account B. Install antivirus applications C. Disable DHCP D. Change the SSID E. Change the default username

Answer: A,E Explanation: To prevent unauthorized access to the PC, disable guest accounts and change default usernames for maximum security.

QUESTION NO: 211 Which of the following are examples of physical security? (Select TWO). A. Badges B. Anti-virus C. Encryption D. Firewalls E. Locked doors

Answer: A,E Reference: http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf

QUESTION NO: 142 A small business owner is setting up their wireless network in their office, which is in a building shared with several other businesses. The owner does not want to disable the SSID broadcasting due to visiting customers needing to use the network, but does not want other businesses to notice the network, let alone access it. Which of the following would BEST accomplish this? A. Configure the access point encryption from unsecured access to WEP. B. Adjust the radio power so that coverage is restricted to the business. C. Change the SSID to reflect the business name instead of a public access point. D. Enable MAC filtering and restrict access to other company's devices.

Answer: B Explanation: Best way to do this is to adjust radio power to restrict the coverage to the business. When the radio power is restricted to an office. The persons in the other office space cannot detect the signals at all.

QUESTION NO: 208 When securing a small office home office (SOHO) that has empty cubicles with unused network ports, which of the following can be used to secure ONLY the unused ports? A. Use DHCP addressing on the network. B. Disable the ports on the router or switch. C. Power down the router when it is not being used. D. Disable DNS on the network.

Answer: B Explanation: To secure unused ports, just disable them on the router or the switch.

QUESTION NO: 150 After several passes with a malware removal program, the program keeps detecting the same malware infection after a reboot. Which of the following should be done to attempt to remove the offending malware? A. Run the malware removal program while disconnected from the Internet B. Run the malware removal program in Windows Safe Mode C. Reinstall the malware removal program from a trusted source D. Set the malware removal program to run each time the computer is rebooted

Answer: B Reference: http://www.pcworld.com/article/243818/how_to_remove_malware_from_your_windows_pc.html

QUESTION NO: 154 A technician is implementing a SOHO wireless network for Company A that shares a floor with Company B. Which of the following would BEST secure the wireless network so that only Company A employees are allowed access? A. Turning down the radio power level B. Enabling MAC filtering C. Setting a high encryption level D. Disabling the SSID broadcast

Answer: B Reference: http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm

QUESTION NO: 155 A technician enabled remote management on the small office WAP to manage this device from another location. Users are reporting that the WAP has changed its SSID without anyone's knowledge. Which of the following would prevent this from occurring? A. Change to user MAC filtering B. Change default usernames and passwords C. Disable the SSID from broadcasting D. Enable static IP addresses

Answer: B Reference: http://compnetworking.about.com/od/routers/ss/routerpassword.htm

QUESTION NO: 216 Which of the following has the HIGHEST level rights? A. Standard User B. Power User C. Guest User D. Remote Desktop User

Answer: B Reference: http://en.wikipedia.org/wiki/Power_user#Windows_administration

QUESTION NO: 167 Which of the following security controls would be an example of the least privilege principle on a home PC? A. Install antispyware on the PC. B. Create a standard user account for kids. C. Store all financial data in a separate folder. D. Disable the firewall for online gaming.

Answer: B Reference: http://en.wikipedia.org/wiki/Principle_of_least_privilege

QUESTION NO: 173 After being infected with a virus, a user's computer does not recognize the user as having local administrator rights to the computer. After troubleshooting the issue, a technician determines the computer needs to be rebuilt and data needs to be restored from the user's backup. Which of the following tools would BEST reset the computer to how it worked when first purchased? A. Recovery Console B. Factory restore CD C. Anti-malware software D. System Restore

Answer: B Reference: http://en.wikipedia.org/wiki/Recovery_disc

QUESTION NO: 225 Which of the following BEST describes the security term known as tailgating? A. Propping open a secure entrance to gain later access B. Following behind someone when entering a secure area C. Removing files from a site using a hidden USB drive D. Using someone else's logged in computer to access files

Answer: B Reference: http://en.wikipedia.org/wiki/Tailgating

QUESTION NO: 136 A technician wants to ensure that only authorized administrators can make configuration changes to the company's wireless router. Which of the following MUST the technician change to prevent unauthorized users from modifying the access point configuration? A. MAC address filters B. Manufacturer password C. Default SSID D. Configure encryption

Answer: B Reference: http://pcsupport.about.com/od/windows7/f/default-password-windows-7.htm

QUESTION NO: 165 Which of the following security threats does NOT use software to extract sensitive information or credentials? A. Grayware B. Shoulder surfing C. Malware D. Man-in-the-Middle exploits

Answer: B Reference: http://searchsecurity.techtarget.com/definition/shoulder-surfing

QUESTION NO: 194 Which of the following can be achieved with Group Policy to help with workstation security measures? A. BitLocker password B. Complexity requirements C. BIOS password D. Wake on LAN

Answer: B Reference: http://technet.microsoft.com/en-us/library/cc875814.aspx

QUESTION NO: 137 Which of the following utilities would a technician use on a Windows Vista or Windows 7 machine to configure what applications are allowed to send/receive data over the LAN connection? A. Users and Groups B. Windows Firewall C. Registry Editor D. Task Scheduler

Answer: B Reference: http://windows.microsoft.com/en-us/windows7/products/features/windows-firewall

QUESTION NO: 201 A user has setup a SOHO and needs to implement a network configuration that allows for sharing of devices and files across the network without the complexity of a centralized server. Which of the following would be MOST appropriate? A. PAN B. WorkGroup C. Domain D. WAN

Answer: B Reference: http://windows.microsoft.com/en-us/windows7/what-is-the-difference-between-adomain- a-workgroup-and-a-homegroup

QUESTION NO: 183 A company recently had a security breach and is now required to increase the security on their workstations. A technician has been tasked to harden all the workstations on the network. Which of the following should the technician do? A. Enable Windows automatic updates B. Enable screensaver required passwords C. Enable MAC filtering D. Enable wireless encryption

Answer: B Reference: http://windows.microsoft.com/is-is/windows-vista/use-your-windows-password-foryour- screen-saver-password

QUESTION NO: 198 Which of the following user accounts should be disabled to adhere to security best practices? A. Standard user B. Guest C. Administrator D. Power user

Answer: B Reference: http://windows.microsoft.com/is-is/windows-vista/what-is-a-guest-account

QUESTION NO: 170 A company is experiencing issues with third parties tailgating authorized users during entry to secure server rooms. Which of the following would BEST alleviate this problem? A. Retinal scanners B. Mantraps C. Door locks D. Smart card badges

Answer: B Reference: http://www.datacenterjournal.com/design/what-is-a-mantrap-and-do-you-need-one/

QUESTION NO: 196 A technician has installed the hardware for a SOHO wired network. Which of the following is the FIRST step to securing the network? A. Enable MAC filtering B. Change default usernames and passwords C. Disable unused ports D. Assign static IP addresses

Answer: B Reference: http://www.dirksen.nl/assets/Uploads/Downloads/Top10ChecklistSOHOSecurity.pdf

QUESTION NO: 189 A client has a computer that is infected with several viruses and spyware. Which of the following should the technician perform FIRST before spyware removal? A. Run Windows Update B. Disable system restore C. Run the chkdsk /r command D. Disable network cards

Answer: B Reference: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windowsvista/

QUESTION NO: 179 Turnstiles and other mantraps will prevent which of the following security threats? A. Shoulder surfing B. Tailgating C. Rootkits D. Viruses

Answer: B Reference: http://www.infosecpro.com/a_security_engineering/se13.htm

QUESTION NO: 159 An unauthorized user observing system security procedures is known as: A. A worm. B. Shoulder surfing. C. Phishing. D. Spyware.

Answer: B Reference: http://www.lifelock.com/education/id-theft-types/shoulder-surfing/

QUESTION NO: 175 A pest exterminator tries to gain access to a company's computer lab, but the receptionist does not see an extermination scheduled on the calendar and denies the exterminator access to the lab. Which of the following security threats almost occurred? A. War driving B. Social engineering C. Shoulder surfing D. Phishing

Answer: B Reference: http://www.veracode.com/blog/2013/03/hacking-the-mind-how-why-social-engineeringworks/

QUESTION NO: 181 Phishing is: A. An infection that causes a web browser to go to a different site than the one intended from a search result page. B. A technique used to obtain financial information from a user mimicking a legitimate website. C. An infection that causes a computer to behave erratically by playing music and launching browser windows. D. A technique used to obtain financial information from a user by compiling information from social networks and their friends.

Answer: B Reference: http://www.victeach.com.au/Other-Services/Security/Threats-and-scams.html

QUESTION NO: 164 Which of the following security threats involve shoulder surfing and phone phishing? A. Man-in-the-Middle B. Social engineering C. Trojan virus D. Spyware

Answer: B Reference: http://www.webroot.com/us/en/home/resources/tips/online-shopping-banking/securewhat- is-social-engineering

QUESTION NO: 214 Which of the following is considered a method of physical security? A. Strong passwords B. Cipher locked doors C. NTFS D. Firewall

Answer: B Reference: http://www.wisegeek.com/what-is-a-cipher-lock.htm

QUESTION NO: 129 Which of the following security threats are MOST often delivered via email? (Select TWO). A. Rootkits B. Phishing C. Shoulder surfing D. Social engineering E. Spam

Answer: B,E Reference: http://www.securelist.com/en/threats/spam

QUESTION NO: 141 Which of the following should a technician implement to prevent external contractors from physically plugging devices into the company's network jacks unless such jacks are designated for guest use? A. Disable DHCP and assign a static IP address to each network device physically connected to the network. B. Enable MAC address filtering across all network jacks and record the MAC address of guest devices. C. Disable all switch ports when they are not utilized and enable them on an as needed basis. D. Place guest network jacks in public areas and all other jacks in secure areas as needed.

Answer: C Explanation:

QUESTION NO: 186 A user is experiencing slow performance with their computer. A technician suspects the computer has a virus and runs antivirus software. A virus is found and removed, but the performance issue is not resolved. Which of the following should the technician perform NEXT? A. Document findings, actions, and outcomes B. Establish a plan of action to resolve the problem C. Re-establish a new theory or escalate D. Implement preventative measures

Answer: C Explanation: Go back to the finding the real problem. See what is slowing down the performance and then resolve the problem using related troubleshooting techniques.

QUESTION NO: 140 Which of the following should a technician implement to prevent external contractors from physically plugging devices into the company's network jacks unless such jacks are designated for guest use? A. Disable DHCP and assign a static IP address to each network device physically connected to the network. B. Enable MAC address filtering across all network jacks and record the MAC address of guest devices. C. Disable all switch ports when they are not utilized and enable them on an as needed basis. D. Place guest network jacks in public areas and all other jacks in secure areas as needed.

Answer: C Explanation: The best way is to disable all switch ports when they are not utilized. Switch them on when you need them. This way, you can prevent external contractors from physically plugging devices in to company's network jacks.

QUESTION NO: 162 Which of the following passwords is the MOST secure according to industry best practices? A. VeryStrongPassword B. SimpleAnswer1234 C. E@sy2Remember D. thisisthecorrectanswer1

Answer: C Reference: http://netforbeginners.about.com/od/antivirusantispyware/a/example_strong_passwords.htm

QUESTION NO: 169 For any given 802.11n wireless Internet signal, which of the following is needed to establish a connection? A. MAC address filtering B. Windows password C. Proper SSID D. SSL certificate

Answer: C Reference: http://www.cisco.com/en/US/docs/wireless/access_point/12.4_21a_JA1/configuration/guide/scg12 421aJA1-chap7-mbssid.html

QUESTION NO: 188 When securing a new wireless router, which of the following should be changed FIRST? A. Default SSID B. Radio power levels C. Default password D. DHCP settings

Answer: C Reference: http://blog.laptopmag.com/change-your-routers-username-and-password-how-to

QUESTION NO: 160 Privacy filters applied to users computer screens are used to combat which of the following security risks? A. Rootkits B. Spear phishing C. Shoulder surfing D. Social Engineering

Answer: C Reference: http://blog.securityactive.co.uk/tag/stop-shoulder-surfing/

QUESTION NO: 146 Which of the following identifies traffic based upon its physical network address? A. Phishing B. Hashing C. MAC filtering D. Geotracking

Answer: C Reference: http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm

QUESTION NO: 195 Which of the following can enable a technician to remove a virus that prevents users from updating their antivirus software? A. Recovery console B. REGEDIT C. Safe mode D. MSCONFIG

Answer: C Reference: http://pcsupport.about.com/od/fixtheproblem/f/windows-safe-mode.htm

QUESTION NO: 180 Which of the following encryption standards is found on older wireless devices and provides minimal security? A. WPA B. WPA2 C. WEP D. AES

Answer: C Reference: http://searchsecurity.techtarget.com/definition/Wired-Equivalent-Privacy

QUESTION NO: 220 A user installed a new SOHO router and new wireless NICs to increase their transmission speed from 802.11b to 802.11g with the manufacturer's default settings. The user lives in an apartment building and is still experiencing slowness to the Internet after the installations. Which of the following is the MOST secure option that a technician could implement to resolve this issue? A. Hide the SSID B. Assign static IP addresses C. Enable MAC filtering D. Disable the WAN port

Answer: C Reference: http://security.stackexchange.com/questions/755/how-does-basic-http-auth-work

QUESTION NO: 144 A company is looking to donate a collection of old PCs that are no longer needed. Which of the following data destruction methods would be MOST secure for highly sensitive information? A. Simple 1-pass zero overwrite B. Low level 3-pass random wipe C. Low level 7-pass random wipe D. High level format 10 times

Answer: C Reference: http://superuser.com/questions/215852/is-using-multiple-passes-for-wiping-a-diskreally- necessary

QUESTION NO: 205 A technician needs to change the minimum password length to 8 characters to make it more secure. Which of the following system settings should the technician configure? A. Windows Firewall B. Windows Security Center C. Local Security Policy D. System Configuration

Answer: C Reference: http://technet.microsoft.com/en-us/library/dd277395.aspx

QUESTION NO: 131 A company wants to prevent non-authorized users from entering into a secure building. Which of the following will BEST mitigate this activity? A. Train users on tailgating B. Implement an escort policy C. Install mantraps D. Require all users to have badges

Answer: C Reference: http://whatis.techtarget.com/definition/mantrap-interlocking-door-controller

Topic 2, Security QUESTION NO: 126 A PC has sensitive data that must be destroyed, before the PC is redeployed. A technician has been tasked with completely wiping the PC hard drive. Which of the following methods is BEST for the technician to use? A. Quick format B. FDISK C. Low level format D. Standard format

Answer: C Reference: http://www.dedoimedo.com/computers/low-level-formatting.html

QUESTION NO: 191 In a SOHO wireless network, which of the following prevents unauthorized users from accessing confidential data? A. Reduce broadcast power B. Change SSID name C. Set encryption D. Enable MAC filtering

Answer: C Reference: http://www.dirksen.nl/assets/Uploads/Downloads/Top10ChecklistSOHOSecurity.pdf

QUESTION NO: 132 An employee at a company lost their mobile device that contains proprietary information. Which of the following methods is the BEST to be implemented to prevent unauthorized users from obtaining this information? A. Lock screen pattern B. Cancel mobile service C. Remote wipe D. Six character password

Answer: C Reference: http://www.mobiledevicemanager.com/mobile-device-security/remote-wipe/

QUESTION NO: 222 Which of the following is the MOST secure method, short of physical destruction, that would be used to ensure that data on a hard drive cannot be recovered? A. Use a degaussing tool B. Format the drive C. Use an overwrite program D. Repartition the drive

Answer: C Reference: http://www.pcworld.com/article/261702/how_to_securely_erase_your_hard_drive.html

QUESTION NO: 145 A user receives an unsolicited call from a technician claiming to be from a Microsoft certified partner. The technician tricks the user into allowing them access to their PC because of malware alerts that were being broadcasted. Which of the following attacks is this user a victim of? A. Shoulder surfing B. Phishing attack C. Social engineering D. Malware infection

Answer: C Reference: http://www.social-engineer.org/

QUESTION NO: 148 Which of the following is TRUE about the difference between a worm and a virus? A. Worms are written in assembly while viruses are written with scripting languages. B. Viruses hide in the boot record while worms hide within the file system. C. Worms self propagate while viruses need human intervention to replicate. D. Viruses disable the antivirus update service while worms kill the antivirus process.

Answer: C Reference: http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp

QUESTION NO: 218 A user gets a warning from their ISP about illegally downloading copyrighted movies. The user insists that they did not download any movies and calls a technician to implement stronger small office home office (SOHO) security. Which of the following will allow only known workstations to connect to the SOHO router? A. WPA password B. Static IPs C. MAC filtering D. WEP password

Answer: C Reference: http://www.wi-fiplanet.com/tutorials/article.php/3924486/MAC-Filtering-for-Your- Wireless-Network.htm

QUESTION NO: 219 A technician is installing a webcam in a nursery for a user to monitor their baby. The user wants to ensure that the webcam is not broadcasting externally. Which of the following would the technician implement on the SOHO router to prevent the broadcast? A. Enable MAC filtering B. Enable static IPs C. Block the outbound port D. Change the default SSID

Answer: C Reference: http://www.wilderssecurity.com/showthread.php?t=210105

QUESTION NO: 135 Which of the following areas of a file system should a standard user have restricted permissions to in order to promote a security best practice? (Select TWO). A. Temporary Internet Files B. My Document Files C. Windows System Files D. Network Files E. Program Files

Answer: C,E Explanation: Windows program files are important for Windows operating system. If these files are deleted, Windows will corrupt. Similarly program files are related to applications and programs installed on a computer. These are highly sensitive files because they are related to the functioning of the operating system and the applications installed on it.

QUESTION NO: 217 Which of the following allows a user to reset their password with a series of security questions that only the user should know? A. Permission propagation B. Administration C. Verification D. Authentication

Answer: D Explanation:

QUESTION NO: 153 A company wants to ensure that the latest cyber security threats are known to the employees across the enterprise to minimize occurrences. Which of the following should be implemented? A. Message of the Day B. Email lists C. Company forums D. Regular user education

Answer: D Explanation: Educating user is the best way to combat security threats. After all security threats occur when a human carries it across unknowingly.

QUESTION NO: 209 Which of the following should a technician do LAST after cleaning up a virus infection? A. Enable system restore and create restore point B. Update antivirus software C. Schedule scans and updates D. Educate the end user

Answer: D Explanation: Most of the time users install virus, Trojans and other malicious codes on their computers unknowingly. The best to prevent this loophole is to educate the user about viruses and where to look and what to do to prevent installing malicious codes.

QUESTION NO: 215 A user wants to quickly install the most recent security patch released. Which of the following options can be selected from the Windows Update website? A. Custom settings B. Advanced settings C. Automatic settings D. Express settings

Answer: D Reference: http://wiki.answers.com/Q/What_will_the_windows_update_express_button_download_onto_your _computer

QUESTION NO: 207 Which of the following common security threats could be occurring when a user calls and requests his co-worker's password? A. Shoulder surfing B. Spyware C. Phishing D. Social engineering

Answer: D Reference: http://www.pcworld.com/article/182180/top_5_social_engineering_exploit_techniques.html

QUESTION NO: 212 Which of the following scenarios BEST defines phishing? A. A user receives an email from a friend to download a picture but the file format ends in .exe. B. A user receives a pop-up message about a virus from a company that states that if they buy this product it will remove the virus. C. A user receives a message about unwanted activity from their antivirus asking to remove the suspect file. D. A user receives an email from a person in another country with a story as to why they need help with a financial arrangement.

Answer: D Reference: http://www.scamwatch.gov.au/content/index.phtml/tag/requestsforyouraccountinformation

QUESTION NO: 187 The benefit of MAC filtering in wireless networking is that the network: A. is encrypted. B. is not visible. C. uses static IP addresses. D. is more secure.

Answer: D Reference: http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm

QUESTION NO: 176 A computer program that functions normally while quietly installing malicious software on a machine is known as a: A. DDoS attack. B. Worm. C. Phishing attack. D. Trojan.

Answer: D Reference: http://computer.howstuffworks.com/trojan-horse.htm

QUESTION NO: 221 A user wants to prevent access to specific websites to prevent their children from accidentally accessing them. Which of the following can be implemented? A. A switch B. Antivirus software C. Antispyware software D. A firewall

Answer: D Reference: http://en.wikipedia.org/wiki/MAC_filtering

QUESTION NO: 204 An Internet browser's cookie could be classified as which of the following? A. Rootkit B. Phishing C. Malware D. Spyware

Answer: D Reference: http://en.wikipedia.org/wiki/Spyware#Browser_cookies

QUESTION NO: 163 Which of the following security best practices would prevent a program on a CD from immediately launching when inserted into a computer? A. MSCONFIG >Startup Tab B. Disable the Guest account C. Rename the Administrator account D. Disable autorun E. Restrict user permissions

Answer: D Reference: http://lifehacker.com/5858703/disable-autorun-to-stop-50-of-windows-malware-threats

QUESTION NO: 130 A user is advised by the software vendor that the user must have elevated privileges in order to run a program. The user should do which of the following to BEST accomplish this? A. Run in Windows XP compatibility mode B. Run the program in a virtual PC environment C. Log out of the system and login under another user's name D. Right click select "run as" and select administrator

Answer: D Reference: http://msdn.microsoft.com/en-us/library/dd298823.aspx

QUESTION NO: 149 A technician is tasked with improving the security of a SOHO network. The office is comprised of a single wireless router located under the front desk where the office manager sits. All desktop computers are wired into the router which is configured with strong device credentials. Additionally, wireless is disabled on the router. Which of the following should the technician perform NEXT to improve the security of the SOHO network? A. Disable the router's remote management feature. B. Enable WPA2 wireless encryption. C. Change the router's default admin name and password. D. Place the router in a locked room.

Answer: D Reference: http://network.cmu.ac.th/wp-content/uploads/2011/05/CCNA-Security-Ch2-Securing- Network-Devices.pdf

QUESTION NO: 128 Which of the following helps to prevent virus infections from USB flash drives? A. Strong passwords B. Password protected screen savers C. Disabling the guest account D. Disabling the autorun feature

Answer: D Reference: http://support.microsoft.com/kb/967715

QUESTION NO: 156 A technician has configured the ability to connect to a small office server using remote desktop from a workstation within the office. The technician has reviewed logs that show constant brute force attacks to that server from outside the network. Which of the following would prevent this from occurring? A. Configure the server to use a static IP B. Logically move the server to the DMZ C. Reallocate the server to a different networking closet D. Disable the remote desktop port

Answer: D Reference: http://technet.microsoft.com/en-us/library/cc759006(v=ws.10).aspx

QUESTION NO: 206 A technician would like to limit computer access to certain users. Which of the following should be configured? A. Advanced security B. Boot.ini file C. System configuration D. Local security policy

Answer: D Reference: http://technet.microsoft.com/en-us/library/dd277395.aspx

QUESTION NO: 199 Which of the following user accounts should be renamed to adhere to security best practices? A. Power user B. Guest C. Standard user D. Administrator

Answer: D Reference: http://technet.microsoft.com/en-us/library/jj852273.aspx

QUESTION NO: 138 A customer needs to setup their laptop for use with a proxy server to browse the web at work. Which of the following areas would a technician need to visit to configure this on a Windows 7 system? A. System Protection B. Security Center C. Windows Firewall D. Internet Options

Answer: D Reference: http://windows.microsoft.com/is-is/windows-vista/using-windows-security-center

QUESTION NO: 127 An attack that creates a website that looks like another website, with the purpose of learning someone's account information is called which of the following? A. Virus B. Shoulder surfing C. Trojan D. Phishing

Answer: D Reference: http://www.consumer.ftc.gov/articles/0003-phishing

QUESTION NO: 171 Which of the following security concepts establishes the notion that a user should only be given sufficient access to the resources they need to perform their job function? A. Deny all B. Allow all C. Most privilege D. Least privilege

Answer: D Reference: http://www.cs.cornell.edu/fbs/publications/leastPrivNeedham.pdf

QUESTION NO: 192 A technician recently setup a new wired network and wants to ensure only their computers can use it. Which of the following is the MOST secure way to accomplish this? A. Make sure the computers are using strong passwords. B. Enable an intrusion detection system. C. Assign the computers static IP addresses. D. Disable the extra ports on the router.

Answer: D Reference: http://www.geekzone.co.nz/forums.asp?forumid=66&topicid=10968

QUESTION NO: 174 Which of the following is BEST used to prevent other people from viewing a user's computer screen? A. Anti-virus software B. Key fob C. Biometric device D. Privacy filter

Answer: D Reference: http://www.privacyscreens.co.uk/howitworks.php

QUESTION NO: 166 Which of the following features helps to prevent shoulder surfing? A. Native resolution B. Auto adjust C. Degaussing D. Privacy screen

Answer: D Reference: http://www.secure-it.com/shop/index.php/cPath/38

QUESTION NO: 203 A user has a perimeter firewall and up-to-date antivirus software. The user is asking what else they can do to improve their security. Which of the following will have the MOST impact on network security? (Select TWO). A. Install additional antivirus software B. Disable screen savers C. Conduct a daily security audit D. Assign security rights based on job roles E. Use strong passwords

Answer: D,E Explanation: To improve security, assign security rights based on job roles. You need to give least amount of privilege to users so that they can do their jobs without having access to resources that have nothing to do with their job roles.

QUESTION NO: 134 Which of the following is MOST effective in preventing security breaches on a network? (Select THREE). A. Bandwidth throttling B. Eliminate password history C. Enable QoS D. Antivirus software E. User education F. Enforced login/logoff hours

Answer: D,E,F Reference: http://www.esecurityplanet.com/network-security/how-to-prevent-security-breachesfrom- known-vulnerabilities.html

QUESTION NO: 151 A technician is trying to prevent a local application from reaching the web due to security concerns. Which of the following solutions could BEST prevent the application from reaching the web? (Select TWO). A. Configure the workstation for a static IP B. Disable all wireless network connections C. Remove shortcuts to the application D. Block the application in Windows Firewall E. Change network location to Work F. Reroute the web address in HOSTS file

Answer: D,F Explanation: Use Windows firewall to restrict an application from reaching the web. Alternatively you can also reroute the web address in the HOST file.


Kaugnay na mga set ng pag-aaral

The Functions of Proteins in the Human Body

View Set

FIN 3100 Chapter 6 Review Questions Bonds and Bond Valuation. Your Welcome :)

View Set

ভেক্টর ইসহাক স্যার

View Set