Security+ Review Quiz 19
Which of the following answers refers to a privacy-related security risk connected with public sharing of pictures taken with smartphones? 1. Embedded geotag 2. Steganography 3. Weak passwords 4. Data ownership
1. Embedded geotag
The two factors that are considered important for creating strong passwords are: (Select 2 answers) 1. Password length 2. Minimum password age 3. Password history 4. Password complexity 5. Maximum password age
1. Password length 5. Maximum password age
Which of the following answers refers to a technology designated as a successor to SMS and MMS? 1. RCS (Rich Communication Services) 2. S/MIME (Secure/Multipurpose Internet Mail Extensions) 3. IM (Instant Messaging) 4. CMS (Content Management System)
1. RCS (Rich Communication Services)
A Secure Web Gateway (SWG) is a software component or a hardware device designed to prevent unauthorized traffic from entering an internal network of an organization. An SWG implementation may include various security services, such as packet filtering, URL/content filtering, malware inspection, application controls, Acceptable Use Policy (AUP) enforcement, or Data Loss Prevention (DLP). 1. True 2. False
1. True
A general characteristics of a standard user account is that it provides access to basic system resources but does not allow the user to make system changes. 1. True 2. False
1. True
In MS Windows environments, Guest account is an account for users who do not have a permanent account on a Windows computer or domain. People using this type of account cannot install software or hardware, change settings, create passwords, or access protected files and folders. However, because the Guest account allows the user to log on to a network, browse the Internet, and shut down the computer, it is recommended to keep it disabled when it isn't being used. 1. True 2. False
1. True
The term "Mobile hotspot" refers to a type of WLAN that enables network access through a mobile device that acts as a portable WAP. 1. True 2. False
1. True
In which of the mobile device deployment models a mobile device acts as a terminal for accessing data and applications hosted on a remote server? 1. VDI (Virtual Desktop Infrastructure) 2. CYOD (Choose Your Own Device) 3. BYOD (Bring Your Own Device) 4. COPE (Corporate Owned, Personally Enabled)
1. VDI (Virtual Desktop Infrastructure)
A mobile device deployment model that allows employees to use private mobile devices for accessing company's restricted data and applications is known as: 1. COPE 2. BYOD 3. JBOD 4. CYOD
2. BYOD
Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications? 1. UTM (Unified Threat Management) 2. CASB (Cloud Access Security Broker) 3. NGFW (Next Generation Firewall) 4. DMVPN (Dynamic Multipoint/ Virtual Private Network)
2. CASB (Cloud Access Security Broker)
In which of the mobile device deployment models employees can use corporate-owned devices both for work-related tasks and personal use? 1. BYOD (Bring Your Own Device) 2. COPE (Corporate Owned, Personally Enabled) 3. VDI (Virtual Desktop Infrastructure) 4. CYOD (Choose Your Own Device)
2. COPE (Corporate Owned, Personally Enabled)
A mobile device deployment model in which employees select devices for work-related tasks from a company-approved device list is known as: 1. VDI (Virtual Desktop Infrastructure) 2. CYOD (Choose Your Own Device) 3. BYOD (Bring Your Own Device) 4. COPE (Corporate Owned, Personally Enabled)
2. CYOD (Choose Your Own Device)
The practice of modifying a mobile device's operation in such a way that it can be used with any service provider is called: 1. Offboarding 2. Carrier unlocking 3. Jailbreaking 4. Rooting
2. Carrier unlocking
Which of the following terms refers to a modified mobile device equipped with software features that were not originally designed by the device manufacturer? 1. Jailbreaking 2. Custom firmware 3. Rooting 4. Sideloading
2. Custom firmware
Which of the following answers refers to a trusted third-party service for validating user identity in a federated identity system? 1. RA (Registration Authority) 2. IdP (Identity Provider) 3. CA (Certificate Authority) 4. Kerberos
2. IdP (Identity Provider)
Which type of user account violates the concept of non-repudiation? 1. Standard user account 2. Shared account 3. Guest account 4. Service account
2. Shared account
Which technology enables establishing direct communication links between two wireless devices without an intermediary Wireless Access Point (WAP)? 1. USB OTG 2. WiFi Direct 3. IEEE 802.3 4. WiMAX
2. WiFi Direct
Mobile device updates delivered over a wireless connection are known as: 1. WAP (Wireless Access Point) 2. UAV (Unmanned Aerial Vehicle) 3. OTA (Over The Air) 4. RAS (Remote Access Server)
3. OTA (Over The Air)
Which technology enables establishing direct communication links between two USB devices? 1. VDE (Virtual Desktop Environment) 2. GRE (Generic Routing Encapsulation) 3. OTG (On-The-Go) 4. DHE (Diffie-Hellman Ephemeral)
3. OTG (On-The-Go)
Allowing "Unknown Sources" in Android Security Settings enables: 1. Rooting 2. Carrier unlocking 3. Sideloading 4. Jailbreaking
3. Sideloading
Installing mobile apps from websites and app stores other than the official marketplaces is referred to as: 1. Jailbreaking 2. Rooting 3. Sideloading 4. Carrier unlocking
3. Sideloading
A mobile device's capability to share its Internet connection with other devices is referred to as: 1. Pairing 2. Clustering 3. Tethering 4. Bonding
3. Tethering
Which of the following account types is not designed for an end user use? 1. Guest account 2. Privileged account 3. Shared account 4. Service account
4. Service account
Which of the following can be used to verify the identity of a client while establishing a session over TCP port 22? (Select all that apply) 1. PIN 2. Digital certificate 3. IPsec 4. Username and password 5. SSH key
4. Username and password 5. SSH key
A strong password that meets the password complexity requirement should contain: (Select the best answer) 1. Uppercase letters (A-Z) 2. Digits (0-9) 3. Non-alphanumeric characters if permitted (e.g. !, @, #, $) 4. Lowercase letters (a-z) 5. A combination of characters from at least 3 character groups
5. A combination of characters from at least 3 character groups
