Study Guide 4
While Sonja was browsing on the Internet, a suspicous window popped-up asking her to click on a link. What keystroke combination can Sonja press to close her browser window without using her mouse?
ALT+F4
This Windows tool can encrypt the entire hard drive volume.
BitLocker
Some home networking equipment (such as a wireless router) come programmed with a default username. What is a best practice if you were to purchase this type of equipment?
Change both the default username and password.
Which action would help a technician to determine if a denial of service attack is being caused by malware on a host?
Disconnect the host from the network.
All users working with a particular Windows 10 computer are able to install unauthorized software. In addition to educating the users about correct security behavior, which action should also be performed to prevent this from happening?
Enable UAC on the computer.
A technician is troubleshooting a computer security issue. The computer was compromised by an attacker as a result of the user having a weak password. Which action should the technician take as a preventive measure against this type of attack happening in the future?
Ensure the security policy is being enforced.
What are two typical physical security precautions that a business can take to protect its computers and systems? (Choose two.) a. Implement biometric authentication. b. Replace any software firewalls with a hardware firewall. c. Disable the autorun feature in the operating system. d. Perform daily data backups. e. Ensure that all operating system and antivirus software is up to date.
Implement biometric authentication. Disable the autorun feature in the operating system.
This prevents a web browser from storing usernames, passwords, cookies, browsing history and temporary Internet files.
In-Private Browsing
You want to dispose of a 2.5 terabyte hard disc drive that contains confidential financial information. What is the recommended procedure to achieve this?
Smash the platters with a hammer.
True or False: Security threats can come from inside or outside of an organization.
True
A college uses virtualization technology to deploy information security courses. Some of the lab exercises involve studying the characteristics of computer viruses and worms. What is an advantage of conducting the lab exercises inside the virtualized environment as opposed to using actual PCs?
Virus and worm attacks are more easily controlled in a virtualized environment, thus helping to protect the college network and its devices from attack.
What is the most effective way of securing wireless traffic?
WPA2
Which three questions should be addressed by organizations developing a security policy? a. What insurance coverage is required? b. How should future expansion be done? c. What assets require protection? d. What is to be done in the case of a security breach? e. What are the possible threats to the assets of the organization? f. When do the assets need protecting?
What assets require protection? What is to be done in the case of a security breach? What are the possible threats to the assets of the organization?
Which question is an open ended question that could be used when helping a customer troubleshoot a Windows problem? a. Can you boot the operating system? b. What programs have you installed recently? c. Do you get a login prompt when the computer boots? d. Have you changed your password recently?
What programs have you installed recently?
Which question would be an example of an open-ended question that a technician might ask when troubleshooting a security issue?
What symptoms are you experiencing?
Which two security precautions will help protect a workplace against social engineering? a. ensuring that all operating system and antivirus software is up to date b. encrypting all sensitive data stored on the servers c. performing daily data backups d. ensuring that each use of an access card allows access to only one user at e. registering and escorting all visitors to the premises
ensuring that each use of an access card allows access to only one user at the time. registering and escorting all visitors to the premises
Security patches and service packs are used to keep _____________________________ up-to-date.
operating systems and applications
Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?
phishing
What is the name given to the programming-code patterns of viruses?
signatures
A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?
social engineering