2.0 Security
The computer locks after a certain amount of time has transpired.
A technician is completing a project and steps away from the computer to get a cup of coffee. Knowing that safeguards are in place, what will the computer do during the technician's absence?
Drilling
A technician is destroying disks containing organizational documents. What method involves the technician using a tool to punch holes through the disk?
It uses a connect-the-dot approach to unlock the device.
An employee reviews available screen lock features on their new corporate device. What is unique to pattern screen locks?
Administrator
The User Account Control (UAC) feature in Windows has a concern with what type of user account on a Windows machine?
Incinerating
A company has tasked a software engineer with destroying archived data that has reached its retention requirements. The engineer uses a technique, exposing the disk to high heat that melts it. What is the name of this destruction technique?
Change the default password.
A company has tasked a technician with installing a system in a new complex. What should be the technician's first step when creating the administrator account?
Shredding
A company has tasked a technician with physically destroying disks containing organizational data. What method grinds the disk into tiny pieces?
The technician exposes the disk to a powerful electromagnet.
A company has tasked a technician with the destruction of 15 discs. After reviewing the approved list of destruction methods, the technician elects to degauss the disks. What is degaussing?
The CFO's system has a keylogger installed.
A company's CFO notices an extremely small USB dongle plugged into their laptop. It is not associated with any of the wireless devices the CFO uses, and the device does not have any logo printed on it. After speaking with the IT service desk, the CFO mentions that he has received some emails lately about changes to various online accounts that he did not initiate. What conclusion may the service desk technician come to after hearing this statement?
Virus, Trojan, Worm
A computer science student is taking beginner-level classes on information security. The course discusses malware vectors, a method by which the malware executes on a computer. The student then learns about which of the following common vectors? (Select all that apply.)
Shoulder surfing
A concerned employee has noticed that a co-worker seems to always quietly approach other co-workers from behind and carefully watch the actions they are doing on their computers. Others have also reported that this co-worker will watch an employee for an extensive amount of time before saying anything to the employee working on the computer. What social engineering tactic could be suspect in this situation?
Erasing/wiping
A consultant is reviewing the organization's policy on approved data destruction methods. In reviewing the available approaches, what ensures that old data gets destroyed by writing to each location on a hard disk drive?
Standard formatting
A consultant wants to sanitize some of the organization's disk drives. What deletes partitions and writes a new file system?
Perform OS reinstallation.
A customer brings a PC into a local computer repair shop believing it may have a virus. After some investigation into the problems, the technician deems that there are so many viruses and malware on the system that there really is only one appropriate avenue to take to give the customer the security of knowing the PC is free and clear of the viruses and malware. What remediation will the technician perform?
Fingerprint recognition
A cyber engineer is conducting an evaluation of current screen lock capabilities for corporate mobile devices. What type of screen lock uses a sensor to scan the unique features of a user?
Third-party vendor
A cyber team has elected to use outside sources to assist in recycling and destroying company records maintained on disks. What (or who) provides a certificate of destruction?
Certificate of destruction/recycling
A cyber team uses a third-party vendor to assist in disposing drives taken from the company's legacy computers. What should the third-party vendor provide the cyber team?
Use upper and lowercase letters., Use symbols or special characters.
A desktop technician must configure a Windows workstation with a local administrator account to be accessible when the network is not available. Unfortunately, initial attempts to set up the account during the Windows deployment phase failed due to local security password policies on the Windows image. What password best practices can help the technician properly set up the local administrator account password during this initial deployment? (Select all that apply.)
Boot sector virus
A fairly new level one help desk technician has worked hard to remove some malware infections on a user's computer. However, similar infections reappeared once the technician cleaned up and restarted the computer. What malware vector is manifesting in this situation?
Lighting, Video cameras, Security guards
A group of employees has voiced concerns about not feeling safe when walking to and from their cars in the parking lot. Since the building is not in a safe neighborhood, they feel like someone could easily hide and attack people during certain shift changes. What could the company implement to help these employees feel safer? (Select all that apply.)
EAP
A growing company has just recently implemented a Windows domain and is building out its Active Directory structure. They have asked a network services company if they can manage access to their wireless network using permissions in the new domain. A network engineer tells them this is certainly achievable using this particular protocol.
Multifactor authentication
A healthcare company wants a security engineer to secure access to its critical internal resources and data with more than just a username and password. What access control measure would the security engineer suggest the company implement to provide an extra layer of security?
Failed attempt locks
A help desk technician assists an employee having issues with their corporate device. According to the employee, the Face ID feature is not working. The technician observes the employee's actions, and after a few attempts, the screen produces a message stating, "try again in five minutes." What has occurred in this situation?
Disable USB ports., Activate BitLocker To Go.
A large corporation has ordered all branch offices to secure office data to prevent unauthorized access to data in the case of theft. The change applies company-wide via a security policy for easy deployment. What does a computer technician need to address to fulfill these orders? (Select all that apply.)
Cryptominer
A malicious hacker sets out to create a botnet to deploy onto a mass number of computers to perform complex blockchain calculations for obtaining digital coins. What malware payload will accomplish this task?
Disable System Restore., Educate the end user.
A managed service provider company has adopted CompTIA's seven-step best practice procedure for malware removal. A technician is about to attempt to remove a malware infection according to these best practices. Which step will the technician take in the overall process of removal? (Select all that apply.)
WPA2
A managed services technician works with a customer to properly secure the home office Wi-Fi network. The customer states that they use Wi-Fi Protected Access with Temporal Key Integrity Protocol to secure wireless network traffic. However, the technician advises against this solution, as a malicious actor can easily find the encryption key. What would provide for stronger encryption with AES and CCMP for securing Wi-Fi traffic?
Access control vestibule
A manufacturing plant plans to have cash payments for products sent to their facility for processing. To provide a proper physical security entrance into the area where personnel will handle the cash, a security vendor may suggest what particular automated solution best ensures that only one employee can enter and exit this area at a time?
Kerberos
A medium-sized office has a growing number of employees whom all need access to the wireless network. Each employee has an individual Windows domain account and wireless network access account. What protocol or service could the office implement to allow users to use one account, granting them access to the wireless network and the domain?
Encryption key pair, Digital certificate
A network engineer wants to implement a strong EAP-TLS method using multifactor authentication in an enterprise environment. The engineer must configure the Remote Authentication Dial-in User Service (RADIUS) server and the wireless supplicant with which of the following components? (Select all that apply.)
WPA2
A network security analyst works with a small business to properly secure their Wi-Fi network. The owner states that they use Wi-Fi Protected Access with Temporal Key Integrity Protocol to secure wireless network traffic. The analyst advises against this solution since a threat actor could easily find the encryption key. What would strengthen encryption with AES and CCMP for securing Wi-Fi traffic?
Grant users the minimum possible rights necessary to perform the job.
A new data security technician is learning many foundational principles of logical security controls concerning critical data. The technician notices a lot of effort and conversations from colleagues with clients around the concept of least privilege. What is the goal when it pertains to implementing least privilege?
WPA3
A new local coffee shop would like to provide customers with free Wi-Fi access. In addition, they would like to provide a secured wireless connection without using a pre-shared passphrase. Which type of protected access should the coffee shop use to meet these requirements?
Evil twin
A person visits a local library frequently with their laptop to use the Wi-Fi to complete school assignments and check social media. One day, the user notices that the wireless network name or the Service Set Identifier (SSID) is slightly different from normal. As a result, the user connects to the Wi-Fi and is automatically brought to a Facebook web page with fields to enter their Facebook username and password. What type of attack has occurred here?
It allows a user to control traffic within a network.
A remote associate attempts to configure their home router firewall. What is the benefit of using IP filtering?
IP filtering
A remote employee is reviewing their home router firewall configuration. What protects a network by allowing users to control what traffic to permit in and out of the network?
Lack of a secure baseline configuration for personal devices
A school district is working on a plan for a future bring your own device (BYOD) program for students. They would like to provide connectivity due to the rural location of the building and limited cell phone service. What concern would the network security team have with this plan?
AES GCMP
A security engineer is attending a training session based on newer network security best practices. However, regarding Wi-Fi protected access (WPA), they learn that WPA3 replaced WPA2 with its accompanying encryption standard stack. With WPA3, what other cipher/protocol stack replaced them?
Email, Voice call, Short message service
A security engineer is designing a multifactor solution for certain approved users to access highly-sensitive information on the company's intranet. The engineer will require a soft token code provided by what medium to the user? (Select all that apply.)
Fingerprint reader, Palmprint scanner, Retina scanner
A security vendor contracts with a banking firm to provide access control to highly secured areas. The banking firm wants to grant access via biometric data. What would be suitable to use in this case? (Select all that apply.)
TACACS+
A senior network engineer wants to provide the organization's staff with a convenient yet secure method for authenticating and administrating all the company Cisco routers, switches, and access points. What Authentication, Authorization, and Accounting (AAA) protocol would provide the best solution for this?
Hard token
A senior-level government agency wants to implement multifactor authentication. However, they specifically do not want any user's mobile device to be a part of the solution as it could compromise them. What authentication method would be a possible solution?
Home folders
A small company has just set up a Windows domain environment and would like to add functionality for their users to save personal work-related documents on a designated file server to protect files from being lost on their PCs. What solution would allow this functionality?
Disable autorun., Disable autoplay.
A software engineer drafts a policy on execution control, emphasizing trusted/untrusted software sources. What should the engineer disable to ensure infections are not on a company device? (Select all that apply.)
To reset a disk to its factory condition
A specialist reviews the company's approved data destruction methods in preparation to decommission a set of legacy computers. What is the function of low-level formatting tools?
Non-compliant system
A systems administrator is auditing the settings of a group of web servers. The administrator notices that a few of the servers also have file services and database roles installed and are not in line with the documented configuration of the company's standard web servers. What vulnerability are these systems experiencing?
Restrict user's permissions., Restrict login times., Use timeout/lock screens.
A technician develops the organization's account policies and incorporates controls to safeguard the company system infrastructure. What are account policies? (Select all that apply.)
Hub/control system, Smart device types, Wireless mesh networking
A technician drafts a report on internet of things (IoT) security. What type of components uses an IoT network? (Select all that apply.)
Facial recognition
A technician is creating an organizational best practice guide using screen locks on work devices. What method uses infrared scanning and 3-D imaging to identify the unique features of the user?
To reset the phone to factory settings
A technician is preparing a corporate presentation on the use of locator applications for organizationally-owned devices. What is NOT a feature of a locator application?
It allows unauthenticated access to the computer and may provide network access.
A technician is reviewing the organization's account management policies. Why should the technician disable a guest account?
It allows a device that is not physically available to be reset to factory settings.
A technician is reviewing the standard operating procedure after an employee reports that they have lost their company laptop. What is the value of using remote wipe?
It provides a networking protocol framework, allowing networked devices to discover the network.
A technician is working on the organization's network and connecting to corporate devices. What is a benefit of UPnP?
Screensaver lock
A technician is writing a policy on workstation security. What can a user accomplish on a Windows machine by hitting START+L on the keyboard?
OS update
A technician reviews the organization's policies on mobile security software. What is critical for all corporate devices and ensures they are up-to-date?
Firewall
A technician reviews the team's best practice guide for mobile security software. What can the technician use to monitor app activity and prevent connections to ports or IP addresses?
Low-level formatting
A technician wants to reset a disk to its factory condition. What can the technician use to accomplish this task?
Restricted the user's login time to access the system.
A technician works on the organization's account management matrix and disables user access for Saturdays and Sundays. What action does the technician complete?
The account becomes disabled for not entering the correct credential.
A technician works with an employee who got locked out of their company device. What best describes a failed attempt lockout?
Ransomware attack
A user makes a frantic call to their company's IT help desk. The computer displays a message that Homeland Security has tracked malicious terrorist activity to the user's work laptop. The only information they see to remove the message is a link to a Bitcoin wallet that requests payment. What type of infection is this user experiencing?
A certificate is self-signed., A certificate has expired., There is a server name mismatch in the certificate.
A user thinks there may be a virus on their computer, calls into an IT help desk, and states that when browsing certain websites, the browser gives a scary warning about the site possibly being unsafe. What could cause a browser certificate warning? (Select all that apply.)
Scan the computer in recovery mode.
A user's computer has an infection that renders the computer system unusable as soon as it boots up. After calling the support phone number for the system's antivirus software, the support technician gives the user a .iso file to help remove the infection. What will this file allow the user to do differently from removing the infection after the computer starts up?
Spoofing
After a recent data breach, a company's IT department has concluded that the breach started with a laptop that accessed the Wi-Fi to gain access to its resources. The company uses a passphrase and media access control (MAC) address filtering to restrict access to Wi-Fi. What type of attack gained access to the company's wireless network?
Go dumpster-diving behind the corporate offices.
After carrying out a campaign to gather data via e-mail and other electronic means, what else can an attacker do to gather personal information about a company owner without being in that person's presence?
Folder redirection
After switching a medium-sized office to a Windows domain, a systems administrator has had trouble getting buy-in from users when it comes to saving documents in redundant network shares. Users are adamant that they want to work out of the local Documents folder of their profile. What can the administrator implement to accomplish the goal of getting data to reside on network shares?
Software firewall settings, DNS configuration, Restore points
An IT security professional has finished removing a trojan malware infection using their company's enterprise anti-malware platform. What operating-system-specific validations would ensure no reinfections could occur? (Select all that apply.)
Unpatched system, Unprotected system, End of life OS
An IT support desk intern is learning about fundamental security concerns that any support desk should look to remediate. What can be a security vulnerability when it comes to managing multiple endpoints? (Select all that apply.)
The "Users" group can see everything in the share folder., The "Users" group can modify files in the share.
An administrator applies Share and New Technology File System (NTFS) permissions to a folder on a Windows server. The group "Everyone" has Read permissions to the share, and the "Users" group has modify permissions through NTFS permissions. Which of the following is a true statement? (Select all that apply.)
Tailgate into the offices., Impersonate an employee.
An attacker emailed many employees of a target company (that supports government organizations) with no success in gaining remote access through online social engineering. The attacker then scopes the company's corporate office to find an easy to manipulate employee. How may the attacker plan on infiltrating the office? (Select all that apply.)
It uses a simple hand gesture but provides no authentication.
An employee enables screen lock on their new corporate smartphone. What is a unique characteristic of using the swiping method?
It takes a request from an internet host for a particular service.
An employee is speaking with the help ticket office regarding their home router configurations for port forwarding. What is a tenet of port forwarding?
Vishing
An employee receives a phone call from someone in the IT department informing them that their computer has a virus. In a panic, the employee quickly follows the instructions from the caller to grant remote access to their workstation. Unfortunately, the employee notices that the application used for remote access is not the same as the application used in the past when someone from IT has remotely worked on their workstation. What kind of attack has the user just experienced?
Phishing
An employee receives an email from what looks to be the IT department informing the employee has a compromised password. In a panic, the employee clicks the provided web link in the email, enters their old password, and then enters a new password. The employee noticed that this is not how the IT department has had them change their password in the past. What kind of attack has the user just experienced?
Log off the device when not in use., Secure and protect hardware., Secure PII and passwords.
An engineer is creating a template for an end-user best practices guide. What assists in securing the workstation when the user steps away from the device? (Select all that apply.)
It orients users to the correct network.
An engineer is revising the organization's policy on home router LAN and WAN configurations for employees that work from home. What is beneficial in changing the SSID?
It uses a biometric scanner to identify the unique features of the user.
An engineer prepares an organizational course-based training module on the use of screen locks for corporate devices. What is unique to using the fingerprint method of screen locking?
Use the app if the phone is lost or stolen., Use the app to find misplaced phones., Use the app to lock the device remotely.
An engineer reviews the functionality and use of locator applications for mobile devices. What are the benefits of using a locator application? (Select all that apply.)
Antivirus/Anti-malware app
An engineer reviews the organization's policy on mobile security software. What works as a content filter to block access to known phishing sites and block adware/spyware activity?
Set up single sign-on (SSO).
An insurance company uses different web applications that handle finance, customer account management, and access to car and repair services. However, each application adheres to strict security access and authentication policies. How can web administrators configure these different web applications, so they are both secure and most convenient for users to access as soon as they log on to their workstation office?
Newer updates were not installed.
An office workstation, that is not connected to the internet, suffers a year-old vulnerability exploit. However, the workstation does have anti-malware software and specific local accounts for employees to use as a logon. Why were the workstation users unaware of the exploit on the workstation?
Shared secret
An organization has asked a network engineer why a particular wireless access point is not allowing users to authenticate to the company's network. Users can connect to other access points without issue. The engineer finds that the problem access point can find and connect to the Remote Authentication Dial-in User Service (RADIUS) server, but they do not trust each other. What is most likely NOT configured on the access point?
Unexpected communications, Inconsistent sender and reply to addresses, Disguised links and attachments
As a part of a company's overall information security plan, the security operations team sends out designed phishing emails to groups of users. Users who click links inside baited emails are then enrolled in training to help them spot phishing-type emails. What are some characteristics seen in typical phishing emails? (Select all that apply.)
Whaling
Company executives, like the Chief Information Officer (CIO), are the main target of which of the following attacks?
Set up the Windows BitLocker service.
Corporate pushes out a memorandum to improve the physical security of branch office workstations so that company data does not get stolen if someone breaks into the offices and steals hard drive disks (HDDs). How can an IT manager address this specific security concern when deploying new workstations?
Username and password, PIN
Employees at a secure facility must log on to office workstations with two-factor authentication (2FA). All employees access the building with a smart card. What 2FA methods are employees most likely using to access their workstations? (Select all that apply.)
Use their Microsoft account.
Employees have received their brand-new Windows 10 laptops to support a work-from-home initiative. Employees have already been using Office 365 applications in the office and are looking forward to picking up right where they left off. How should employees initially log on to their laptops?
AES
Network engineers are talking at a conference, reminiscing about legacy Wi-Fi security standards. Unfortunately, they could not remember the cipher that replaced Rivest Cipher 4 (RC4) at the advent of WPA2. What cipher are they attempting to remember?
Disable USB ports., Activate BitLocker To Go.
The Chief Information Officer (CIO) has mandated securing all office workstations to prevent unauthorized access to data in the case of thefts. How can a desktop technician configure an office workstation to adhere to the recent mandate? (Select all that apply.)
File-level encryption, Folder-level encryption
The encrypting file system (EFS) is primarily for what purpose on a Windows machine? (Select all that apply.)
Key fobs, Smart cards
The security team at a company wants to limit access to certain office areas to prevent theft and improve safety for employees. They would like to utilize door locks with badge readers and software that centrally manages access yet is still accessible with a physical key in case of emergencies or system outages. What objects could the company use in conjunction with the badge readers to grant access? (Select all that apply.)
Motion sensor
This type of alarm system utilizes either microwave radio reflection or passive infrared to trigger an alert threshold.
Dictionary attack
What type of attack occurs when an attacker may use software to guess another user's password using common words?
Power user account
What type of local account does a user's Windows computer utilize for legacy applications?
Administrator account
What type of local account on a Windows computer has full rights and privileges to everything on the system?
Application security
What type of safeguard mechanism triggers an action on a system based on specific processes and how they connect to other systems?
Rootkit
When dealing with this particular malware payload, users should be aware that there is the possibility that it can compromise system files and programming interfaces. For example, compromised local shell processes, such as Explorer or Task Manager on Windows, ps or top on Linux, and port-listening tools no longer reveal their presence. What is this particular malware payload?
Zero-day attack
Which of the following attacks are successful since there are currently no known patches to prevent it from happening?
PIN
Which of the following is most used to access the certificates on a smart card to log on to an account for a web application?
Kerberos
Which protocol allows access points to use Remote Authentication Dial-in User Service (RADIUS), or Terminal Access Controller Access Control System Plus (TACACS+), and Extensible Authentication Protocol (EAP) to tunnel credentials and tokens that allow a domain user to connect via a wireless client to authenticate to a Windows domain controller and use single sign-on authorization?
Port filtering
Windows Defender Firewall uses which security feature based on Transmission Control Port (TCP) or User Datagram Protocol (UDP)?
