802 Security v.3 full set
The practice of following an authorized person through an entrance without using a badge to defeat security is called: A. tailgating B. spamming C. shredding D. phishing
A
Which of the following are examples of physical security? (Select TWO). A. Badges B. Anti-virus C. Encryption D. Firewalls E. Locked doors
A,E
A user has setup a SOHO and needs to implement a network configuration that allows for sharing of devices and files across the network without the complexity of a centralized server. Which of the following would be MOST appropriate? A. PAN B. WorkGroup C. Domain D. WAN
B
For any given 802.11n wireless Internet signal, which of the following is needed to establish a connection? A. MAC address filtering B. Windows password C. Proper SSID D. SSL certificate
C
A client has asked a technician about drive sanitation and wants to know what the difference is between overwriting a drive and formatting a drive. Which of the following would be the BEST response from the technician? A. "Overwriting writes 1s and 0s to a hard drive replacing the data, while formatting only clears the reference to the data and only overwrites as space is used." B. "Nothing is different. They both destroy the data so no one can recover it." C. "Overwriting writes 1s and 0s to the drive replacing only the user's data but not the OS data, while formatting destroys the hard drive." D. "Overwriting replaces all the data with a single file that fills the hard drive destroying the data, while formatting erases all the data."
A
A technician is trying to setup a non-domain user account on a workstation, but receives the following error message "Password does not meet the complexity requirements." Which of the following utilities should the technician use to identify the criteria? A. Local Security Policy B. Users and Groups C. Performance Monitor D. MSCONFIG
A
A user does not want their kids to be able to install software on their home desktop. Which of the following types of accounts should the user set up in Windows 7? A. Standard B. Remote Desktop Users C. Administrator D. Power User
A
A user receives a phone call from a person claiming to be from technical support. This person knows the user's name and that the user has Windows installed on their computer. The technician directs the user to open Event Viewer and look at some event log entries to demonstrate the effects of a virus on the computer. The technician also asks the user for their user ID and password so that they can clean the computer. This is an example of which of the following security threats? A. Social engineering B. Phishing C. Malware D. Virus
A
A user regularly has to walk away from their computer and is worried someone may access their workstation. Which of the following would BEST prevent this? A. Lock the workstation B. Shutdown the computer C. Logon using the unprivileged guest account D. Set the screensaver password
A
A user reports that every time they use a search engine and click on a link to go to a website, they instead are taken to a site blocked by their company's content filter. The user is not trying to go to the blocked site and needs to be able to successfully use the search engine to complete their assignment. Which of the following tools would a technician use to BEST resolve this issue? A. Anti-malware software B. Factory pre-installation C. System restore D. Recovery console
A
An administrator is concerned about users accessing network shares outside of their job role. Which of the following would BEST prevent this? A. Set up shares with permissions based upon group membership. B. Implement a written policy addressing the issue for all users. C. Monitor access to the network shares using SNMP. D. Prevent remote logins to all network shares and drives.
A
Browser redirection is caused by which of the following types of viruses? A. Hijack B. Trojan C. Worm D. Keylogger
A
For the last year, a company has gathered statistics on the most common security incidents. The highest percentage deals with opening email attachments that contain malware. Which of the following would mitigate this issue without reducing productivity? A. Annual cyber security education B. Update antivirus signatures more often C. Block all email attachments D. Install an IPS on each workstation
A
IT suspects that other people are frequently making changes to a computer when a user leaves their desk. Which of the following security policies can be implemented in order to prevent this situation? A. Auto-lock B. Password complexity C. Change the default username D. Disable the guest account
A
In order to prevent other users from editing files in 'C:\ Files', which of the following steps should be taken? A. Set NTFS permissions to read only B. Set the folder to index files for search C. Set the local administrator as the owner of the folder D. Set network share permissions to read only
A
Which of the following is a security threat that uses email to trick users? A. Phishing B. Virus C. Spyware D. Shoulder surfing
A
Which of the following is solely designed to avoid detection by an antivirus program by using the underlying operating system to its advantage? A. Rootkit B. Virus C. Trojan D. Worm
A
Which of the following security measures is usually found in a laptop? A. Biometrics B. Bollard C. Hypervisor D. Key fobs
A
Which of the following security threats do shredders help prevent? A. Dumpster diving B. Malware C. Phishing D. Worms
A
Which of the following security threats requires the attacker to be physically located near the target machine? A. Shoulder surfing B. Social engineering C. Phishing D. Rootkit
A
Which of the following would be the BEST way to combat social engineering? A. User education B. Deny social networks through the firewall C. Badges D. Strong password usage
A
Which of the following would be the QUICKEST means of removing data from a hard drive, when there is no consideration regarding the total destruction of the data? A. Standard format B. Low level format C. Overwrite program D. Drive wipe
A
A technician must secure company documents from accidental disclosure. Which of the following should be implemented? (Select TWO). A. User training B. Anti-malware C. Paper shredding D. Time of day restrictions E. Employee badges F. Mantraps
A,C
A user has just purchased a wireless router for their home. Which of the following should be done to BEST secure the router from unauthorized access? (Select TWO). A. Change router default logins B. Change the security settings on their computer C. Set encryption on the router D. Update router firmware E. Change the encryption on the computer's wireless adapter
A,C
A technician is configuring a PC that will have confidential information stored on it. To ensure that only authorized users can access this PC, which of the following should the technician do? (Select TWO). A. Disable the guest account B. Install antivirus applications C. Disable DHCP D. Change the SSID E. Change the default username
A,E
A client has a computer that is infected with several viruses and spyware. Which of the following should the technician perform FIRST before spyware removal? A. Run Windows Update B. Disable system restore C. Run the chkdsk /r command D. Disable network cards
B
A company is experiencing issues with third parties tailgating authorized users during entry to secure server rooms. Which of the following would BEST alleviate this problem? A. Retinal scanners B. Mantraps C. Door locks D. Smart card badges
B
A company recently had a security breach and is now required to increase the security on their workstations. A technician has been tasked to harden all the workstations on the network. Which of the following should the technician do? A. Enable Windows automatic updates B. Enable screensaver required passwords C. Enable MAC filtering D. Enable wireless encryption
B
A pest exterminator tries to gain access to a company's computer lab, but the receptionist does not see an extermination scheduled on the calendar and denies the exterminator access to the lab. Which of the following security threats almost occurred? A. War driving B. Social engineering C. Shoulder surfing D. Phishing
B
A technician enabled remote management on the small office WAP to manage this device from another location. Users are reporting that the WAP has changed its SSID without anyone's knowledge. Which of the following would prevent this from occurring? A. Change to user MAC filtering B. Change default usernames and passwords C. Disable the SSID from broadcasting D. Enable static IP addresses
B
A technician has installed the hardware for a SOHO wired network. Which of the following is the FIRST step to securing the network? A. Enable MAC filtering B. Change default usernames and passwords C. Disable unused ports D. Assign static IP addresses
B
A technician is implementing a SOHO wireless network for Company A that shares a floor with Company B. Which of the following would BEST secure the wireless network so that only Company A employees are allowed access? A. Turning down the radio power level B. Enabling MAC filtering C. Setting a high encryption level D. Disabling the SSID broadcast
B
A technician wants to ensure that only authorized administrators can make configuration changes to the company's wireless router. Which of the following MUST the technician change to prevent unauthorized users from modifying the access point configuration? A. MAC address filters B. Manufacturer password C. Default SSID D. Configure encryption
B
A user is reporting that they are clicking on search results and being redirected to the wrong sites. Which of the following should a technician check FIRST? A. Temporary Internet Files B. Proxy Settings C. Cookies D. Windows Firewall
B
After being infected with a virus, a user's computer does not recognize the user as having local administrator rights to the computer. After troubleshooting the issue, a technician determines the computer needs to be rebuilt and data needs to be restored from the user's backup. Which of the following tools would BEST reset the computer to how it worked when first purchased? A. Recovery Console B. Factory restore CD C. Anti-malware software D. System Restore
B
After several passes with a malware removal program, the program keeps detecting the same malware infection after a reboot. Which of the following should be done to attempt to remove the offending malware? A. Run the malware removal program while disconnected from the Internet B. Run the malware removal program in Windows Safe Mode C. Reinstall the malware removal program from a trusted source D. Set the malware removal program to run each time the computer is rebooted
B
An unauthorized user observing system security procedures is known as: A. a worm. B. shoulder surfing. C. phishing. D. spyware.
B
Phishing is: A. an infection that causes a web browser to go to a different site than the one intended from a search result page. B. a technique used to obtain financial information from a user mimicking a legitimate website. C. an infection that causes a computer to behave erratically by playing music and launching browser windows. D. a technique used to obtain financial information from a user by compiling information from social networks and their friends.
B
Turnstiles and other mantraps will prevent which of the following security threats? A. Shoulder surfing B. Tailgating C. Rootkits D. Viruses
B
When securing a small office home office (SOHO) that has empty cubicles with unused network ports, which of the following can be used to secure ONLY the unused ports? A. Use DHCP addressing on the network. B. Disable the ports on the router or switch. C. Power down the router when it is not being used. D. Disable DNS on the network.
B
Which of the following BEST describes the security term known as tailgating? A. Propping open a secure entrance to gain later access B. Following behind someone when entering a secure area C. Removing files from a site using a hidden USB drive D. Using someone else's logged in computer to access files
B
Which of the following can be achieved with Group Policy to help with workstation security measures? A. BitLocker password B. Complexity requirements C. BIOS password D. Wake on LAN
B
Which of the following has the HIGHEST level rights? A. Standard User B. Power User C. Guest User D. Remote Desktop User
B
Which of the following is considered a method of physical security? A. Strong passwords B. Cipher locked doors C. NTFS D. Firewall
B
Which of the following security controls would be an example of the least privilege principle on a home PC? A. Install antispyware on the PC. B. Create a standard user account for kids. C. Store all financial data in a separate folder. D. Disable the firewall for online gaming.
B
Which of the following security threats does NOT use software to extract sensitive information or credentials? A. Grayware B. Shoulder surfing C. Malware D. Man-in-the-Middle exploits
B
Which of the following security threats involve shoulder surfing and phone phishing? A. Man-in-the-Middle B. Social engineering C. Trojan virus D. Spyware
B
Which of the following user accounts should be disabled to adhere to security best practices? A. Standard user B. Guest C. Administrator D. Power user
B
Which of the following utilities would a technician use on a Windows Vista or Windows 7 machine to configure what applications are allowed to send/receive data over the LAN connection? A. Users and Groups B. Windows Firewall C. Registry Editor D. Task Scheduler
B
QUESTION NO: 129 Which of the following security threats are MOST often delivered via email? (Select TWO). A. Rootkits B. Phishing C. Shoulder surfing D. Social engineering E. Spam
B,E
When setting up a new wireless router, which of the following actions should the technician take FIRST in order to secure the network? (Select TWO). A. Disable unused ports B. Change the SSID C. Position the antennas to prevent outside access D. Enable MAC filtering E. Change the default user name
B,E
A PC has sensitive data that must be destroyed, before the PC is redeployed. A technician has been tasked with completely wiping the PC hard drive. Which of the following methods is BEST for the technician to use? A. Quick format B. FDISK C. Low level format D. Standard format
C
A company is looking to donate a collection of old PCs that are no longer needed. Which of the following data destruction methods would be MOST secure for highly sensitive information? A. Simple 1-pass zero overwrite B. Low level 3-pass random wipe C. Low level 7-pass random wipe D. High level format 10 times
C
A company wants to prevent non-authorized users from entering into a secure building. Which of the following will BEST mitigate this activity? A. Train users on tailgating B. Implement an escort policy C. Install mantraps D. Require all users to have badges Answer: C
C
A technician is installing a webcam in a nursery for a user to monitor their baby. The user wants to ensure that the webcam is not broadcasting externally. Which of the following would the technician implement on the SOHO router to prevent the broadcast? A. Enable MAC filtering B. Enable static IPs C. Block the outbound port D. Change the default SSID
C
A technician needs to change the minimum password length to 8 characters to make it more secure. Which of the following system settings should the technician configure? A. Windows Firewall B. Windows Security Center C. Local Security Policy D. System Configuration
C
A user gets a warning from their ISP about illegally downloading copyrighted movies. The user insists that they did not download any movies and calls a technician to implement stronger small office home office (SOHO) security. Which of the following will allow only known workstations to connect to the SOHO router? A. WPA password B. Static IPs C. MAC filtering D. WEP password
C
A user installed a new SOHO router and new wireless NICs to increase their transmission speed from 802.11b to 802.11g with the manufacturer's default settings. The user lives in an apartment building and is still experiencing slowness to the Internet after the installations. Which of the following is the MOST secure option that a technician could implement to resolve this issue? A. Hide the SSID B. Assign static IP addresses C. Enable MAC filtering D. Disable the WAN port
C
A user is experiencing slow performance with their computer. A technician suspects the computer has a virus and runs antivirus software. A virus is found and removed, but the performance issue is not resolved. Which of the following should the technician perform NEXT? A. Document findings, actions, and outcomes B. Establish a plan of action to resolve the problem C. Re-establish a new theory or escalate D. Implement preventative measures
C
A user receives an unsolicited call from a technician claiming to be from a Microsoft certified partner. The technician tricks the user into allowing them access to their PC because of malware alerts that were being broadcasted. Which of the following attacks is this user a victim of? A. Shoulder surfing B. Phishing attack C. Social engineering D. Malware infection
C
An employee at a company lost their mobile device that contains proprietary information. Which of the following methods is the BEST to be implemented to prevent unauthorized users from obtaining this information? A. Lock screen pattern B. Cancel mobile service C. Remote wipe D. Six character password
C
In a SOHO wireless network, which of the following prevents unauthorized users from accessing confidential data? A. Reduce broadcast power B. Change SSID name C. Set encryption D. Enable MAC filtering
C
Privacy filters applied to users computer screens are used to combat which of the following security risks? A. Rootkits B. Spear phishing C. Shoulder surfing D. Social Engineering
C
When securing a new wireless router, which of the following should be changed FIRST? A. Default SSID B. Radio power levels C. Default password D. DHCP settings
C
Which of the following can enable a technician to remove a virus that prevents users from updating their antivirus software? A. Recovery console B. REGEDIT C. Safe mode D. MSCONFIG
C
Which of the following encryption standards is found on older wireless devices and provides minimal security? A. WPA B. WPA2 C. WEP D. AES
C
Which of the following identifies traffic based upon its physical network address? A. Phishing B. Hashing C. MAC filtering D. Geotracking
C
Which of the following is TRUE about the difference between a worm and a virus? A. Worms are written in assembly while viruses are written with scripting languages. B. Viruses hide in the boot record while worms hide within the file system. C. Worms self propagate while viruses need human intervention to replicate. D. Viruses disable the antivirus update service while worms kill the antivirus process.
C
Which of the following is the MOST secure method, short of physical destruction, that would be used to ensure that data on a hard drive cannot be recovered? A. Use a degaussing tool B. Format the drive C. Use an overwrite program D. Repartition the drive
C
Which of the following passwords is the MOST secure according to industry best practices? A. VeryStrongPassword B. SimpleAnswer1234 C. E@sy2Remember D. thisisthecorrectanswer1
C
Which of the following security threats is BEST mitigated through proper user training? A. A Worm B. Rootkits C. Social Engineering D. Browser Adware
C
Which of the following should a technician implement to prevent external contractors from physically plugging devices into the company's network jacks unless such jacks are designated for guest use? A. Disable DHCP and assign a static IP address to each network device physically connected to the network. B. Enable MAC address filtering across all network jacks and record the MAC address of guest devices. C. Disable all switch ports when they are not utilized and enable them on an as needed basis. D. Place guest network jacks in public areas and all other jacks in secure areas as needed.
C
Which of the following areas of a file system should a standard user have restricted permissions to in order to promote a security best practice? (Select TWO). A. Temporary Internet Files B. My Document Files C. Windows System Files D. Network Files E. Program Files
C,E
A company wants to ensure that the latest cyber security threats are known to the employees across the enterprise to minimize occurrences. Which of the following should be implemented? A. Message of the Day B. Email lists C. Company forums D. Regular user education
D
A computer program that functions normally while quietly installing malicious software on a machine is known as a: A. DDoS attack. B. Worm. C. Phishing attack. D. Trojan.
D
A customer needs to setup their laptop for use with a proxy server to browse the web at work. Which of the following areas would a technician need to visit to configure this on a Windows 7 system? A. System Protection B. Security Center C. Windows Firewall D. Internet Options
D
A technician has configured the ability to connect to a small office server using remote desktop from a workstation within the office. The technician has reviewed logs that show constant brute force attacks to that server from outside the network. Which of the following would prevent this from occurring? A. Configure the server to use a static IP B. Logically move the server to the DMZ C. Reallocate the server to a different networking closet D. Disable the remote desktop port
D
A technician is tasked with improving the security of a SOHO network. The office is comprised of a single wireless router located under the front desk where the office manager sits. All desktop computers are wired into the router which is configured with strong device credentials. Additionally, wireless is disabled on the router. Which of the following should the technician perform NEXT to improve the security of the SOHO network? A. Disable the router's remote management feature. B. Enable WPA2 wireless encryption. C. Change the router's default admin name and password. D. Place the router in a locked room.
D
A technician recently setup a new wired network and wants to ensure only their computers can use it. Which of the following is the MOST secure way to accomplish this? A. Make sure the computers are using strong passwords. B. Enable an intrusion detection system. C. Assign the computers static IP addresses. D. Disable the extra ports on the router.
D
A technician would like to limit computer access to certain users. Which of the following should be configured? A. Advanced security B. Boot.ini file C. System configuration D. Local security policy
D
A user is advised by the software vendor that the user must have elevated privileges in order to run a program. The user should do which of the following to BEST accomplish this? A. Run in Windows XP compatibility mode B. Run the program in a virtual PC environment C. Log out of the system and login under another user's name D. Right click select "run as" and select administrator
D
A user wants to prevent access to specific websites to prevent their children from accidently accessing them. Which of the following can be implemented? A. A switch B. Antivirus software C. Antispyware software D. A firewall
D
A user wants to quickly install the most recent security patch released. Which of the following options can be selected from the Windows Update website? A. Custom settings B. Advanced settings C. Automatic settings D. Express settings
D
An Internet browser's cookie could be classified as which of the following? A. Rootkit B. Phishing C. Malware D. Spyware
D
An attack that creates a website that looks like another website, with the purpose of learning someone's account information is called which of the following? A. Virus B. Shoulder surfing C. Trojan D. Phishing
D
The benefit of MAC filtering in wireless networking is that the network: A. is encrypted. B. is not visible. C. uses static IP addresses. D. is more secure.
D
Which of the following allows a user to reset their password with a series of security questions that only the user should know? A. Permission propagation B. Administration C. Verification D. Authentication
D
Which of the following common security threats could be occurring when a user calls and requests his co-worker's password? A. Shoulder surfing B. Spyware C. Phishing D. Social engineering
D
Which of the following features helps to prevent shoulder surfing? A. Native resolution B. Auto adjust C. Degaussing D. Privacy screen
D
Which of the following helps to prevent virus infections from USB flash drives? A. Strong passwords B. Password protected screen savers C. Disabling the guest account D. Disabling the autorun feature
D
Which of the following is BEST used to prevent other people from viewing a user's computer screen? A. Anti-virus software B. Key fob C. Biometric device D. Privacy filter
D
Which of the following scenarios BEST defines phishing? A. A user receives an email from a friend to download a picture but the file format ends in .exe. B. A user receives a pop-up message about a virus from a company that states that if they buy this product it will remove the virus. C. A user receives a message about unwanted activity from their antivirus asking to remove the suspect file. D. A user receives an email from a person in another country with a story as to why they need help with a financial arrangement.
D
Which of the following security best practices would prevent a program on a CD from immediately launching when inserted into a computer? A. MSCONFIG >Startup Tab B. Disable the Guest account C. Rename the Administrator account D. Disable autorun E. Restrict user permissions
D
Which of the following security concepts establishes the notion that a user should only be given sufficient access to the resources they need to perform their job function? A. Deny all B. Allow all C. Most privilege D. Least privilege
D
Which of the following security threats is defined by its self propagating characteristic? A. Virus B. Rootkit C. Trojan D. Worm
D
Which of the following should a technician do LAST after cleaning up a virus infection? A. Enable system restore and create restore point B. Update antivirus software C. Schedule scans and updates D. Educate the end user
D
Which of the following user accounts should be renamed to adhere to security best practices? A. Power user B. Guest C. Standard user D. Administrator
D
A user has a perimeter firewall and up-to-date antivirus software. The user is asking what else they can do to improve their security. Which of the following will have the MOST impact on network security? (Select TWO). A. Install additional antivirus software B. Disable screen savers C. Conduct a daily security audit D. Assign security rights based on job roles E. Use strong passwords
D,E
Which of the following is MOST effective in preventing security breaches on a network? (Select THREE). A. Bandwidth throttling B. Eliminate password history C. Enable QoS D. Antivirus software E. User education F. Enforced login/logoff hours Answer: D,E,F
D,E,F
A technician is trying to prevent a local application from reaching the web due to security concerns. Which of the following solutions could BEST prevent the application from reaching the web? (Select TWO). A. Configure the workstation for a static IP B. Disable all wireless network connections C. Remove shortcuts to the application D. Block the application in Windows Firewall E. Change network location to Work F. Reroute the web address in HOSTS file
D,F