Ch 08: Security Strategies and Documentation

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

During an upgrade for a new web server, Glen's company experienced a power surge. The power surge hit the new server, and now the company must troubleshoot the server. ​ What can the company implement that will get the website up and running without the new server?

Back-out plan

Currently James's company is using RADIUS for AAA services to connect wireless users to the Windows Active Directory domain. However, the company wants to upgrade to a Cisco-based wireless network and would like to upgrade the older RADIUS. ​ What will James recommend as an upgrade to RADIUS?

TACACS

If your Internet home page has changed and a strange-looking search engine appears when you try to search the Internet, what type of attack are you experiencing?

A redirect virus.

James has a USB flash drive that he has used at work. The drive needs to be thrown away, but James wants to make sure that the data is no longer on the drive before he throws it away. ​ What can James use to wipe the data clean? (Select TWO.)

ATA Secure Erase Smash the USB drive

Derek's supervisor is concerned that the company's security system does not comply with the new standards the company has decided to employ. She has asked Derek to determine how members of the company are authenticated on the network. What does the computer or server use to verify the access to a specific resource on the network?

Access control list

Your company has decided that security is very important and wants to add a second security check that will identify its employees while they are logging in to their computers. What type of security do you recommend?

Biometric locks

Kevin recently discovered that unknown processes are running in the background on his company's web server. During a performance review, he also noticed that the CPU is working at 80% during downtimes. Kevin believes that software is running in the background and causing the CPU to run at such a high percentage. Kevin discovers that his server along with several other computers in the company have been used to perform a DDoS on another website. What type of attack occurred?

Botnet

Shane is working on a new project for the sales department. The company wants a way to allow the sales force to print orders at the company headquarters. Shane has proposed that their computers be able to connect to the system using a VPN. ​ Who does Shane need to get permission from before he installs the VPN?

CAB

James travels for business and is always worried that his laptop will be taken from his room. Which type of device will ensure that James's laptop will not be stolen while he travels?

Cable lock

An operating system is responsible for validating certificates used to secure communication. For Windows, Microsoft maintains a database of trusted root certificates issued by Certificate Authorities (CAs). A root certificate is the original certificate issued by the CA. When a Windows system opens a secure email or visits a secure website and encounters a new digital certificate, it requests Microsoft's trusted root certificate, which is downloaded to the computer. The download happens seamlessly without the user's knowledge unless there's a problem. If Windows cannot obtain the root certificate to validate the email or website, an error is displayed. Where do you go in the Windows operating system to view and delete root certificates?

Certificate Manager

If you receive this error when trying to go to a website, where can you go in Windows to verify the certificate settings for the website?

Certificate Manager

Jacob has discovered what he believes is a crime on a computer that he is servicing. Jacob has identified and gone through the proper channels to report the incident. He has created a backup of the entire hard drive to preserve the evidence and has started to document the evidence. ​ What must Jacob maintain so the evidence can be used to prosecute the crime?

Chain of custody

Lane received a phone call from a client. The client claimed that a file he was working on the day before had disappeared from his computer along with several other files. Lane went to the client's desk to see if she could rebuild the files from the backup done the night before. Lane found and rebuilt the files from the backed-up data. When Lane called the next morning to see if everything was working, the client said that two of his files were gone again. He also noticed new files in a folder. When Lane arrived, she checked to see how much free space the computer had available and found that it had 250GB less than the day before. What is the issue with the client's computer?

Computer virus

The web server at Terry's company recently was attacked by multiple computers. The attack overwhelmed the company's web servers and caused the web servers to crash. What type of attack occurred?

DDoS

Nick works for a software development company that has just created a new application that will revolutionize the computer security industry. Nick's company owns the patent for the software and has a copyright for the software. The company would like to sell this new software but they are concerned about someone pirating the software. ​ What can Nick's company use to prevent software piracy?

DRM

Danny received this email message today. **YOUR COMPUTER HAS BEEN BLOCKED** What happened to Danny's computer?

Danny has received a fake security alert pop-up.

When working with a security consultant that your company has hired, you notice that he is running software on one of the machines. He explains that the program is running a brute force attack that is using every word in the English language to see if the Administrator password can be cracked. What type of attack is he attempting?

Dictionary

The company that you work for has recently had a security breech. During the recover and assessment, it was discovered that the malicious user used the company VPN to gain access to the network. Now your company would like to find a way to verify the identity of a user who requests access to the company through a VPN. What can you recommend to the company?

Digital certificate

Victoria is working on a computer that was infected with a virus when a client clicked on a link and downloaded a Trojan. Victoria researched the virus and learned that the virus might have written itself into System Restore. What does Victoria need to do to run the antivirus software on System Restore?

Disable System Protection.

Jackson has completed remediation of a virus-infected system. He eliminated all the startup program issues and uninstalled several browser add-ons. Jackson has scheduled scans to be performed daily and has run updates on Windows and the anti-malware program. He has enabled System Restore and created a new restore point. What should Jackson do to complete the malware removal process?

Educate the end user.

Tim has removed a virus from a customer's computer. The virus was a Trojan horse that the customer downloaded while trying to purchase software on the Internet. ​ What final step should Tim perform?

Educate the user.

Recently, Jessica has been receiving reports at the help desk that clients cannot log in to their computers and need to rest their passwords. After checking the log file, Jessica decided to ask one client who had recently changed his password, why he decided to change it. The client reported that someone from the help desk had called him and asked him for his password two days ago. He gave the caller the password, and now he can't log in to his system. Jessica has discovered that the client was a victim of social engineering. ​ What can the company do to prevent this from happening again?

Educate users.

Tracy works for an insurance company that recently received so much spam that the email server became overwhelmed and shut down. Tracy's supervisor has asked her to make sure this does not happen again. What is the first thing Tracy should do to prevent this problem from happening again?

Email filtering

Oscar has a client who has been receiving unsolicited emails from several companies. Oscar recommended that the client unsubscribe from the email lists, but that just increased the number of unsolicited emails she received. ​ What can Oscar do to stop the unsolicited emails on the email server?

Enable a spam filter.

Your company's email server has been filling up employee's email boxes with advertisements for things they did not request. You have been asked to research how to stop these types of messages from getting to your coworker's email client software. What will you recommend to your supervisor?

Enable the spam filter.

Zach believes someone is trying to log in to a computer system in order to gain access to the company's network. He wants to use Windows to determine if that is the case. ​ Where can Zach go to check the security logs?

Event Viewer

Lana has just taken a job as an IT professional in Europe and would like to get a head start on what to expect. What regulated data would you recommend that she research?

GDPR

Your company has decided that security is very important and wants to add a second security check when workers are logging in to their computers. The company issued key fobs to all the employees. The key fob generates a code for them to enter when logging in to the computer. ​ What type of security is your company using?

Hardware token

Jerry was recently contacted by a coworker who received an email that seemed suspicious. Jerry investigated her email account and noticed that she had been sending hundreds of emails every day for a week. He also noticed that this problem started after the coworker sent a reply email agreeing to participate in a contest to win a free car wash. ​ What happened to the coworker's email account?

Her email was hijacked.

Jennifer is trying to install an anti-malware program on a computer that she believes might be infected. During the installation, she receives an error message saying the software cannot be installed. The error reports that she does not have the privilege to install software. Jennifer is using the administrator account, so she knows she should be able to install the program. ​ What can Jennifer try next to install anti-malware software?

Install in Safe Mode.

Lin received 200 new laptops to be issued to company employees. Lin was asked to set them up and distribute them to everyone on a list provided by his supervisor. Lin has completed installing all the software on each computer and is ready to distribute them, but he needs to keep track of who received each laptop. ​ How can Lin keep track of all the laptops?

Inventory management documentation

Holly has been tasked to design the plan the IT department will use when making a change to systems. The plan will be used anytime the company needs to change a system and should include which people are to be contacted when changes are made and what the changes will do to other equipment. While Holly writes the change document, what types of things will she need to include in the scope of change? (Select all that apply.)

Key components of the change and how they will be addressed Skill sets, tasks, and activities required to carry out the change Who will participate in the change How the success of the change will be measured

David would like to add extra security to his network device. He is afraid that someone might try and connect an unauthorized device to the network via an open network drop. ​ What type of security can David deploy to prevent this type of security issue from occurring?

MAC filtering

Dylan is working on a system that has been having issues with files. Recently, Dylan has noticed that some of the filenames have strange characters, and the file sizes seem to be excessively large. File have been disappearing and Windows system files have been changed. ​ What might be the problem with the computer?

Malware is corrupting the files.

Your company wants to secure the new data center physically. The company has hired a security guard but wants to find a way so that only one person at a time can enter in the data center. As people enter, they will have to show the security guard identification that authorizes them to enter the data center. What is your company's new security called?

Mantrap

While researching a network issue, Randy discovered a diagram that he can use to see the design of the network. What type of documentation did Randy discover?

Network topology

Becky has been assigned to help with a major change to her company's accounts database. During the time of the change, Becky notices that her task will need to be modified to complete the change. Instead of telling her supervisor, she determines that the minor detail must have been overlooked and fixes what she believes is the problem. The minor detail that Becky did not tell her supervisor causes the change to fail. What is Becky's mistake called?

Out of scope modification

Jeff owns a health care company that sells medical supplies. The company bills health insurance companies for their customers. They are required by the insurance companies to complete paperwork that includes personal and health information. What type of regulated data does Jeff's company need to secure?

PHI

Alexandria works for a non-for-profit company that asks for donations to help the homeless people in her community. Recently the database that holds all the contact information about the donners was hacked, and all the data was copied. What type of data was taken?

PII

Roger's company is trying to increase the level of security for its network. Roger is researching ways to increase the security by making passwords more complex. ​ What can Roger change in Windows to require more complex passwords?

Password Policy

One of your clients at work calls and is irate because he had to change his password and now he can't seem to find one that will match the strength needed for the company server. After he finishes venting, you tell him you will send him the document that explains why he needs to have a strong password. What document will you send the client?

Password policy

Jannette has been experiencing slow performance on her computer. Today she received an error message saying that an update to her antivirus program failed. When she checked the update history, she discovered that the program had not been updated for two weeks. She restarted her computer and noticed that a file she was working on was no longer available. She also noticed that the network connection was sending data, even when she was not connected to the Internet. ​ What should Jannette do first on her computer?

Quarantine the system.

Jennifer's company currently uses Windows Active Directory to provide centralized authentication, authorization, and accounting to manage users on its network. The company uses a wireless network and an earlier authentication service on the server to authenticate end users accessing resources on the network. ​ What type of service is Jennifer's company using?

RADIUS

Which authentication service options work with Active Directory and other types of directory servers to authenticate and authorize users and can be used together on the same network? (Select TWO.)

RADIUS TACACS+

The computer that you are working on is not able to complete a Windows update. The update process begins to download the file, but then you receive an error message saying that the Windows update was unable to download. You have checked your Internet connection, and it is working. You have tried the update on your other computer, and it worked. What should you do first to fix the problem with the Windows update?

Remove malware.

If you are working on a client's computer and you believe that you have found a violation of the AUP, what is your next step?

Report the incident through the proper channels.

Ken has discovered that a vice president of his company has been using his computer to send data about a new product to a competitor. Ken has identified an email from the vice president and has tracked the information to the person at the other company. Ken has archived the evidence that proves the data has been sent. ​ What should Ken do next?

Report the person through proper channels.

Hector is trying to use Windows Defender to run an antivirus scan. Windows Defender refuses to run. When he opens the Action Center, Hector realizes that Windows Defender has been disabled and another antivirus software is running. Hector does not recognize the other antivirus software. ​ What type attack has infected Hector's computer?

Rogue antivirus

Recently, Frank's computer has slowed down dramatically. He has also noticed that the time on the computer is not accurate. Frank has run several antivirus scans, but has not found an issue. Today while surfing the web, he was redirected several times to a website that he did not request. Then a BSOD error occurred on his computer, and when he turned on his computer, the antivirus software was disabled. What kind of malware could be causing the issues on Frank's computer?

Rootkit

Allison's computer is displaying a strange error message saying that Allison, who is an administrator, does not have access to a folder in the Documents library of her user account. Allison tried to take ownership of the folder but was still denied access. She tried running an antivirus scan on the folder, and again access to the folder was denied. ​ What can Allison do to fix this security issue?

Run a Windows Defender Offline scan.

A customer called Derek to complain that her computer was running slow, so he went to the client work area and started troubleshooting the problem. Derek ran the Disk Defragmenter and Disk Clean-up utilities. He checked the processes running in Task Manger. Derek found that the CPU was running several processes. While Derek was looking at Task Manager, the computer crashed. Derek restarted the computer and noticed a long load time for Windows. Derek checked Task Manager and saw several processes that he did not recognize. What should Derek perform next on the client's computer?

Run a virus scan.

Joann turned on her Windows 10 computer today, and while the computer was booting up, it shut down. She restarted the computer and it booted fine but ran slowly. She opened Task Manager and noticed that her CPU was running at 98% capacity and her network at 75% capacity. When she checked to see what process was using so much network connectivity, she received a message saying that access to the process was denied. Based on these indicators, what should Joann do with her computer? (Select all that apply.)

Run antivirus software. Disconnect from the network. Check the file permissions.

Karen received a call from a client whose computer will not boot. The client explained that he had just received an error message about a virus on the computer. When Karen arrived, she tried to boot the computer in Safe Mode, but that did not work. Karen decided to install the hard drive on a working computer. ​ What should Karen do after she installs the hard drive on a second computer?

Scan the hard drive in the new computer with antivirus software.

Larry has participated in a change proposal for his company. During the planning stage, Larry was told that his role in the change would be small but important. In the implementation stage, Larry completed his task according to the stipulations and timeframe of the plan. However, Larry was called in five times during the change to help others complete the change process. ​ Where in the change management process did the problem occur?

Scope of plan

Holly is trying to use Windows Defender to run an antivirus scan. Windows Defender refuses to run. She notices a problem when she tries to update Windows Defender and it fails. When Holly opens the Action Center she sees this screen. What has happened to Holly's computer?

She has downloaded a rogue antivirus.

Your company has decided to replace several hundred hard drives. It would like to donate the old hard drives to a local school system that will use them to increase storage on systems for students. However, the company also wants to make sure the hard drives are completely wiped before donating them. Which disposal method will not allow the company to recycle the device? (Select all that apply.)

Shredder Degaussing Incineration

Jerry has received an email on his company's email system. The email is in regard to a new update the company plans to implement. The administrators are requesting that everyone send their username and password so that the administrators can compile a list and avoid having everyone change their passwords. ​ What type of attack is this?

Spear phishing

Lance works for a company that allows users to bring their own devices to work. Last week Lance purchased a software package from a company that allows him to change fonts on pictures that he uses in his work presentations. Lance wants to share the program with his coworker Susan. Is Lance allowed to share the software with Susan?

Susan would need to purchase the software from the company.

Samantha is having an issue with Windows crashing and believes that malicious software is causing it to crash. Samantha also has received application errors that have cause the applications to close. Which event log in the Event Viewer can Samantha inspect to see if malicious software is causing the Windows system to crash and the application errors, system errors, and other types of errors?

System logs

Your company is using RADIUS for AAA services to connect wireless users to the Windows Active Directory domain. However, the company wants to upgrade to a Cisco-based wireless network and would like to upgrade the older RADIUS. ​ What will you recommend as an upgrade to RADIUS?

TACACS+

Danielle, a help desk technician, receives a call from a client. In a panic, he explains that he was using the Internet to research a new product when his computer emitted an alarm accompanied by a warning that a site had blocked his computer and that information was being stolen from the computer. The message included a phone number and a note to call the number within five minutes so that engineers could walk him through the removal process. ​ What has happened to the customer computer?

The client received a fake security alert.

Nick is working on a computer at a customer's house. The customer is concerned that her computer has a problem because recently the Internet home page changed, and when she tried to search the Internet, a strange search engine appeared. ​ What has happened to the customer's computer?

The computer is infected with a redirect virus.

One of Kyle's clients called to complain that his computer was running really slow. Kyle went to the client's work area and started troubleshooting the problem. Kyle ran the Disk Defragmenter and Disk Clean-up utilities. He checked the processes running in Task Manger and noticed that the SVC host was running several processes. While Kyle was looking at Task Manager, the computer crashed. Kyle restarted the computer and noticed a long load time for Windows. He checked Task Manager and saw several processes that he did not recognize. ​ What might be the issue with Kyle's client's computer?

The computer might have a virus.

Christian has malware that is preventing him from installing anti-malware on his laptop. What can Christian try if he does not have another computer available to run the anti-malware program?

Try to install in Safe Mode.

Based on her research of the symptoms, Sara believes her computer is infected with a virus. Sara has an anti-malware program on the computer. What should she do before she runs the anti-malware program?

Update malware signatures.

Sharon's company has written a new computer program, and she has been asked to find a way to prevent people from copying the software they purchase and giving it to others who have not purchased the software. What can Sharon's company do to make sure a customer who purchases the program does not give it to someone else?

Use DRM.

Joe works for a company that has a traveling sales force. The company has asked Joe to research a way for the sales force to have real-time information on the availability of its salable products. The company has an intranet application that allows it to see up-to-the minute information. The company does not want to make this information public. ​ What should Joe recommend?

VPN

You have noticed that your computer is running slower than normal and that the amount of storage space on the hard drive is decreasing, even though you have not been doing anything different on your computer. You believe a program is replicating by attaching itself to other programs. What type of malware is on your computer?

Virus

Gwen has discovered a program that has copied itself throughout the network. The program does not appear to have a host program and is overloading the network as it replicates. It has even installed a web server on the network and is allowing other computers to connect. What type of malware has Gwen discovered?

Worm

Peggy found a freely distributed software package for her small business that will allow its sales to be tracked into a database for inventory purposes. ​ Can Peggy install this software on all the computers in her store?

Yes, this is open source software.

Jordan is talking with a client on the phone. Jordan's company recently completed updates on the client's system and something is not working properly. The client asks Jordan why the company is always doing updates. Jordan explain that updates help to secure computer systems. What specific vulnerability do updates help prevent?

Zero-day


Ensembles d'études connexes

ACCOUNTING FOR MERCHANDISING BUSINESS (TERMS)

View Set

Cells: The Living Units Dynamic Study Module

View Set