cyber

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following best describes a password that is at least seven characters long and uses three of the following categories (uppercase, lowercase, numbers, and special characters)?

complex password

Which of the following terms indicates that information is to be read only by those people for whom it is intended?

confidentiality

What do the initials CIA stand for in relation to security?

confidentiality, integrity, and availability

Which of the following refers to a security access control methodology whereby the 48-bit address is assigned to each network card which is used to determine access to the network?

mac filtering

Which of the following terms is used in reference to the security discipline that requires that a user is given no more privilege than what is deemed necessary to perform his job?

principle of least privilege

In which of the following locations are users and permissions stored for an NTFS folder?

registry

Which type of device can be easily lost or stolen or can be used for espionage?

removable devices

Which of the following security zones is used for Web sites that the user does not trust?

restricted zone

Which of the following authorizes a user to perform certain actions in Windows, such as logging on or performing a backup?

right

A _____ is generally defined as the probability that an event will occur that can cause harm to a computer system, service, or network

risk

How many firewalls should be used to create a sandwich DMZ?

2

Which OSI layer is used by switches and bridges?

2

On which OSI layer do routers function?

3

Which port is used by LDAP?

389

On which OSI layer do TCP and UDP function?

4

Which port is used by SMTP?

443

Which of the following is the generally accepted minimum password length?

8

Which of the following is not a complex password?

John!Taylor

Which of the following is more secure protocol between Point to Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP)?

L2TP is more secure than PPTP

Which type of DoS attack uses large ICMP packets to cause an overflow of the memory buffers allocated for packets?

ping of death

Which Windows feature notifies you when something tries to make changes to your computer without your knowledge?

uac

Which concept determines what resources users can access after they log on?

access control

Which settings are used to keep track of incorrect logon attempts and lock the account if too many attempts are detected within a certain set time?

account lockout

Which term is used in reference to the process of keeping track of a user's activity?

accounting

Which of the following MMC snap-in consoles is used to administer domain and forest functional levels and user principal name (UPN) suffixes?

active directory domains and trusts

Which directory service is used with Windows domains?

active direvtory

Which of the following are the types of OS fingerprinting techniques?

active fingerprinting, passive fingerprinting

Which type of firewall is also known as a proxy server?

application-level

Which of the following terms is used in reference to a scope that hacker can use to break into a system?

attack surface

Which of the following is used to verify that an administrator is not accessing data that he should not be accessing?

auditing

Which technology is not used to implement confidentiality?

auditing

Which of the following is used to identify a person before giving access?

authentication

Which term is used in reference to the process in which a user is identified via a username and password?

authentication

Which term is used in reference to the process of identifying an individual?

authentication

Which term is used in reference to the process of giving individual access to a system or resource

authorization

Which type of authentication method identifies and recognizes people based on physical traits such as fingerprints?

biometrics

Mark works as a Network Administrator for TechMart Inc. The company has a Windows-based network He has been assigned a project to take care of the sensitive data that can be hacked if any of the laptop computers would be misplaced. Mark is required to ensure the confidentiality of data on the mobile stations, all of which are running Windows 7 Enterprise. Which of the following will Mark use to accomplish the task?

bitlocker

Which type of attack tries to guess passwords by every combination of characters?

brute force attack

Which of the following is a physical or logical device used to capture keystrokes?

keylogger

Which Internet Explorer zone is the least secure?

local intranet zone

Which of the following is used to provide protection when one line of defense is breached?

defense in depth

Which type of attack tries to guess passwords by trying common words?

dictionary attack

Which type of electronic document contains a public key?

digital certificate

A user has opened a Web site that automatically starts downloading malicious code onto his computer. What should he do to prevent this?

disable ActiveX Controls, disable Active Scripting

Which type of routing protocol sends the entire routing table to its neighbors?

distance vector

Which special area serves as a buffer area between the internet and the internal network and can be used to hold web servers that are accessed from the internet?

dmz

By default, the _____ group has full access to all resources within a domain.

domain admins

Which type of server runs Active Directory?

domain controller

Which of the following uses a symmetric encryption algorithm that takes a lesser amount of time to encrypt or decrypt large amounts of data?

efs

Which of the following servers should not be placed on the DMZ?

email mailbox servers

Which of the following is considered the most effective way to protect against social engineering?

employee awareness

Which of the following is the process of converting data into a format that cannot be read by another user?

encryption

You work as a Network Administrator for TechMart Inc. The company has a Windows-based network. After completing a security audit of the company's Microsoft Windows Server 2008 R2 file servers, you have determined that folder and share security requires a revision on the basis of corporate reorganization. You have noticed that some shares on the file system are not secured. Which of the following is the default permission setting that you have used when a share is created?

everyone with read permission

Which type of permissions are assigned directly to a file or folder?

explicit

Which type of device isolates a network by filtering the packets that can enter it?

firewall

Which tab in Internet Explorer settings is used to delete history and cookies?

general

Mark works as a Desktop Administrator for TechMart Inc. The company has a Windows-based network. He has bees assigned a project to upgrade the browsers to Internet Explorer (IE) 8 for working with the latest Internet technologies Mark wants to ensure that the company uses a number of the security features built into the browser while maintaining functionality within the company's intranet. Mark is also educating his users to be good Internet citizens and use the safe web surfing. Which of the following actions will Mark take to configure Internet zone feature in IE 8 and to enable users to easily browse the local intranet without disturbing the security levels?

go into the Internet Options, select the Security, and add the intranet site to the list of Local Intranet Site

Which of the following is used to define the length of a password in Windows?

group policies

When you access permissions to a folder, you should first grant permissions to _____ rather than users.

groups

Mark work as a System Administrator for TechMart Inc. The company has a Windows-based network. Mark wants to allow the remote travel agents to be able to access the corporate network so that they are free to check email and post appointments that are booked for the particular day. Mark has decided to permit the travel agents to use their home computers but he is required to be assured that the information is not compromised by anyone because the security of client information is on the top priority for him. Mark is concerned about probable attackers will be able to penetrate the VPN. Which of the following will Mark use to attract the attackers for understanding their methods?

honeypot

Which type of server can be used to trap a hacker?

honeypot

Which of the following steps will help in system or host hardening?

installing or applying a patch on the host provided by the operating system manufacturer, disabling unnecessary services from the host

Which of the following ensures data is not changed when it not supposed to be?

integrity

You administer several internet web servers that need to communicate with a SQL server. Where should the SQL server be placed?

internal network

Which type of system detects unauthorized intruders and then takes action to stop them from proceeding?

ips

Which authentication type is the default for Active Directory?

kerberos

Which malicious software captures every keystroke and sends it to a hacker?

keylogger

Which setting forces users to change their passwords?

maximum password age

Which of the following prevents users from changing a password multiple times so that they can change it to their original password?

minimum password age

Throughout the past couple of years, small ____ have been become one of the largest challenges facing security professionals

mobile devices

Which of the following is necessary to highly secure a system?

more money

_____ is the term used in reference to two or more authentication methods used to authenticate someone.

multifactor authentication

Which of the following works at the network layer and hides the local area network IP address and topology?

network address translation, nat

Which term is used in reference to the process that prevents someone from denying that she accessed a resource?

nonrepudiation

In Windows, which of the following is used to enable auditing?

ntfs permissions

Which of the following are spammers and hackers looking for when they want to send email through your network?

open smtp servers

Which seven-layer model is often used to describe networking technologies and services?

osi

Which type of firewall filters packets based on IP address and ports?

packet-filtering

Which authentication method sends the username and password in plain text?

pap

Which of the following is the most common form of authentication?

password

Which setting is used to prevent users from reusing the same password over and over?

password history

Which of the following is not a response when dealing with a risk?

patching

When you grant access to print to a printer, which of the following are you granting?

permission

Which technique is used to send you to a fake, but realistic-looking, website to verify your account information?

phishing

Which of the following is the first line of defense when setting up a network?

physical secure the network

Which of the following terms refers to the access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge?

piggybacking

Which of the following is a secret numeric password used for authentication?

pin

In dealing with risks, which response is accomplished when you or your organization purchases insurance to protect your bottom line when such a disaster or threat is realized?

risk transfer

Which type of malware provides administrator-level control over a computer system?

rootkit

Which type of device looks at a packet and forwards it based on its destination IP address?

router

When you create a local user on a computer running in Windows 7, where is the user account stored?

sam

Which type of group can be granted rights and permissions?

security

Which email validation system is designed to stop spam that uses source address spoofing?

sender policy framework

Which of the following are the only passwords that should not expire?

service accounts

Which term is used in reference to multiple Windows updates that have been packaged together as one installation and are well tested?

service packs

______ allows you to log on once and access multiple related by different systems without having to log on again.

single sign on, sso

Which item is roughly the size of a credit card and allows access to a network and its resources?

smart card

Which type of software can you use to view usernames and passwords broadcasted over the network?

sniffer

Which of the following method whereby a hacker relies on the trusting nature of the person being attacked?

social engineering

Which term is used in reference to unsolicited junk email?

spam

You work as a Network Administrator for SpyNet Inc. The company has a Windows- based network. You have been assigned the task of auditing the scheduled network security. After a regular audition, you suspect that the company is under attack by an intruder trying to gain access to the company's network resources. While analyzing the log files, you find that the IP address of the intruder belongs to a trusted partner company. Assuming this situation, which of the following attacks is the company being subjected to?

spoofing

Which of the following can search contents of a hard disk, address book of an e- mail, or any information about the computer, and transmit the information to the advertisers or other interested parties without user knowledge?

spyware

Which type of malware collects your personal information or details about your browsing habits without your knowledge?

spyware

Which type of firewall looks at the previous conversations to determine if a packet should enter a network?

stateful

Mark works as a Network Administrator for BlueWell Inc. The company has a Windows-based network. Mark has retained his services to perform a security assessment of the company's network that has various servers exposed to the Internet. So, it may be vulnerable to an attack. Mark is using a single perimeter firewall, but he does not know if that is enough. He wants to review the situation and make some reliable recommendations so that he can protect the data over company's network. Which of the following will Mark use to inspect network information on the basis of source and destination address?

stateless packet inspection

Which of the following is the result of setting the value of Enforce Password History to 10?

the system will remember the last 10 passwords and will not permit the user to reuse any of those passwords

You work as an Exchange Administrator for TechWorld Inc. The company has a Windows 2008 Active Directory-based network. The network contains an Exchange Server 2010 organization. You are in the process of choosing an authentication method for Exchange ActiveSync. You need an authentication method that requires both, a password and an external device. Which of the following authentication methods will you choose for Exchange ActiveSync?

token based authentication

Which type of malware looks like a useful or desired executable program but is in reality program that is supposed to cause harm to your computer or steal information from your computer?

trojan horse

You work as a Network Administrator for a medium sized business. Spam has become a significant problem for your company. You want to have a common network wide solution. You want a solution that is easy to administer. However, you do not want your solution to hinder the performance of your email server. What is the best solution for you to implement?

utilize a gateway filter anti-spam solution

Which type of malware can copy itself and infect a computer without the user's consent or knowledge?

virus

Which term is used in reference to a message warning you to delete an essential Windows file?

virus hoax

Which technology can be used to isolate a network of servers so that they cannot interact with other servers?

vlan

Which software component defends against spyware?

windows defender

Which host firewall is included with Windows 10?

windows firewall

Which of the following is a service can be enabled to ensure that the servers are able to receive all essential software updates?

windows software update services

Which type of self-replicating program copies itself to other computers on a network without any user intervention and consumes bandwidth and computer resources?

worm

Which of the following should users not do when dealing with passwords?

write down your password on a piece of paper and keep it near your computer. do not use names of children and pets. do not give your password to your co-workers

Which server can be used to install Windows updates for your organization?

wsus

The workstations on your network utilize Windows XP (service pack 2 or later). Many users take their laptops on the road. You are very concerned about the security and want to have a robust firewall solution for mobile users. You have decided that all your firewalls to use the Stateful Packet Inspection (SPI) method. What must you do to provide SPI to your mobile users?

you must purchase a third party firewall solution for your mobile users

Which of the following is true of using passwords?

you should create a strong password


Ensembles d'études connexes

AP BIO REVIEW (unit 6), AP BIO - Unit 6 test

View Set

Political Science 1000 chapter 2: Political Ideologies

View Set

Division: 18 divided by 3 equals 6; 20 divided by 4 equals 5; 16 divided by 2 equals 8

View Set

ch 13: export controls and sanctions

View Set

EMT Basic - Chapters 7 & 9 (Quiz 5)

View Set