Security+ Chapter 4 Review Questions
Which of these is NOT a state of data that DLP examines? a. data in-use b. data in-process c. data in-transit d. data at-rest
data in-process Data that DLP examines: data in-use data in-transit data at-rest
A lock that extends a solid metal bar into the door frame for extra security is the ______________________ a. triple bar lock b. deadman's lock c. full bar lock d. deadbolt lock
deadbolt lock
A ____ addresses a specific customer situation and often may not be distributed outside that customers organization. a. rollup b. service pack c. patch d. hotfix
hotfix
What type of controls are the processes for developing and ensuring that policies and procedures are carried out? a. technical controls b. active controls c. administrative controls d. policy controls
Administrative controls
Which of the following is not designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow? a. barricade b. fencing c. roller barrier d. type V controls
barricade
A___________ can be used to secure a mobile device. a. mobile connector b. cable lock c. mobile chain d. security tab
cable lock
How does heuristic detection detect a Virus? a. A virtualized environment is created and the code is executed in it. b. A string of bytes from the virus is compared against the suspected file. c. The bytes of a virus are placed in different "piles" and then used to create a profile. d. The virus signature file is placed in a suspended chamber before streaming to the CPU.
A virtualized environment is created and the code is executed in it
Which is the first step in securing an operating system? a. Develop the security policy. b. Implement patch management. c. Configure operating system security and settings. d. Perform host software baselining
Develop the security policy
______ allows for a single configuration to be set and then deployed to many or all users. a. Active Directory b. Group Policy c. Snap-In Replication (SIR) d. Command Configuration
Group policy
Which statement about data loss prevention (DLP) is NOT true? a. It can only protect data while it is on the user's personal computer. b. It can scan data on a DVD. c. It can read inside compressed files. d. A policy violation can generate a report or block the data.
It can only protect data while it is on the users personal computer
Which statement about mantrap is true? a. It is illegal in the U.S. b. It monitors and controls two interlocking doors to a room. c. It is a special keyed lock. d. It requires the use of a cipher lock.
It monitors and controls two interlocking doors to a room
Which of the following is NOT a Microsoft Windows setting that can be configured through a security template? a. Account Policies b. User Rights c. Keyboard Mapping d. System Services
Keyboard Mapping
Which of the following is NOT an advantage to an automated patch update service? a. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs. b. Downloading patches from a local server instead of using the vendor's online update service can save bandwidth and time because each computer does not have to connect to an external server. c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service. d. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available.
Users can disable or circumvent updates just as they can if their computer is configured to use the vendors online update service!
Which of these is a list of approved email senders? a. blacklist b. whitelist c. greylist d. greenlist
Whitelist
the residential lock most often used for keeping out intruders is the _________________________ a. encrypted key lock b. privacy lock c. passage lock d. keyed entry lock
keyed entry lock
Which of the following is NOT a motion detection method? a. radio frequency b. moisture c. magnetism d. infrared
moisture Motion Detection Method: radio frequency magnetism infrared
A typical configuration baseline would include each of the following except a. changing any default settings that are insecure b. eliminating any unnecessary software c. enabling operating system security features d. performing a security risk assessment
performing a security risk assessment
Which of the following is NOT a characteristic of an alarmed carrier PDS? a. periodic visual inspections b. continuous monitoring c. carrier can be hidden below a floor d. eliminates the need to seal connections
periodic visual inspections
Which of the following is NOT an activity phase control? a. compensating control b.detective control c. resource control d. deterrent control
resource Control Activity Phase Control: compensating control detective control deterrent control
Which of the following cannot be used along with fencing as a security perimeter? a. vapor barrier b. rotating spikes c. roller barrier d. anticlimb paint
vapor barrier