testout chapter 10 (end test)
Sets expectations for user privacy when using company resources.
Acceptable Use Policy
If a malicious user gains access to the system, which component of the framework lets administrators know how they gained access and what exactly they did?
Accounting
Which of the following describes a Man-in-the-Middle attack?
An attacker intercepts communications between two network hosts by impersonating each host.
The process of proving to the computer that you are who you say you are is called ____________.
Authentication
What do biometrics use to perform authentication of identity?
Biological attributes
A technician is installing a new SOHO wireless router.Which of the following is the FIRST thing the technician should do to secure the router?
Change the router's default password
What is a disadvantage of using the cloud for data storage?
Cloud storage backups require a reliable internet connection.
Identifies a set of rules or standards that define personal behaviors.
Code of Ethics
What is the surest way to prevent the loss of important information on your mobile device if it is lost, stolen, destroyed, or there is a natural disaster?
Configure your device to remotely backup important data to the Cloud.
You work for a company that offers their services through the Internet. Therefore, it is critical that your website performs well. As a member of the IT technician staff, you receive a call from a fellow employee who informs you that customers are complaining that they can't access your website. After doing a little research, you have determined that you are a victim of a denial-of-service attack.As a first responder, which of the following is the next BEST step to perform?
Contain the problem.
Why is it better to use a credit card than a debit card for online purchases?
Credit cards have better fraud protection
Mark received an email from a software company claiming his account will be disabled soon. The email contains several spelling errors, an attachment, and states he should open the attachment for further instructions. What should Mark do?
Delete the email without opening the attachment.
Ted, an employee in the Sales department has asked a coworker, Ann, in the Production department to update the product descriptions contained in a Sales document. Ann can open the file but, after making changes, can't save the file.Which of the following digital security methods is MOST likely preventing this?
Directory permission
In which of the following situations should you expect total privacy?
Financial transactions
Which of the following security measures is a form of biometrics?
Fingerprint scanner
Which of the following is a common form of social engineering attack?
Hoax virus information emails.
Which Information Systems (IS) career oversees integrating different technologies and systems within an organization?
IS manager
You are the PC technician for a company. An employee has gone to a meeting while you fix the computer in her office. She accidentally left a report open next to her computer which states that a friend of yours in accounting will be submitted for review if their poor work performance continues.Which of the following is the BEST action to take?
Ignore the paper and tell no one of its contents.
Which of the following are the BEST steps you can take to avoid having your mobile device exploited by a hacker or infected by a virus? (TWO).
Lock the screen with some form of authentication Keep the operating system up to date
You are configuring the local security policy of a Windows system. You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again.Which of the following policies are BEST to configure? (TWO).
Minimum password age Enforce password history
You are configuring the local security policy of a Windows system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent log on after three unsuccessful logon attempts.Which of the following policies are BEST to configure? (TWO).
Minimum password length Account lockout threshold
After entering a user ID and password, an online banking user must enter a PIN that was sent as a text message to the user's mobile phone.Which of the following digital security methods is being used?
Multifactor authentication
Your company has surveillance cameras in your office, uses strong authentication protocols, and requires biometric factors for access control. These are all examples of what principle?
Non-repudiation
Specifies that user accounts should be locked after a certain number of failed login attempts.
Password Policy
Which of the following disaster recovery concepts applies when a server needs to be online and accessible at all times?
Redundancy
Even if you perform regular backups, what must be done to ensure that you are protected against data loss?
Regularly test restoration procedures.
Which of the following access controls gives only backup administrators access to all servers on the network?
Role-based
Which of the following is not a form of biometrics?
Smart card
Unwanted, unsolicited emails containing advertisements, political rhetoric, hoaxes, or scams are collectively known as _________.
Spam
Which Information Systems career analyzes and assesses the performance of existing systems in order to suggest how a business can operate more efficiently?
Systems analyst
Which Information Systems career would MOST LIKELY provide user training for new or modified systems?
Systems analyst
What is the best countermeasure against social engineering?
User awareness training
A large number of compromised computers are infected with malware that allows an attacker (herder) to control them to spread email spam and launch denial-of-service attacks.Which of the following does this security threat describe?
Zombie/botnet
Which of the following would best prevent an unauthorized person from remotely accessing your computer?
Firewall
You have implemented a regular backup schedule for a Windows system, backing up data files every night and creating a system image backup once a week. For security reasons, your company has decided to not store a redundant copy of the backup media at an offsite location.Where would be the next best place to keep your backup media?
In a locked fireproof safe.
Provides a high-level overview of the organization's security program.
Organizational Security Policy
Your company wants to use multifactor authentication. Which of the following would you most likely suggest?
PIN and smart card
The password policy below incorporates the following:Passwords must include at least one capital letterPasswords must include a mix of letters and numbersPasswords must be different from the past eight passwordsPasswords must contain at least one non-alphanumeric characterWhich of the following password best practices are being used? (TWO).
Password complexity Password history
A user reports that her system is running slow when saving files. You determine that you will need to upgrade her hard disk. You identify the components that are required and schedule the repair for later that afternoon.Which of the following steps have you forgotten in your troubleshooting process?
Perform a backup.
In which of the following should you expect some privacy?
Personally identifiable information entered into a human resource database
A technician walks into the office with a UPS. What sort of threat will this device prepare a system for?
Power outage
A technician assists Joe, an employee in the Sales department, who needs access to the client database by granting Joe administrator privileges. Later, Joe discovers he has access to the salaries in the payroll database.Which of the following security practices was violated?
Principle of least privilege
Your company has a disaster recovery plan that says the order to restore data is customer data, financial system, then email. This is an example of what?
Prioritization
Andy is a very detail-oriented person. Which of the following Information Systems careers would likely be the BEST option for him?
Project manager
Which Information Systems (IS) career can work in other fields such as construction management and engineering?
Project manager
You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them by placing an ad on the Internet. These computers were previously used for storing sensitive information.To properly protect the accidental discovery of the company's sensitive information, which of the following steps MUST be completed prior to getting rid of the computers?You
Use data wiping software to clear the hard drives
You've just received an email message that indicates a new, serious malicious code threat is ravaging across the Internet. The message contains detailed information about the threat, its source code, and the damage it can inflict. The message states that you can easily detect whether or not you have already been a victim of this threat by the presence of three files in the \Windows\System32 folder. As a countermeasure, the message suggests that you delete these three files from your system to prevent further spread of the threat.Based on the email message, which of the following are the next BEST actions to complete? (TWO).
Verify the information on well-known malicious code threat management Web sites. Run a full anti-malware scan.
Which software is Microsoft's anti-malware product that is preinstalled on most new computers?
Windows Defender
