CH 19 SECURITY PRACTICE TEST
What is the aim of security awareness training? A All employees must understand their security responsibilities.) B All employees in the IT department should be able to handle security incidents. C All employees excluding top management should understand the legal implications of loss of information D All employees in the IT department should be able to handle social engineering attacks
A (All employees must understand their security responsibilities.)
You have discovered that hackers are gaining access to your WEP wireless network. After researching, you discover that the hackers are using war driving. You need to protect against this type of attack. What should you do? (Choose all that apply.) A Change the default Service Set Identifier (SSID). B Disable SSID broadcast. C Configure the network to use authenticated access only. D Configure the WEP protocol to use a 128-bit key.
A (Change the default Service Set Identifier (SSID).) B (Disable SSID broadcast.) C (Configure the network to use authenticated access only.) D (Configure the WEP protocol to use a 128-bit key.)
Your organization issues an iPhone to every member of senior management. As dictated by the organizational security policy, you configure the iPhones with passcode locks and enable remote wipe. A user from your organization contacts you that a company-issued iPhone has been lost. The iPhone contained confidential information. You need to remove all the data from this iPhone. What should you do? A Log in to iCloud.com, and select Find My iPhone. Select the device from the Devices list, and click Erase iPhone. B Log in to iCloud.com, and select Find My iPhone. Select the device from the Devices list, and click Lock. C Log in to iTunes, and select Find My iPhone. Select the device from the Devices list, and click Erase iPhone. D Log in to iTunes, and select Find My iPhone. Select the device from the Devices list, and click Lock.
A (Log in to iCloud.com, and select Find My iPhone. Select the device from the Devices list, and click Erase iPhone.)
You need to ensure that that data on storage media is properly classified to ensure that the appropriate data is retained. Which operation must you undertake to avoid mishandling of tapes, CD-ROMs, floppy disks, and printed material? A labeling B degaussing C zeroization D offsite storage
A (labeling)
You have installed several 32-bit and 64-bit applications on a Windows 7 Ultimate 64-bit computer. What is the installation folder for the 32-bit applications? A C:\Program Files B C:\Program Files (x86) C C:\Program Files (x64) D C:\Windows\System32
B (C:\Program Files (x86))
Which two methods are used to monitor access control violations? (Choose two.) A Access control lists (ACLs) B Intrusion detection systems (IDSs) C backups D audit logs
B (Intrusion detection systems (IDSs)) D (audit logs)
You need to provide a physical security measure for a data center located on the second floor of a building. Management wants you to implement the highest level of security possible. Which physical security control should you implement? A ID badges B Key fobs C Biometrics D Passwords
C (Biometrics)
You need to access a shared folder named research$. Which fact is true about this shared folder? A It is an administrative share. B It is a local share. C It is hidden. D It is visible.
C (It is hidden.)
You are creating a wireless network for your company. You need to implement a wireless protocol that provides maximum security while providing support for older wireless clients. Which protocol should you choose? A Wireless Application Protocol (WAP) B Wired Equivalent Privacy (WEP) C Wi-Fi Protected Access (WPA) D Wi-Fi Protected Access 2 (WPA2)
C (Wi-Fi Protected Access (WPA))
You are instructing a new IT technician on securing networks and using permissions. What would you tell Graham that the default permission position should be? A explicit allow B implicit allow C explicit deny D implicit deny
D (implicit deny)
A hacker has called a company employee and learned the employee's user name and password by posing as a member of corporate technical support. Which type of attack has the company suffered? A buffer overflow B denial of service C brute force D social engineering
D (social engineering)
Which security threat often uses tracking cookies to collect and report a user's activities? A virus B worm C Trojan horse D spyware
D (spyware)
Daniel, a member of the board of directors for your company, has called the help line to complain that an unknown person is posting to his account on his favorite social media site pretending to be him. After discussing the problem, he reveals that he performed the steps as dictated by last week's email from your department. Your department did not send out an email last week with steps to complete. What term(s) below best describe which attack most likely occurred? (Choose all that apply.) A whaling B zombie C spear phishing D mining E ransomware
A (whaling) C (spear phishing)
What is the best implementation of the principle of least privilege? A Completing administrative tasks at a computer that functions only as a server B Issuing the Run as command to execute administrative tasks during a regular user session C Ensuring that all services use the main administrative account to execute their processes D Issuing a single account to each user, regardless of his job function
B (Issuing the Run as command to execute administrative tasks during a regular user session)
What is the quickest way to lock a Windows 7 computer? A Press Ctrl+Alt+Del, and select Lock this computer. B Press the Windows + L keys. C Right-click the taskbar, and select Lock the taskbar. D Click Start. Click the right arrow next to Shutdown, and select Lock
B (Press the Windows + L keys)
Several users will be using a new Windows 7 computer. You have been asked to configure the accounts in the appropriate manner to maximize security. Which procedures should you implement? (Choose all that apply.) A Disable the Administrator account B Rename the Administrator account. C Disable the Guest account. D Rename the Guest account.
B (Rename the Administrator account.) C (Disable the Guest account) D (Rename the Guest account.)
What is a rootkit? A a software application that displays advertisements while the application is executing B a collection of programs that grants a hacker administrative access to a computer or network C an application that uses tracking cookies to collect and report a user's activities D a program that spreads itself through network connections
B (a collection of programs that grants a hacker administrative access to a computer or network)
Which mobile device application helps when a mobile device is stolen but also raises privacy concerns? A remote wipe applications B locator application C remote backup applications D passcode applications
B (locator application)
You have recently discovered that users on your network have been victims of impersonation attacks. You need to implement an authentication method that checks the identity of both ends of the connection. Which authentication method does this? A biometric authentication B mutual authentication C Kerberos authentication D RADIUS authentication
B (mutual authentication)
Recently several employees email accounts were hacked after they visited the local coffee shop and used their mobile devices there. Which type of attack most likely occurred? A zero-day attack B shoulder surfing C zombie D tailgating
B (shoulder surfing)
As a consultant, you have created a new security structure for a company that requires that passwords be issued to all employees. The company's IT department has made several password distribution recommendations. Which method is the most secure? A Instruct users to request passwords via e-mail. B Send an e-mail to each user that contains the user's password. C Instruct users to report to the IT department with proper identification for password setup. D Issue the same password to all users. Upon initial logon, force the users to change their passwords.
C (Instruct users to report to the IT department with proper identification for password setup.)
You have two wireless networks in your building. The wireless networks do not overlap. Both of them use Wi-Fi Protected Access (WPA). You want to ensure that no unauthorized wireless access points are established. What should you do? A Change the two wireless networks to WPA2. B Change the two wireless networks to WEP. C Periodically complete a site survey. D Disable SSID broadcasts for the two wireless networks.
C (Periodically complete a site survey.)
You are a network administrator for Nutex Corporation. Your organization implements a network. You have been tasked with designing the end-user security training that will be given to all employees regarding the network. Which security issue should you cover? A denial of service (DOS) attacks B physical security issues C social engineering attacks D smart card usage
C (Social engineering attacks)
A user wants to change his local password on a Windows 7 Ultimate computer using the least amount of administrative effort. What should he do? A Click Start and Control Panel. Click User Accounts and Family Safety. Click Change Your Windows Password. B Click Start and Control Panel. Click User Accounts. Click the user's account name, and select Change My Password. C Click Start and Control Panel. Click User Accounts. Click Change My Password. D Press Ctrl+Alt+Del, and select Change a Password.
D (Press Ctrl+Alt+Del, and select Change a Password.)
Which configuration change should you make to harden a new operating system (OS) immediately after installation? A Create a secure administrator account. B Change the administrator account password. C Delete all default user and group accounts. D Rename the administrator account and disable the guest accounts
D (Rename the administrator account and disable the guest accounts)
Which statement is true regarding smart cards? A Smart cards are used only as hotel room keys. B Smart cards do not contain a microprocessor. C Smart cards use infrared. D Smart cards can be deactivated or replaced
D (Smart cards can be deactivated or replaced)
Management has requested that BitLocker To Go be implemented on all Windows 7 computers. Which hardware is required to implement this technology? A a network interface card (NIC) B DirectX 10.0 C an optical DVD/CD drive D a USB flash drive
D (a USB flash drive)
Which of the following is an example of phishing? A a Visual Basic script attached to an e-mail that infects your system B an attack that uses drones to obtain e-mail accounts to send spam C a program that sends out your personal information to an advertiser D an e-mail request from a financial institution asking you to log in and change your password using the provided link
D (an e-mail request from a financial institution asking you to log in and change your password using the provided link)
Andrea is concerned that she is being lured to provide her financial institution's credentials on an invalid site via a message she received. Which type of attack is most likely taking place? A IP spoofing B MAC address spoofing C data mining D email spoofing
D (email spoofing)
What is the most common form of identification and authentication? A biometrics B smart cards C two-factor authentication D user identification with reusable password
D (user identification with reusable password)
You are sharing a portable computer with a vendor to work on a legacy application. What should you do to secure this computer from theft? A Use a T-bar locking mechanism. B Implement password protection on the computer. C Enable encrypting file system (EFS). D Enable BitLocker.
A (Use a T-bar locking mechanism.)
What is a smart card? A a hardware device that has an embedded microchip that contains authentication or security information B a technology that measures a human characteristic for authentication C an electronic file that establishes your identity via a public key infrastructure (PKI) to complete transactions D an electronic signature that can be used to prove the sender's identity or a document's signer
A (a hardware device that has an embedded microchip that contains authentication or security information)
Adam is new to networking and is curious about the various terms like MAC address and MAC filtering. What would be the best description to explain to him about the purpose of MAC filtering? A to restrict the clients that can access a wireless network B to restrict the clients that can access a Web site C to provide port authentication for a wireless network D to ensure that unused ports are not accessible by clients
A (to restrict the clients that can access a wireless network)
Which malicious program replicates itself to computers on a network through security loopholes? A worm B boot virus C e-mail virus D trojan horse
A (worm)
A user that has a Windows 7 laptop is frequently away from the office. During that time, he needs access to several files that are on the network. What should you do? A Enable BitLocker. B Enable BitLocker To Go. C Enable offline files. D Create a Windows 7 library.
C (Enable offline files.)
Gaining unauthorized access to the data center by using another user's credentials is an example of which option? A mantrap B turnstile C intrusion D piggybacking
D (piggybacking)
Which technology allows users to freely access all systems to which their account has been granted access after the initial authentication? A DAC B MAC C smart cards D single sign-on E biometric device
D (single sign-on)
Which of the following is NOT a security measure for mobile devices? A passcode locks B patching/updates C anti-virus D login attempt restrictions E geotracking
E (geotracking)
Nicholas reports to the security guards that individuals are following closely when he enters buildings, using his credentials to gain access. He knows that some of them are valid employees but is concerned that not all of the people are. What security breach is he reporting? A tailgating B zero-day attack C zombie D shoulder surfing
A (tailgating)
You are researching biometrics for identification and verification of employees in an organization. Which attributes or details of an employee can be used by biometric devices? (Choose all that apply.) A face B iris C hair D signature E fingerprints F hand geometry
A (face) B (iris) D (signature) E (fingerprints) F (hand geometry)
Spencer has been hired as the systems administrator for a small business and he wants to set up authentication on a network that contains two servers. What is the best way to provide this? A usernames with strong passwords B directory permissions C VPN D access control lists (ACLs)
A (usernames with strong passwords)
Paul is the new security guard at Metroil. He is stationed at the data center where all the valuable data is stored. Entry to the data center is controlled by two doors with a small room between them. Personnel use a smart card to open the first door. During his shift at Metroil, Paul allows access to the data center through the second door once a user has successfully opened the first door. Which type of physical security barrier is being used? A mantrap B key fob C biometrics D ID badges
A (mantrap)
Which type of malicious software infects through the Internet to collect user information, including browsing habits? A spyware B viruses C worms D Trojan horses
A (spyware)
After determining the scope of a user's job, what is the next step in implementing the principle of least privilege? A Determine the minimum set of privileges needed to perform the user's job. B Determine the maximum set of privileges needed to perform the user's job. C Configure the appropriate privileges for the user's account. D Configure the appropriate group memberships for the user's account
A (Determine the minimum set of privileges needed to perform the user's job.)
You have stored critical information about your company in the computers in your server room. You want only authorized people to be allowed entry into the server room. Which method will be MOST effective to maintain the security of the server room? A Employ an access control system on the entrance of the server room. B Employ a security staff at the entry of the server room to check the individuals who enter the server room. C Place a safe lock on the server door and give the key only to the authorized persons. D Position a surveillance camera at the entrance of the server room.
A (Employ an access control system on the entrance of the server room)
You want to define the number of days a password can be used before the user is required to change it. Which password policy should you configure? A Maximum password age B Enforce password history C Minimum password length D Passwords must meet complexity requirements
A (Maximum password age)
When users log in to the network locally, they must provide their username and password. When users log in to the network remotely, they must provide their username, password, and smart card. Which two statements are true regarding your organization's security? (Choose two.) A The local network login uses one-factor authentication. B The local network login uses two-factor authentication. C The remote network login uses three-factor authentication. D The remote network login uses two-factor authentication.
A (The local network login uses one-factor authentication.) D (The remote network login uses two-factor authentication.)
Which malicious software relies on other applications to execute and infect the system? A a virus B a worm C a logic bomb D a Trojan horse
A (a virus)
Your organization is concerned with unauthorized users downloading confidential data to removable media. You decide to encrypt the confidential data using the Encrypting File System (EFS) in Windows XP. You need to copy an EFS-encrypted file. The file will be copied to an NTFS volume that does not implement EFS. What is the state of the file? A The original version of the file is decrypted. The new version of the file is encrypted. B The original version of the file remains encrypted. The new version of the file is encrypted. C The original version of the file remains encrypted. The new version of the file is decrypted. D The original version of the file is decrypted. The new version of the file is decrypted.
C (The original version of the file remains encrypted. The new version of the file is decrypted.)
What is the best description of an evil twin? A an unauthorized access point B signals about the wireless network marked on the outside of a building C an access point with the same SSID as the legitimate access point D cracking the WEP secret key using the initialization vector (IV)
C (an access point with the same SSID as the legitimate access point)
InterConn has decided it wants to implement multi-factor authentication. What is the BEST implementation you should deploy? A usernames, strong passwords, and PIN B smart cards, usernames, and strong passwords C biometrics, smart cards, and strong passwords D smart cards, usernames, and PIN
C (biometrics, smart cards, and strong passwords)
Which password policy setting allows you to configure how many new passwords must be created before an old one can be reused? A password age B password length C password history D password lockout E password complexity
C (password history)
Which activity is covered under the confidentiality objective of the CIA triad and involves examining someone's computer to steal confidential information? A treason B dumpster diving C shoulder surfing D social engineering
C (shoulder surfing)
You want to provide secure access to the research laboratory and ensure that only authorized persons can enter the laboratory. Which system does NOT provide an effective means of ensuring that only authorized persons can enter the server room? A smart card system B swipe card system C single sign-on system D biometric access control system
C (single sign-on system)
Which password policy setting can you configure on a Windows 7 computer to define the number of days that a password must be kept before the user can change it? A the Enforce password history setting B the Maximum password age setting C the Minimum password age setting D the Minimum password length setting
C (the Minimum password age setting)
What is the greatest threat to the security of mobile devices? A excessive permissions B GPS location services C theft D unsecured WiFi
C (theft)
A user asks you to describe how computers are infected with viruses. Which option is NOT usually a way that a virus infection occurs? A through the Internet B through e-mail C through vendor installation CDs D through file sharing
C (through vendor installation CDs)
According to your organization's data backup policy, you must keep track of the number and location of backup versions of the organization's data. What is the main purpose of this activity? A to restrict access to the backup versions B to create an audit trail C to ensure proper disposal of information D to demonstrate due diligence
C (to ensure proper disposal of information)
What is the purpose of a privacy filter? A to filter confidential information that is contained in any network communication B to prevent others from viewing what you are entering on your keyboard C to prevent others from viewing what you have displayed on your monitor D to filter confidential information that is contained in any e-mail
C (to prevent others from viewing what you have displayed on your monitor)
You are providing training on security breaches regarding passwords and encryption. Which attacks below best describes this? A Brute-force attacks B Violations of security best practices C Man-in-the-middle attack D Dictionary attacks
D (Dictionary attacks)