Comptia Security + Chapter 5 System Security Threats

Your manager approaches you and says that she has been reading about the concept of live CDs and how hackers are using them to bypass system security. What would you do to help protect your systems from this type of threat? A. Disable booting from CD/DVD. B. Remove the optical drive. C. Set a strong administrative password. D. Implement an account lockout policy.

A. Disable booting from CD/DVD.

Your manager is worried about employee laptops being stolen in the middle of the day when an employee leaves their desk to get coffee or go to the washroom. What can you do to reduce the likelihood that a passerby will take a laptop left on a desk? A. Use a lockdown cable. B. Encrypt the drive. C. Disable booting from CD/DVD. D. Log off the workstation.

A. Use a lockdown cable.

A user calls you to check out her system because it is performing slowly. You notice not only that the system is performing slowly, but that the virus scan software does not respond when you try to perform a virus scan. Which of the following represents the best action to take next in order to run a virus scan? A. Enable the firewall. B. Boot from DVD/USB. C. Disable the NIC. D. Disable the firewall.

B. Boot from DVD/USB.

Which of the following is considered a valid security issue with network attached storage (NAS) devices? A. The NAS device runs the SMB protocol. B. If the NAS device is not configured properly, a security compromise could compromise all the data on the device. C. The NAS device runs the NFS protocol. D. The NAS device has a web interface for configuration.

B. If the NAS device is not configured properly, a security compromise could compromise all the data on the device.

What type of rootkit replaces an operating system driver file in hopes of hiding itself? A. Library-level B. Kernel-level C. Application-level D. Virtualized

B. Kernel-level

Your sales manager has contacted you to report that she recently misplaced her mobile device that may contain sensitive information. What should you instruct her to do first? A. Request a new one. B. Remotely wipe the device. C. Call the phone and ask to have it returned. D. Disable Bluetooth on the device.

B. Remotely wipe the device.

Which of the following best describes a Trojan virus? A. Malicious software that is triggered by an event such as a specific date B. A virus that disguises itself as a legitimate program but actually opens a port on the system C. Malicious software that monitors your Internet activity D. A virus that self-replicates

B. A virus that disguises itself as a legitimate program but actually opens a port on the system

What is the term for a collection of systems that a hacker compromises and then uses to perform additional attacks? A. CompNet B. HackNet C. Botnet D. SurfNet

C. Botnet

While performing a security assessment, you notice that one of the systems has a small device connected between the keyboard and the computer. What is this device? A. Trojan virus B. Rootkit C. Keylogger D. Logic bomb

C. Keylogger

You are planning your training and awareness seminars. What should you tell employees to do with sensitive documents that are no longer needed? A. Store them in a pile on the right side of the desk. B. Place them in the laptop bag when no longer needed. C. Shred them. D. Place them in the recycle bin for recycling.

C. Shred them.

Your manager has read that it is possible on older Bluetooth-enabled phones for a hacker to retrieve all the data from the phone. What type of attack is this? A. Bluejacking B. Bruteforcing C. Buffersnarfing D. Bluesnarfing

D. Bluesnarfing

Bob installed an application on ten computers in the office over six months ago, and the application worked as expected. On February 12 of this year, the application deleted a number of critical files from the system. What type of virus is this? A. Trojan virus B. Worm virus C. Rootkit D. Logic bomb

D. Logic bomb

A user logs on with a regular user account and then exploits a vulnerability in the operating system to gain administrative access to the system. What type of attack is this? A. Dictionary B. Brute-force C. Buffer overflow D. Privilege escalation

D. Privilege escalation

Your company has a strict policy when it comes to USB thumb drive usage in the office. An employee asks you why he is not allowed to use a thumb drive to carry files from his home computer to his office computer. Which of the following is the best answer? A. Thumb drives do not have the capacity to store the data needed. B. The data on a thumb drive cannot be encrypted. C. Thumb drives are too big to carry from location to location. D. The drive could carry a virus from home to the office.

D. The drive could carry a virus from home to the office.

Identify the command you would use on a Windows system to view all listening ports on the system.

netstat -na