Practice Test D

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following are reasons for using low-tech physical locks to protect your network?

An intruder must be physically present at the site A physical lock cannot be bypassed electronically A locked door cannot be hacked remotely

A technician is configuring virtualization. Which option is a security requirement to prevent malware?

All operating systems should have antivirus software installed

Which of the following statements describe how a key fob works?

The key fob randomly generates an access code with which the user unlocks the door The user logs in to the key fob with a PIN

A new technician has mistakenly assigned both share and NTFS permissions to a folder. When someone accesses the data from a remote computer, what permissions will be the effective permissions?

The more restrictive permissions of the share or the NTFS permissions

If you were severely injured in an accident and unable to go to work, there are other people in your office who might be able to decrypt and gain access to essential files on your computer. Who, among the following people, may not decrypt an EFS file?

The owner of the TPM key

As a member of the IT department, you are trying to educate your users about how to create strong passwords. Of the examples listed below, which would you advise your users is the strongest password?

5d0pP#ki

You are the IT administrator for a small, eight-person office. As a security precaution, you decide to disable dynamic IP addressing and enable static IP addressing. Which of the following solutions would allow you to do this?

Disable DHCP

A user is trying to set up a SOHO wireless router and doesn't want his neighbors to be able to see his wireless network. Which of the following should the user do?

Disable SSID broadcasting

What is the best way to prevent unknown devices from connecting to a SOHO wireless router?

Enable MAC filtering

A tablet mounted in a restaurant for Internet access has multiple web pages open by themselves, and the tablet is running slowly even when playing locally installed games. What should the technician do?

Ensure that anti-malware software is installed and up-to-date

You have tried to enter your authentication information too many times on your Android phone and now you are locked out. Which of the following procedures is the best option to help you regain access to your phone?

Enter your google login information into your phone

If a salesperson has a corporate cell phone that contains customer data, and the company does not want an automatic wipe done on it, what security measure would be the best choice?

Fingerprint lock

Which security measure would be best for a mobile device?

Fingerprint lock

You have just been hired as the system administrator for a small but rapidly growing company and you are reorganizing the company's file and folder access system. You have already organized your users into groups according to their job descriptions and needs. Now you want to give members of the Accounting group permission to access the Accounts Payable folder, but you do not want that group to have access to the Payroll folder. Which of the following is the best way to do this?

Give the Accounting group Allow permission for the Accounts Payable folder Do not give the Accounting group Allow permission for the Payroll folder

Which of the following does social engineering use to bypass or manipulate corporate security policies?

Human Interaction

To control overhead costs, you recommend that your company contract with an Internet data center to lease networking services, virtualization services, and storage space on remote servers. Which of the following technologies would you be using?

IaaS

You want to set up a home office wireless network and you have been advised to use a Wi-Fi analyzer. Which of the following best describe the function of a Wi-Fi analyzer?

Indicates which channels have the least traffic Shows which SSISs are using which channels

Which method is most effective for removed hard drives that will be reused?

Low-level formatting

An authentication method requiring two forms of identification is referred to as which of the following?

Multifactor identification

You have installed a wireless router on your SOHO network and you want to use it as a firewall. You want the router to change all of your network computers' private IP addresses to the router's public address. Which of the following services should you use?

NAT

Which of the following are screen lock settings that can be set on an Android device?

Passcode Inactivity lock

What should an organization require when an outside company provides a service for shredding and disposal of sensitive corporate documents? I

Proof of Incineration

A company is merging with a larger company, and together they are considering authentication options. Which types of servers would be used to authenticate users in a corporate environment?

RADIUS TACACS

Which of the following permissions could you assign to a Windows folder?

Read Write Full Control Modify

Which of the following can be done to prevent unauthorized access to wireless network?

Reduce radio power User proper antenna placement

Which security measure would be good for a mobile device that has sensitive data stored on it and has been stolen?

Remote wipe

A pharmaceutical company allows chemical engineers to take home corporate laptops to do company tasks. The laptops have sensitive corporate information stored on the drives. Which security measure would be best for this situation?

Require the drive contents to be encrypted

Which of the following protocols is used for sending emails from your mobile phone?

SMTP

A friend is installing a home network. You warned your friend that he should change the default SSID settings, but he does not know what an SSID is. What should you tell him?

SSID is an identifier that is broadcast by a wireless network

Which of the following is used to prevent an attack from a malicious user?

Software firewall

A malicious attacker decides that he is going to try to compromise the account of the CEO of a company by calling him up on the phone, pretending to be a vendor, and gaining access to the company's payment information. What type of attack is this?

Spear phishing

Which of the following types of attacks sends a bogus message that appears to come from an internal source requesting confidential information, such as payroll or tax information?

Spear phishing

With which type of network security attack is a man-in-the-middle attack associated?

Spoofing

Which of the following best describes the purpose of TPM?

TPM stores encryption keys

As you are walking down the hall at work, you notice someone loitering around the water fountain. After passing the water fountain, you use your smart card to access a restricted area. As you enter the room, the person at the water fountain catches the door before it closes and enters behind you. What type of security invasion is this?

Tailgating

What is an easy way to tell the difference between an administrative share and a local share?

The administrative share has a dollar sign ($) as the last character in the share name

Which of the following is a true statement that applies to a computer that needs to access Microsoft Active Directory to receive policies and settings?

The computer must be part of a domain

You want to move a folder from one location on a volume to another location on the same volume. What will happen to the permissions of the folder you moved to?

The folder will retain its original permissions

A technician is copying files from an NTFS partition to a FAT32 partition. What happens to the permissions assigned to the files?

They are lost

Which of the following should be used to ensure that a user cannot log in to her computer during non-working hours?

Time-of-day restrictions

All of the company wireless access points have an issue that could lead to a hacker taking control of an access point. Which security solution would be recommended?

Update the firmware on the access points

Which of the following is not a best practice for securing your network?

Use WEP encryption

What do you do with crashed mechanical hard drives that contain sensitive data from a government finance company?

Use a drive overwrite program, drill holes through the platters, and then use a hammer to further destroy the pieces

A malware program that is usually received in email and must be activated before it can begin rewriting computer files with a new code of its own is known as which of the following?

Virus

A new technician has been hired by a company that provides technical services to small businesses. Most businesses want both a wired network and a wireless network. Which of the following wireless security protocols is least secure?

WEP

Which of the following allows a user to easily secure a wireless network and easily connect devices to the wireless network without the need to provide the pass-phrases/keys?

WPS

A DDoS attack has occurred within a corporate environment. The security assessment team has determined that the attack was launched from multiple computers within the company and was aimed at other company computers. Which types of infection are probably on the computers that are launching the attack?

Worms Zombies

Which of the following is best to ensure that only certain devices can communicate on a wireless network?

Using MAC address filtering

A technician is configuring virtualization. Which option is a security requirement?

Any VM should have antivirus software installed

What should an organization require when an outside company provides a service for shredding and disposal of sensitive corporate documents? D

A certification of destruction

A technician is new to working in a large company domain-based environment. A new computer has been delivered, imaged, and added to the domain for a new employee. What should the technician do next?

Add a user account to Active Directory

What is an administrative share?

A share that is automatically created by Microsoft for drive volumes and folders

Which of the following statements describe how a smart card works?

A smart card is credit-card-sized card that may contain a small microprocessor or on an RFID chip A smart card is used to store information

Your network requires the user to enter a username and password, but you are concerned that some of the passwords are too simple and easy to guess. You have decided to require that every user on the network must create a strong password. Which of the following is not a characteristic of a strong password?

A strong password should use at least one token

What is the effect of disabling the SSID broadcast feature?

A wireless network does not automatically display on wireless devices

Which security technology is used to limit the number of users allowed to use a scanner attached to the network?

ACL

Which of the following best describes ACL?

ACL contains a list of permissions for a specific file or folder

Your company has a contract to build a new network for a client, and your supervisor has given you the assignment of creating a domain controller for the Windows network. Which of the following services will the domain controller use to manage user authentication, access rights, and other security policies?

Active Directory

A security guard's desk is below a stairwell and in an area where people can easily access the computer station located there. Which security technique should a technician apply to such a computer?

Authentication on wake-up

Which of the following would be best to authenticate a user?

Biometrics

When selecting an antivirus program, which of the following features will a program of this type probably not include?

Blocking incoming IP addresses

You have just added a firewall to a client's network. Which of the following types of protection would you expect the firewall to provide?

Blocking or allowing incoming traffic from outside the network

A technician is concerned about the potential theft of a laptop that is used in a public area. The laptop has remote data wipe functionality. What can the technician use to secure the laptop against theft?

Cable locks

Which of the following would be the best options for preventing the theft of laptops?

Cable locks Door locks

Which of the following would be used to prevent users from transmitting sensitive information through e-mail to users outside the organization?

DLP

Which of the following best describes DLP?

DLP is a security measure that prevents confidential information from stolen

An attack that uses a list of words, such as those found in a dictionary, to try to crack a password is best described as which of the following?

Dictionary attack

A friend tried to link to a news media site on the Internet and received a message warning him that the site did not have a valid digital certificate. He wasn't sure what that meant, and so he came to you to find out whether the site was safe. Which of the following should you tell him about digital certificates?

Digital certificates are used to verify the identity of the certificate holer

At a local college, students are hired as temporary employees in the summer to re-image devices, wipe drives, clean computers, tidy wiring closets, and perform other IT tasks. They are typically hired during their freshman year and are kept through their senior year. The college security policy says that temporary employees are not allowed to have college IDs past their employment period. How should the person responsible for user accounts handle this situation?

Disable the accounts during non-summer terms

A company has computers that contain sensitive corporate financial data stored on the internal hard drives. These computers are being replaced. Once the data has been backed up, restored onto the new computers' hard drives, and tested, what should the technicians do with the hard drives in the old (replaced) computers?

Drill holes through the platters and then use a hammer to further destroy the pieces

Which technique would most likely be used on a hard drive being removed from a corporate computer that a technician is going to use as a replacement drive for another computer in the future?

Drive wipe

All modern construction in the United States is required to use grounded circuitry, but some older construction might not. As an IT technician, you should be able to tell whether an outlet is grounded. Grounded electrical outlets have which of the following characteristics?

Grounded outlets are designed for three-pronged plugs

You are an IT technician for a large domain network. The company has just hired a new employee, and you have been asked to set up a user account for him and to give him permission to access certain shared resources on the network. You have created the new user account. Which of the following utilities should you use to give him access to the shared resources that he will need to do his job?

Group policy

Which of the following would be useful for preventing tailgating?

Mantrap

What mobile technology is used to display a map showing where a car is currently located in order to find a stolen mobile device in the car?

Locator app

You plan to filter the MAC addresses of computers on your network to enhance your network's security. Which of the following best describes MAC filtering on your network?

MAC filtering allows only computers with specific hardware addresses to gain access to the network

Entry into a secure area of your company's research department is controlled by a series of two locked doors connected by a short hallway and monitored by security personnel. This type of security feature best describes which of the following?

Mantrap

By default, new folders inherit permissions from their parent folder. Which of the following locations would you use to change the settings to prevent inheritance?

Open the properties of the folder, Security tab, Advanced button

A user needs to access resources from the main office while at home while also ensuring that the traffic is protected. Which of the following should the user use?

VPN

Which of the following authentication combinations can be used to provide a multifactor authentication solution?

Password/smart card

Which security tool would help prevent a zero-day attack?

Patch management

As a security precaution, you recommend that all the users on your network set a screensaver password on their Windows workstations. Which of the following locations should you tell them to access to do this?

Personalization

You have received an email alert from your bank warning you that your bank account has been hacked and that the bank must change your account number immediately. Before they can do this, however, they must have confirmation that you really are the proper owner of the account, and they ask you to confirm ownership by sending them your social security number. This is a bogus message in an attempt to get personal information. What specific type of attack is this?

Phishing

What is the most secure way for a technician to get rid of personal data on several hard drives that were removed from employee computers and are no longer wanted?

Physical destruction

You want to configure inbound traffic entering your SOHO network on specific UDP ports to be channeled to a specific IP address. Which of the following terms best describes this process?

Port mapping

Which of the following describes the difference between a power user and a standard user, using default settings, in Windows Vista, 7, 8/8.1?

Power users have the same rights and permissions as standard users

Which security technique would most likely be needed for a nosy admin assistant who happens to wander by when you are logging into your computer?

Privacy screen

Which of the following describes RFID technology?

RFID uses radio waves for authentication

Which method does a hacker use to quickly find a password by comparing hash values used to encrypt the password?

Rainbow table

A user boots up her computer, and instead of seeing a login screen, she sees a screen that says "This computer has been infected with a virus. To purchase the removal software for $35 please input your credit card information below." No matter what the user tries, she can't get away from this screen. Which of the following is this an example of?

Ransomware

What term is associated with a compromised mobile operating system?

Rooting

Which security technique makes it possible to use one username and password to access multiple corporate applications and resources?

SSO

As a security precaution, you decide to set a screensaver password on your OS X computer. You use the Desktop & Screen Saver utility to set the screensaver. Which of the following locations would allow you to set the password?

Security and Privacy

Which of the following locations would you access to configure the file and folder permissions on a Windows NTFS computer?

Security tab of the file or folder's properties pages

What is the difference between Windows share permissions and NTFS permissions?

Share permissions have fewer options than NTFS permissions

An employee who wants to be a technician stands behind a network administrator and watches the administrator type the server password. Later, the employee uses the password to gain access to the server and create a secret administrator account. What specific security threat is this?

Shoulder surfing

Which of the following terms refers to a hacker who tries to look over the shoulder of a user to view a password as it is being typed or sensitive documents on a desk or computer screen?

Shoulder surfing

Which type of security measure would be applied to sensitive corporate documents?

Shredding

Many of your company's employees bring their personal mobile devices to work and connect to the corporate network. Your supervisor has asked you to research the security problem that this practice presents and to make recommendations for establishing a corporate policy. Which of the following should you recommend implementing?

Specify approved devices and operating systems Require passwords and lock screens Use data and device encryption

Malware that records information about web searches and other activities and forwards that information to remote computers is known as which of the following?

Spyware

What security features would help a department store that has experienced security breaches resulting in leaked user passwords?

User training Multifactor authentication

A small company that provides background checks for the government wants a secure wireless network for the company employees and wants to use authentication when someone using an all-in-one desktop computer accesses or inputs information stored on cloud servers. Which protocol and authentication method would be best for this company that does not have any authentication servers?

WPA2 Multifactor

When choosing an encryption method for your wireless network, you want to ensure that you select the strongest one possible that will meet your needs. You decide to use WPA2 because you believe it uses the strongest encryption algorithms. Which of the following are characteristics of WPA2?

WPA2 supports RADIUS servers WPA2 uses AES

Which of the following is a piece of malicious software that is self-replicating and self-propagating?

Worm

You have a homework assignment named TermPaper.docx, which is located inside a folder called English. Your computer's name is My Computer, your user name is Jamie, the Documents folder is used for your documents, and all your homework assignments are in a folder called Homework. Using the Universal Naming Convention, how would you write the path to this document?

\\MyComputer\Jamie\Documents\Homework\English\TermPaper.docx


Set pelajaran terkait

GRE Vocabulary Cartoons: K Words

View Set

Strategi - industri, branche og marked

View Set

BIBL 104 Quiz 3 Liberty University

View Set

Christ and the Everlasting Gospel Midterm 1

View Set