Ch. 16

Which of the following would be a reason to outsource hard drive destruction? Against the law to do it internally Availability of low-level formatting Required COD Cost of special equipment

Cost of special equipment

Which type of DoS attack exhausts the target's resources by overloading a specific program or service? Application layer Distributed Protocol Amplification

Application layer

Which of the following processes is used to prove a user's identity? Authorization Authentication Logical security Certificate Manager

Authentication

Which of the following is an example of a soft token? Smart card USB security device Authentication app Key fob

Authentication app

Which Windows feature can you use to encrypt a hard drive volume? EFS BitLocker to Go BitLocker NTFS

BitLocker

Which of the following can be paired with a motion sensor to improve security? Cable lock Magnetometer Door lock Lights

Lights

What do you call a system that has no anti-malware or firewall installed? End-of-life Compliant Unpatched Unprotected

Unprotected

In network security, the _____ specifies which users, devices, or programs have access to a particular resource, such as a printer, folder, or file on a corporate network or computer. access control list user account directory entry control roster user privilege registry

access control list

Many online accounts, such as Amazon, Facebook, and Google, use _____ apps that are installed on a mobile device to generate a synchronized counter or number for verification in 2FA. approver authenticator appraiser authorizer

authenticator

The best security involves multiple layers of defense, which are collectively called _____. control layers strategic planning stratigraphic security defense in depth

defense in depth

What uses a small, encrypted file, a public key, and a certificate authority to identify and authenticate the source, such as person, organization, or computer, is legitimate when sending electronic data over the network? (Choose all that apply). digital certificate digital ID digital ledger digital signature

digital signature digital ID digital certificate

Most laptops now days have a security slot on the case to connect the cable lock known as _____. StarTech Security Anchor Kensington Security Slot Multplx J-Plug Anchor Maclock Slot Adapter

Kensington Security Slot

Which of the following door locks provides authentication to a specific lock over a Bluetooth connection? Key fob Smart card Standard lock Biometric

Key fob

What is the first thing you should do when upon discovery that a computer is infected with malware? Quarantine the computer. Unplug the computer. Push the power button. Update antimalware.

Quarantine the computer.

Port locks are reusable, but the wire loop seal can be used only once. True False

True

What is the ultimate in physical security consisting of two doors on either end of a small entryway where the first must close and lock before the second can open? (Choose two.) mantrap paternoster turnstile access control vestibule

mantrap access control vestibule

A ____ is embedded into a computer case with identifying information and used to identity the owner in the event it may become lost or stolen. tectonic plate theft-prevention plate melamine plate license plate

theft-prevention plate

According to the textbook, how many steps are there for remediating a malware infection? 8 5 6 7

7

Which of the following does Windows use to manage and enforce what a user is authorized to access? Access control list Multi-factor authentication Certificate Manager Soft token

Access control list

Which of the following is NOT included among the cybersecurity measures are generally known as AAA? Authenticating Authorizing Accessing Accounting

Accessing

Which of the following is an important aspect of evidence gathering in response to a security incident? Purge transaction logs. Monitor user access to compromised systems. Back up all log files and audit trails. Restore damaged data from backup media.

Back up all log files and audit trails.

_____ are strong metal posts positioned to prevent vehicles from ramming into the entrance of a building. Bastions Shredders Bollards Stingers

Bollards

A public library has purchased new laptop computers to replace their older desktop computers and is concerned that they are vulnerable to theft. Which of the following laptop features should they use to physically secure the new laptops? A multi-factor password policy Biometric authentication An external encryption device Cable locks

Cable locks

Which hard drive destruction method uses a strong magnetic pulse to destroy data? Degaussing Incineration Drilling Disk shredder

Degaussing

According to the textbook, all are well-known trusted CAs currently in use that you can obtain a digital certificate and install it on your computing device EXCEPT which one? VeriSign GlobalSign Let's Encrypt DigiNotar

DigiNotar

When Ann started her new IT job, her training included reading through the company's intranet website AUP pages. This morning she saw a Bob, a coworker, potentially violating a policy. What should Ann do next? Forget about it. Tell senior coworker and ask for advice. Discuss the incident with her immediate supervisor. Confront Bob and remind him about the AUP.

Discuss the incident with her immediate supervisor.

_____ attacks typically involve a botnet with numerous zombies. Dictionary Brute Force Distributed Denial-of-Service Denial-of-Service

Distributed Denial-of-Service

A technician was able to stop a security attack on a user's computer. Which of the following actions should be performed FIRST when conducting the subsequent forensic investigation? Stop all running processes. Document what is on the screen. Remove the hard drive. Turn off the system.

Document what is on the screen.

Which of the following hard drive destruction methods only works with mechanical hard drives? Low-level format Incineration Disk shredder Drilling

Drilling

What is activity is the most important for preserving the integrity of admissible evidence? Go through the proper channels. File an incident report. Ensure the chain of custody. Perform first response duties.

Ensure the chain of custody.

You have been hired to help assess the security of your client's organization. During your assessment, you have found a rogue wireless access point that is configured to look identical to the legitimate wireless network. Which of the following attacks was MOST likely being carried out? Session hijacking HTTPS spoofing Evil twin attack DNS spoofing

Evil twin attack

You are establishing a new security policy for user authentication and want to implement multi-factor authentication. Which of the following would BEST accomplish this? Fingerprint and iris scan Fingerprint and one-time code text message Smart card and one-time code text message Username and password

Fingerprint and one-time code text message

You have accepted a position working in a local hospital's IT department. Which of the following government regulations would be the most important for the hospital to be in compliance with? PCI DSS GDPR HIPAA FERPA

HIPAA

Which of the following are examples of a strong password? (Select two.) NewYorkCity I love the Linux P3ngu!n Tux Morganstern skippy il0ve2EatIceCr3am!

I love the Linux P3ngu!n Tux il0ve2EatIceCr3am!

A malicious person calls an employee from a cell phone. She tells the employee that she is the vice president over the accounting department in the employee's company. She relates that she has forgotten her password and demands that the employee give her his password so that she can access the reports she needs for an upcoming presentation. She threatens to fire the employee if he does not comply. Which of the following BEST describes the type of attack that just occurred? Impersonation Tailgating Eavesdropping Phishing

Impersonation

Which of the following hard drive destruction methods runs the risk of releasing toxic by-products? Degaussing Shredding Incineration Drilling

Incineration

Which of the following should you perform when disposing of a computer? Low-level format of the hard drive. Document the Chain of Custody. Run the motherboard through a shredder. Lock the hard drive in storage.

Low-level format of the hard drive.

Which formatting method is done by the manufacturer to write new sectors and tracks to a hard drive? Deep format Low-level formatting High-level formatting Full format

Low-level formatting

Which of the following should be installed inside the entrance to the building to prevent weapons or unauthorized equipment being brought into the building? Magnetometer Access control vestibule Cable lock Badge reader

Magnetometer

Which of the following types of regulated data is protected by HIPAA? PCI PHI PII GDPR

PHI

Which of the following authentication combinations is an example of multi-factor authentication? Fingerprint and retinal scan Username and password Smart card and one-time code PIN and authentication app

PIN and authentication app

Which of the following is an example of 2FA? facial recognition app and fingerprint reader ID badge and key fob password and username PIN and smart card

PIN and smart card

How do you get rid of a rootkit? Perform a clean install. Flash the BIOS. Stop it with task manager. Run a desktop antivirus scan.

Perform a clean install.

Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through emails or websites that impersonate an online entity that the victim trusts, such as a financial institution or well-known e-commerce site? Phishing Evil twin attack Impersonation Social engineering

Phishing

During an airline flight, a laptop user makes last-minute changes to a presentation that contains sensitive company information. Which of the following would make it difficult for other passengers to view this information on the laptop display? Mantrap Privacy filter Cable lock Smart card

Privacy filter

Which of the following scans are available in Microsoft Defender Antivirus? (Choose all that apply.) Quick Microsoft Defender Offline Custom Full

Quick Microsoft Defender Offline Custom Full

You are assisting the security administrator and discover that a user was logged in to their workstation after hours. After further investigation, you discover that the user's account was compromised, and someone used the account to steal sensitive data. Which of the following could have BEST prevented this from happening? Restrict the user's login times to work hours only. Implement a password reset policy. Require a stronger password. Implement a screen saver lock.

Restrict the user's login times to work hours only.

Which of the following is an example of personal, government-issued information? Healthcare records Credit score Student records Social security number

Social security number

A security incident is currently occurring on your company's network. You discover that the attack involves a computer system that is attached to the network. You are unsure what kind of damage is being done to the network systems or data. Which of the following actions should you take FIRST? Examine the active computer system to analyze the live network connection, memory contents, and running programs. Stop the attack and contain the damage by disconnecting the system from the network. Determine whether you have the expertise to conduct an investigation or whether you need to call in additional help. Document and photograph the entire crime scene, including the current state of the attached computer system.

Stop the attack and contain the damage by disconnecting the system from the network.

Why disable System Protection in Windows during an antimalware scan? (Choose two.) System Protection prevents antimalware from cleaning the System Volume Information folder. The PC can boot into Safe Mode and use System Restore to apply a restore point prior to the infection. System Volume Information folder contains an infected restore point that reinstalls malware. The restore point removes startup entries used by malware and allows antimalware to run on desktop.

System Protection prevents antimalware from cleaning the System Volume Information folder. System Volume Information folder contains an infected restore point that reinstalls malware.

Which of the following BEST describes authorization? The policy of allowing employees to use their own devices for work purposes. The resources that a user can access. The process of verifying a user's identity. The process of giving users access to only the resources they need.

The resources that a user can access.

Which database encryption method can you use to encrypt data at rest? Column-level encryption Trusted Platform Module Application-level encryption Transparent data encryption

Transparent data encryption

A _____ often embeds itself within legitimate software downloaded from websites or opening email attachments. zombie Trojan evil twin rainbow table

Trojan

A virus replicates by attaching to an executable program while a worm copies itself over a network without a host. True False

True

You have five salespeople who work out of your office and who frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection method to address your concerns? Require strong passwords in the Local Security Policy. Implement screen saver passwords. Use cable locks to chain the laptops to the desks. Encrypt all company data on the hard drives.

Use cable locks to chain the laptops to the desks.

Which of the following attacks exploits a vulnerability in software that has not been discovered by the developer? Zero-day attack Insider threat Brute force attack XSS attack

Zero-day attack

Using low-voltage electricity detect an interruption in flow or motion, _____ are generally installed on doors, windows, motion sensors, smoke, and carbon monoxide detectors to alert security personnel of incidents that may require immediate attention. microelectromechanical systems fluxgate magnetometers alarm systems superconducting interference devices

alarm systems

A security guards are generally required to maintain _____, which is a list of people allowed into the restricted area and a log of any approved visitors. a badge reader an incident report an entry control roster a daily log

an entry control roster

To remove _____, run antivirus software in the preinstallation environment before the OS launches. ransomware boot sector virus rootkit zero-day

boot sector virus

Which of the following attacks are aimed at compromising users' passwords? (Choose all that apply.) brute force zero-day rainbow table dictionary

brute force rainbow table dictionary

To what kind of attacks are web applications the most vulnerable? (Choose two.) cross-site scripting noncompliant systems social engineering SQL injection

cross-site scripting SQL injection

Which technique best ensures data on HDD are permanently destroyed? degausser overwriting incineration shredder

incineration

Which is the following is a prime example of spyware? botnet crypto miner rootkit keylogger

keylogger

Which kind of attack does an evil twin exploit? (Choose two.) on-path distributed denial-of-service zero-day man-in-the-middle

on-path man-in-the-middle

Which licenses apply to activated product keys for Windows 10/11 which are controlled by Microsoft's digital rights management? (Choose two.) personal use commercial use copyleft permissive

personal use commercial use

In terms of computer security, what is viewing users' screens from behind without their consent to get confidential information? piggybacking tailgating pretexting shoulder surfing

shoulder surfing

Many organizations routinely offer security awareness training to guard against _____, which tricks people into giving private information or installing malware on a computer network. vulnerability assessment social engineering ethical hacking penetration testing

social engineering

In cybersecurity, malware is a general term that combines the words "malicious" and "_____" as a portmanteau for any unwanted program that is intended for harm and is transmitted to your computer without your knowledge. middleware hardware software firmware

software

Before temporarily leaving workstation, use Windows + L keyboard shortcut to lock your PC and prevent someone from _____ your Windows session. vishing tailgating phishing spoofing

tailgating

While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following security measures would you MOST likely implement to keep this from happening in the future? Door locks with card readers Lo-jack recovery service Cable locks Access control vestibule

Access control vestibule

How does a zero-day attack usually happen? (Choose two.) Attacker launches a denial-of-service attack and use cryptojacking to compromise the system. Attacker exploits a software flaw unknown to the developer. Attacker launches distributed denial-of-service and installs blockchain software. Attacker exploits a software vulnerability before the patch is released.

Attacker exploits a software flaw unknown to the developer. Attacker exploits a software vulnerability before the patch is released.

What should be created when you destroy a hard drive? Outsourcing Record Record of Format Certificate of Destruction Chain of Custody

Certificate of Destruction

Which of the following identifies who had possession of a hard drive and for how long before it was actually destroyed? Record of Format Chain of Custody Certificate of Destruction Outsourcing Record

Chain of Custody

As part of the response to a security incident on your company network, you have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up to the time of presentation in court. Which document have been asked to draft? Rules of evidence FIPS-140 Chain of custody CPS (Certificate Practice Statement)

Chain of custody

Which of the following is the best defense against a ransomware attack on Windows computers? Single data layer file backups Direct attached storage backups Explorer accessible file backups Cloud backup services online

Cloud backup services online

Long used in U.S. Department of Defense for identity and access, a _____ is smart card that relies on mutual authentication of the agency with its personnel's information, including names, digital signatures, biometric data, photographs, birthdates, and medical records. U.S. Passport Card Social Security Card State-Issued Identification Card Common Access Card

Common Access Card

One of the Windows workstations you manage has three user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Which of the following would MOST likely increase this system's security? (Select two.) Assign each user a simple password so that they won't be tempted to write it down. Disable Autorun on the system. Enable the Guest account. Change the two Limited user accounts to Restricted users. Set a screen saver password.

Disable Autorun on the system. Set a screen saver password.

One of the Windows workstations you manage has four user accounts defined on it. Two of the users are Limited users, while the third (your account) is an Administrative user. The fourth account is the Guest user account, which has been enabled to allow management employees convenient workstation access. Each Limited and Administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Autorun has also been disabled on the system. Which of the following actions is MOST likely to increase this system's security? Disable the Guest account. Enable Autorun on the system. Change your user account to a Limited user. Change the two Limited user accounts to Administrative users.

Disable the Guest account.

At company headquarters, several employees are having issues with their Wi-Fi access suddenly dropping and then reconnecting to the same wireless network. You decide to investigate and determine that someone has set up a rogue access point near company headquarters and is using it to capture sensitive data from the company network. Which type of social engineering attack is being used? Eavesdropping Phishing Evil twin Impersonation

Evil twin

As the principal of a private school, you have discovered that an office assistant has shared a student's home address with an unauthorized individual. Which of the following regulations is your school in violation of? SOX HIPAA FERPA CCPA

FERPA

In MFA, the confirmation code sent to your smartphone using SMS is encrypted and secure. True False

False

Which of the following statements is true regarding hard tokens? Hard tokens are inexpensive to implement. Hard tokens provide a higher level of security. Hard tokens are easy to replace if they are lost or stolen. Hard tokens provide protection even if they are lost or stolen.

Hard tokens provide a higher level of security.

Which formatting method leaves data on a drive in a state that can be recovered using special software? Full format Low-level formatting High-level formatting Deep format

High-level formatting

You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Security cameras are installed on all buildings. The parking lot has light poles installed in all areas. Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Upgrade the light poles to LED lights. Install barbed wire on the fence. Upgrade the security cameras to a better quality option. Install bollards.

Install bollards.

You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: All pieces of equipment have cable locks installed. Server racks are locked and have alarms. The WAP for the guest Wi-Fi is located on the receptionist's desk. Biometric locks are installed on high security rooms. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Install biometric locks on the server racks. Install the WAP on the ceiling or inside of a special locked box. Replace the biometric locks with standard locks. Upgrade the equipment cable locks.

Install the WAP on the ceiling or inside of a special locked box.

Which of the following must be included in a hard drive's Certificate of Destruction? Cost of destruction Name of security administrator Method of destruction Location of destruction

Method of destruction

Which of the following should you implement to monitor and manage the risks of a BYOD policy? Security management Mobile application management Bring Your Own Device Mobile device management

Mobile device management

Your company has recently implemented a BYOD policy. To protect the network, users must install an app on their devices that allows the security administrator to enforce the security policies. Which of the following is this an example of? Access control list Certificate Manager Mobile device management Soft token

Mobile device management

You are working at the local hospital in the IT department. You have just received a promotion to junior network technician. Part of your new role involves troubleshooting network communication issues. Which of the following user groups should your account be added to? Administrator Cryptographic Operator Network Configuration Operator Remote Desktop Users

Network Configuration Operator

Which of the following are risks of implementing a BYOD policy? (Select three.) Employee satisfaction Work flexibility Number of different devices Improper disposal Increased productivity Lower costs Data leakage

Number of different devices Improper disposal Data leakage

You have been hired to evaluate your client's building security. In your walkthrough, you notice the following:A high fence is installed around the property.Visitors are able to enter the building and are checked in by a receptionist.Security cameras are installed on all buildings.Server racks are locked and have alarms. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Install biometric locks on all server racks. Place a security guard at the entrance gate with an access list to control who comes on the property. Install barbed wire around the top of the fence. Upgrade the security cameras.

Place a security guard at the entrance gate with an access list to control who comes on the property.

In cybersecurity, the ____ is giving users only those privileges necessary to complete their tasks. Principle of Least Action Principle of Least Privilege Principle of Charity Principle of Parsimony

Principle of Least Privilege

A technician assists Joe, an employee in the sales department who needs access to the client database, by granting him Administrator privileges. Later, Joe discovers that he has access to the salaries in the payroll database. Which of the following security practices was violated? Principle of least privilege Strong password policy Multi-factor authentication Entry control roster

Principle of least privilege

You have been hired to assess a client's security. During your testing, you discover that users have access to other departments' files. Which of the following should you recommend that the company implement? Certificate Manager Mobile device management Bring Your Own Device Principle of least privilege

Principle of least privilege

A boot sector virus has infected Bob's PC? Ann, a technician, is tasked with remediating the system. What should she do first? Perform a clean installation of the OS. Boot the system in Safe Mode with Networking. Run a Microsoft Defender Offline scan. Do a full scan using Microsoft Defender Antivirus.

Run a Microsoft Defender Offline scan.

You have been hired to investigate a recent cybersecurity attack. You have discovered that the attacker was able to send commands to the server using the login fields and steal user credentials from the database. Which of the following attacks was your client MOST likely the victim of? SQL injection On-path Cross-site scripting Brute force

SQL injection

You work for a company that offers their services through the internet. It is critical that your website performs well. As a member of the IT technician staff, you receive a call from a fellow employee who informs you that customers are complaining that they can't access your website. After doing a little research, you have determined that you are a victim of a denial-of-service attack. As a first responder, which of the following is the next step you need to perform in response to the security incident? Eradicate the issue. Investigate how the attack occurred. Identify the issue further. Secure the affected system.

Secure the affected system.

A security technician is conducting a forensic analysis. Which of the following actions is MOST likely to destroy critical evidence? Shutting down the system Restricting physical access to the system Disconnecting the system from the network Copying the contents of memory to removable media

Shutting down the system

You are working as a junior network technician at the local hospital. The security administrator has just finished rolling out a new security policy that requires users to log in to workstations using a fingerprint scanner. Which authentication category does this fall under? Something you know Soft token Something you are Something you have

Something you are

Which authentication category does a username and password fall under? Something you have Something you are Soft token Something you know

Something you know

_____ is a hoax that imitates a website or email message to steal credentials. Spear phishing Whaling Spoofing Dumpster diving

Spoofing

You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to a locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. Network jacks are provided in the reception area so that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time. Which of the following recommendations are you MOST likely to make to this organization to increase their security? (Select two.) Replace the biometric locks with smart cards. Train the receptionist to keep their iPad in a locked drawer when not in use. Move the receptionist's desk to the secured area. Disable the network jacks in the reception area. Require users to use screen saver passwords.

Train the receptionist to keep their iPad in a locked drawer when not in use. Disable the network jacks in the reception area.

Which of the following is a common symptom of an expired or revoked root certificate? Windows system files are hidden. Windows performs slowly. Windows cannot open a website and displays an error. Windows Security alerts pop up.

Windows cannot open a website and displays an error.

Which of the following is a soft token? authenticator app dongle key smart card

authenticator app

Corporations typically use _____ software to filter employee email through proxy servers to protect information from being exposed or stolen. data loss detection data loss prevention data loss identification data loss protection

data loss prevention

For highly secure IT networks upon sign in, users must prove they have their _____ with them by entering a number which changes every 60 seconds and is synchronized with the network authentication service. private key keychain key card key fob

key fob

What is a type of identity theft in which the sender of an email hoax scams you into responding with personal data about yourself? phishing spoofing vishing smishing

phishing

The first line of defense to protect valuable data and property is to secure the building using physical barriers such as a high wire-mesh _____ installed in concrete footings with a secure gate. sally port security fence mantrap access control vestibule

security fence

A _____ system is a network of IP cameras with pan, tilt, and zoom functions, as well as motion sensors, which are placed in strategic locations for monitoring activity and alerting security personnel. general data protection intrusion detection video surveillance intrusion prevention

video surveillance