CITBC102 Hardware Technician: Security

Ace your homework & exams now with Quizwiz!

What steps are included in an offboarding process? 2.9

Notifying other teams. Transferring the employee's duties to a replacement. Collecting company equipment. Deleting or revoking access to accounts. Performing exit interviews.

Describes the process followed when ending a relationship with an employee. Includes such things as collecting keys, disabling accounts, and collection assets, such as a laptop computer. 2.9

Offboarding

If you lose a mobile device, how can you find it? 12.6

On a browser, go to android.com/find. Sign in to your Google Account. ... The lost device gets a notification. On the map, you'll get info about where the device is. ... If you get a prompt, tap Enable lock & erase. Select what you want to do:

Describes the process followed when setting up a partnership with a new employee. Includes such things as HR paperwork and setting up a work environment for the employee. 2.9

Onboarding

An action that takes a user to a different site than the user intended to go. 14.11

Redirection

Malware that consists of programs that can give the hacker root (administrator) access to the target machine. 14.7

Rootkit

The process in which users provide credentials to prove their identity. 14.4

Authentication

The process of proving a user's identity. 14.1

Authentication

The process that defines the resources a user can access once authenticated. 14.4

Authorization

What are the functions of the basic input/output system (BIOS)? 3.8

BIOS (basic input/output system) is the program a computer's microprocessor uses to start the computer system after it is powered on. It also manages data flow between the computer's operating system (OS) and attached devices, such as the hard disk, video adapter, keyboard, mouse and printer.

Firmware that controls input and output operations. 3.8

Basic Input Output System

Which Windows default accounts should be disabled? 14.1

Because the Administrator account is known to exist on many versions of the Windows operating system, it's a best practice to disable the Administrator account when possible to make it more difficult for malicious users to gain access to the server or client computer.

A process that uses encryption to protect data sent through a network. 9.3

Data transmission encryption

Hard drive destruction method that purges the entire hard disk all at once by exposing it to an extremely strong magnetic pulse. 14.6

Degaussing

Digital messages such as pop-up notifications that allow the user to respond quickly to high priority messages. 14.11

Desktop alerts

A file or electronic password to identify a user, computer, or an organization. 14.4

Digital certificate

A process that encrypts the entire contents of a hard drive. 9.3

Disk encryption

What are some ways you can remove malware from a system? 14.7

Download and install antivirus software. ... Run a virus scan. ... Delete or quarantine infected files. ... Restart your computer. ... More virus removal options. ... Install the latest macOS update. ... Use a specialized Mac antivirus tool. ... Uninstall suspicious apps.

Which drive destruction methods can be performed only on mechanical hard drives? 14.6

Drilling

A RAM chip that replaced the CMOS chip. 3.8

Electrically erasable programmable read-only memory(EEPROM)

A process that makes digital materials accessible only through authorized decryption software or devices. 9.3

Encryption

A printer that has a network interface card that directly connects it to the network hub or switch. 13.2

Network printer

Malware that provides a hacker covert remote access to the victim's system. 14.7

Trojan horse

A special hardware chip that generates and stores cryptographic keys. 9.3

Trusted Platform Module (TPM)

What features does mobile device management software usually offer? 14.4

Typically, you can view your device inventory, secure devices and data, manage apps and configurations, enforce standardized device policies, and update software remotely. Some solutions even provide identity, access, and expense management.

How do you synchronize data between a mobile device and desktop PC or laptop computer? 12.5

USB cable, use a bluetooth connection or wifi network.

A software interface between the operating system and platform firmware. ___________will eventually replace BIOS. 3.8

Unified Extensible Firmware Interface

How does file encryption differ from disk encryption? 9.3

Unlike full-disk encryption, each file in a disk/drive can be encrypted with a different key. Files that are encrypted using FBE require the key to be decrypted even if the device is unlocked. Encrypted files sent to other devices will stay encrypted till the encryption password/key is entered.

Alerts configured by an app that is of no value to the user. Unwanted notifications typically display a direct link to a site. 14.11

Unwanted notifications

What are two reasons updates are released for an operating system? 8.5

Updating your operating system helps ensure that you have the latest security patch against new malware or viruses. It also gives you access to more advanced security measures available only to newer Windows versions.

What Windows applet is used to manage certificates? 14.4

The Certificates Microsoft Management Console (MMC) snap-in (certmgr. msc)

How does keeping a system up to date increase security? 8.5

The Importance of Keeping Software Up to Date. It's important to keep your software up to date because updates enhance existing features, patch security flaws, add new security features, fix bug issues and improve performance for devices.

What is the print spooler and why is it important? 13.1

The Spooler is a special process that manages access to printers by multiple users. For most users, the function of the Spooler is transparent. They generate a job for a printer and go to the printer to pick up the output. The Spooler permits users to continue working without waiting for a print job to finish printing.

What is the role of a TPM when implementing whole disk encryption? 9.3

The TPM is a cryptographic module that enhances computer security and privacy. Protecting data through encryption and decryption, protecting authentication credentials, and proving which software is running on a system are basic functionalities associated with computer security.

Self-replicating malware that attaches in a legitimate program and hides there. When the program runs, the _______ payload is also executed. 14.7

Virus

A _______that injects itself in the ____________ and moves the Master Boot Record to another location on the hard drive. The virus then always executes before the MBR. 14.7

Boot-sector virus

Policy that allows employees to use their own computers and mobile devices for work purposes. 14.4

Bring Your Own Device (BYOD)

Which methods can you use to recover lost data files? 8.7

Check Your Recycle Bin. Use the Control Panel. Use a Data Recovery Software. Hire a Data Recovery Service.

How is a print server used? 13.2

A print server is a dedicated appliance or central point of software. They help clients/users/devices connect to shared printers and they process or pass through spool files from a client to the printer. When you hit print, the print server accepts the job and pushes it to the appropriate printer

What is the function of a proxy server? What are the ways it can be used to manage network traffic? 14.9

A proxy server is a system or router that provides a gateway between users and the internet. Therefore, it helps prevent cyber attackers from entering a private network. It is a server, referred to as an "intermediary" because it goes between end-users and the web pages they visit online

What can certificate warnings mean for the user on the internet? 14.11

A website's certificate provides identification of the web server. If the certificate has an error, it might indicate that your connection has been intercepted or that the web server is misrepresenting its identity.

How can you prevent unwanted notifications? 14.11

How to Turn Off Push Notifications on Windows 10. Windows enables you to disable push notifications completely, mute them temporarily, or turn them off for specific apps. To reach Windows' notifications settings, open the Start menu, and go to Settings > System > Notifications & Actions.

A mechanism used to manage and enforce user access to resources. 14.4

Access control list (ACL)

What are the advantages of using a recovery disc/partition to recover a system? 8.7

Advantage - You can get clean image like you received first time. Disadvantages - you will lose all of your data.

A symptom of a breach. Altered files or OS settings can mean that the user's system has been accessed for data theft and altered. 14.11

Altered system or files

What is the difference between a hardware and software firewall device? 14.8

An organization may choose to deploy a software-based firewall as well. The main difference between a hardware firewall and a software firewall is that the hardware firewall runs on its own physical device, while a software firewall is installed on another machine.

What is the difference between Bluetooth and Wi-Fi? 13.2

Bluetooth allows for short-range data transfer between devices. As an example, it is commonly employed in headsets for mobile phones, enabling hands-free phone use. Wi-Fi, on the other hand, allows devices to connect to the Internet.

What is biometric authentication? 12.6

Biometric authentication refers to a cybersecurity process that verifies a user's identity using their unique biological traits such as fingerprints, voices, retinas, and facial features. Biometric authentication systems store this information in order to verify a user's identity when that user accesses their account.

What Windows feature should be used to encrypt a volume? 14.1

BitLocker can be used to encrypt the entire contents of a data drive. Group Policy can be used to require BitLocker be enabled on a drive before the computer can write data to the drive. BitLocker can be configured with various unlock methods for data drives, and a data drive supports multiple unlock methods.

How can BitLocker be implemented on Windows systems that don't have a TPM chip on the motherboard? 9.3

BitLocker has the following hardware requirements: For BitLocker to use the system integrity check provided by a TPM, the computer must have TPM 1.2 or later versions. If a computer doesn't have a TPM, saving a startup key on a removable drive, such as a USB flash drive, becomes mandatory when enabling BitLocker.

A volume that contains the boot files. 9.3

BitLocker partition

A wireless technology standard for exchanging data over short distances from fixed and mobile devices and for building personal area networks (PANs). 12.5

Bluetooth

Document that details the method and date of a hard drive's destruction along with the chain of custody. 14.6

Certificate of destruction (COD)

A notification that the site the user is trying to access doesn't have a valid certificate. It may indicate that the site is malicious. 14.11

Certificate warnings

Where are the proxy settings on Windows? 14.9

Click on Start, then click on the gear icon (Settings) at the far left. In the Windows Settings menu, click on Network & Internet. In the left pane, click on Proxy. Here you have all the settings that are related to setting up a proxy in Windows.

What might be common reasons for editing CMOS settings? 3.8

Common reasons for editing the CMOS program are: - To change the boot device order. - To enable or disable motherboard devices. unauthorized access.

A technology for constructing integrated circuits. 3.8

Complementary metal-oxide semiconductor

Malware that uses the victim computer's resources to mine for cryptocurrency on behalf of the hacker. 14.7

Cryptominer

What is the difference between a virus and a Trojan horse? 14.7

Virus is a malicious executable code attached to another executable file which can be harmless or can modify or delete data. Trojan Horse is a form of malware that captures some important information about a computer system or a computer network.

Any data that is not currently being accessed. 14.1

Data at rest

Where do you look for and remove unwanted notifications? 14.11

Google Chrome: Settings > Content > Notifications > Remove [a suspicious link or website you don't want notifications from anymore] Safari: Settings > find the option for reviewing push notifications > remove any you don't want.

The process of converting cleartext, or unencrypted, data into an unreadable format by using a special key and mathematical algorithm. 14.1

Encryption

A printer that uses a network interface card in the computer to attach to an Ethernet router or hub on the network. You can use an Ethernet network for one or more computers and support many printers and systems simultaneously. 13.2

Ethernet printer

Fake notifications usually pertaining to the OS, browser, and application settings. These alerts typically direct the user to take actions that compromise security. 14.11

False alerts

A symmetric encryption key used to both encrypt and decrypt a file. 9.3

File Encryption Key (FEK)

A process that encrypts the contents of an individual file. 9.3

File encryption

A device or software that inspects network traffic based on a set of rules. 14.8

Firewall

What is a firewall and what is its main function? 14.8

Firewalls are network security systems that prevent unauthorized access to a network. It can be a hardware or software unit that filters the incoming and outgoing traffic within a private network, according to a set of rules to spot and prevent cyberattacks. Firewalls are used in enterprise and personal settings.

A hardware authentication device that the user must have possession of to authenticate. 14.4

Hard token

Formatting method that removes the pointers to the data on the drive, but not the data on the drive. The high-level format is the standard format that's done through the operating system tools. 14.6

High-level format

A physical location where you can obtain wireless internet access using a wireless local area network (WLAN) with a router connected to an internet service provider (ISP). 12.5

Hotspot

What is the difference between a forward and a reverse proxy? 14.9

How is a reverse proxy different? A reverse proxy is a server that sits in front of one or more web servers, intercepting requests from clients. This is different from a forward proxy, where the proxy sits in front of the clients.

When should a system image backup be restored in the recovery process? 8.7

If you cant use restore point, automatic repair, or Command prompt then you can restore system from a system image backup

What is the minimum number of characters a password should have? 14.1

In most environments, an eight-character password is recommended because it's long enough to provide adequate security and still short enough for users to easily remember. A minimum password length greater than 14 isn't supported at this time. This value will help provide adequate defense against a brute force attack.

A port on a mobile device that enables devices to exchange data without using cables. 12.5

Infrared port (IR)

A feature that detects intrusion attempts and alerts the system administrator. 14.8

Intrusion detection system (IDS)

A feature that detects intrusions and takes actions to prevent it, including reporting, blocking, or dropping traffic when intrusions occur. 14.8

Intrusion prevention system (IPS)

What functions do the power on self test (POST) process perform? 3.8

It first runs the power-on self-test (POST), which performs basic tests, including verifying the integrity of the BIOS itself, testing the memory, and identifying system devices, among other tasks.

Malware that logs every keystroke the user makes and then sends the report back to the hacker. 14.7

Keylogger

How can a knowledge base provide support for employees? 2.9

Knowledge bases can help employees learn how to use a particular system or where to send an email. It provides employees with quick access to the information they require without any else getting involved, freeing up resources and improving productivity

How are updates applied on Linux and macOS operating systems? 8.5

LInux uses Software Updater and macOS uses the system preferences panel and application software updates are through the App store.

A unique fingerprint for each discovered malware. Anti-malware programs keep a database of definitions to detect and remove malware. 14.7

Malware definitions

A proprietary computer bus and power connector created by Apple Inc. to replace its previous proprietary 30-pin dock connector. 12.5

Lightning

A printer that requires a direct connection to a specific computer. A__________ can be connected by wire, wirelessly, or using Ethernet cable. 13.2

Local printer

A mobile communications standard used by 5G. 12.5

Long-Term Evolution (LTE)

Formatting method that writes new sectors and tracks to the drive and is typically done by the manufacturer when the drive is first assembled. 14.6

Low-level format

Devices that exist on a network to provide certain services for that network. 14.8

Network appliances

What is malware and how do I keep from getting it? 14.7

Malware is short for malicious software. It is any type of software designed to infiltrate or damage a computer system without the owner's informed consent. Trojans, viruses, worms, ransomware, and other threats fall into the category of malware. Good malware protection begins with effective antimalware software.

Which editions of Windows provide BitLocker support? 9.3

Microsoft BitLocker is supported by the following versions of Windows: Windows 10 Enterprise and Pro, Windows 8 and 8.1 Professional and Enterprise, Windows 7 Ultimate and Enterprise, Windows Vista Ultimate and Enterprise, and Windows Server 2008 and later.

How can Windows Defender help me with malware? 14.7

Microsoft Defender's real-time anti-malware protection runs whenever your device is on, keeping an eye out for malicious activity. Microsoft Defender will also run quick scans of your device on a daily basis, in case anything manages to elude the real-time protection.

A VPN that provides mobile devices with secure access to network resources and software applications on their home network. The connection can be wireless or wired. 12.5

Mobile Virtual Private Network (Mobile VPN)

A software tool that implements the policies and procedures used by an organization to maintain security and permissions on mobile devices.

Mobile device management (MDM)

What is the set number of failed login attempts allowed on a mobile device? 12.6

Most mobile devices are configured by default to only allow a set number of failed login attempts, which is usually ten.

Why is it important to not move files encrypted with EFS to a non-NTFS partition? 9.3

Moving an encrypted file to a non-NTFS partition removes the encryption. Files remain encrypted and inaccessible even when the drive is moved to another computer or if another operating system is used. This is because the encryption keys needed to decrypt the file do not exist on these other systems.

What is multifactor authentication? 12.6

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN

A method of authenticating a user that consists of at least two authentication categories. 14.4

Multi-factor authentication

A connector that emulates cryptographic smart card functionalities for RFID tags or memory cards. 12.5

Near Field Communication Connector (NFC)

A symptom that a PC might have a virus or greyware running in the background and taking most of the bandwidth. The virus can infect the browser or an application that communicates with the internet. 14.11

No internet

How do you connect a mobile device to a network? 12.5

Open your device's Settings app. Tap Network & internet. Internet. Tap a listed network. Networks that require a password have a lock icon .

What does an optical character recognition (OCR) scanner do? 13.2

Optical character recognition (OCR) technology is a business solution for automating data extraction from printed or written text from a scanned document or image file and then converting the text into a machine-readable form to be used for data processing like editing or searching.

Which type of device encryption does not encrypt deleted files? 12.6

Partial device encryption. With this method, only the sections of the device's storage that contain files are encrypted.

Establish rules set by an organization to address a particular problem or concern. A ____________explains why action is needed and what action should be taken. 2.9

Policies

What is the difference between policies and procedures? 2.9

Policies are general statements that guide thinking and channel energy toward a particular direction. Procedures are routine steps to carry out activities in an organization. They are needed for achieving objectives. They are needed for implementing policies.

Where is the print queue? 13.1

Press the Windows key . Type print and press Enter select Printers & scanners in the search results. In the Printers & scanners window, find the printer you want to view the queue and click it. Click the Open print queue option

The practice of giving users access to only the resources needed to perform their job. 14.4

Principle of least privilege

The practice of giving users only the resources needed to perform their job. 14.1

Principle of least privilege

The physical, peripheral device connected to a computer that prints the output. 13.1

Print device

The software that the computer uses to communicate with the print device. A ____________ is specific to the printer make and model. Be sure the __________ is up to date. 13.1

Print driver

A space for print jobs that are waiting to be processed by the print device. Each printer has its own __________. 13.1

Print queue

An executable file that runs as a service on Windows to manage the printing process. If you turn off this service, you won't be able to print or see printers. 13.1

Print spooler

The logical entity that is made up of the print device, the print driver, and the print spooler. 13.1

Printer

The connection point for the print device to connect to a computer. Modern printers use USB connectivity and are configured as plug-and-play devices. 13.1

Printer port

Defines a desired outcome and outlines how that desired outcome should be met, who should complete the work, and when it should be completed. 2.9

Procedure

A certain type of device or software that allows or denies network traffic to move across a network based on traffic content. It is often used to shape traffic and act as a firewall. 14.9

Proxy server

Messages that display on web pages to get the user to click embedded links. Typically, they redirect the user to malicious websites. 14.11

Random/frequent pop-ups

Malware that scans the system for user files and encrypts them. To regain access to files, the victim must pay a ransom. 14.7

Ransomware

Why is a rootkit so dangerous to a PC? 14.7

Rootkits can hide keyloggers, which capture your keystrokes without your consent. This makes it easy for cybercriminals to steal your personal information, such as credit card or online banking details. Rootkits can allow hackers to use your computer to launch DDoS attacks or send out spam emails.

A feature that makes it easy to share large volume files on a network. 13.2

Scan-to-folder

What are the steps to configure a printer? 13.1

Select the Start button, then select Settings > Devices > Printers & scanners > Add a printer or scanner. ... Wait for it to find nearby printers, then choose the one you want to use, and select Add device.

What is Server Message Block (SMB) and why is it important? 13.2

Server message block (SMB) is a client/server communication protocol that provides shared access to files, whole directories, and network resources such as printers across a network. It is also used to carry transaction protocols for authenticated interprocess communication.

A printer that connects directly to a computer and is configured as shared on the network. 13.2

Shared printer

What does Windows use to manage and enforce the resources a user is authorized to access? 14.4

Shared resources use access control lists (ACLs) to assign permissions. This enables resource managers to enforce access control in the following ways: Deny access to unauthorized users and groups. Set well-defined limits on the access that is provided to authorized users and groups.

A special computer that is setup for malware analysis and remediation. 14.7

Sheep-dip computer

A digital key used to authenticate a user. 14.4

Soft token

Malware that monitors and logs a user's activity on the device. This includes web browsing, applications, instant messaging, etc. 14.7

Spyware

Provides detailed information for performing complex business activities. 2.9

Standard Operating Procedure(SOP)

Which system recovery methods can you use when you are unable to boot the computer? 8.7

System RestoreStartup RepairCommand PromptSystem Image RecoveryRefresh or Reset This PCRecovery Disc/Partition

A method that connects one device to another. 12.5

Tethering

What is the role of the complementary metal-oxide-semiconductor (CMOS)? How does it differ from the BIOS? 3.8

The BIOS is the program that starts a computer up, and the CMOS is where the BIOS stores the date, time, and system configuration details it needs to start the computer. The BIOS is a small program that controls the computer from the time it powers on until the time the operating system takes over.

Why does CMOS require a battery? 3.8

The CMOS battery is not there to provide power to the computer when it is in operation, it's there to maintain a small amount of power to the CMOS when the computer is powered off and unplugged. The primary function of this is to keep the clock running even when the computer is turned off.

What can be an issue if a user finds that a group policy has changed even though the administrator has not made any adjustments? 14.11

The cause for this problem could be that Group Policy Objects (GPOs) are processed asynchronously, by default. This means that processing occurs while Windows is still working on presenting the logon screen. There are some Group Policy settings that need exclusive access to the computer or user environment.

What are the most common firewall types? 14.8

The most common firewall types based on methods of operation are: Packet-filtering firewalls. Proxy firewalls. NAT firewalls

Which protocols are commonly used to establish a VPN? Which protocol is typically used for web transactions? 9.3

The most common protocols for VPNs are PPTP, L2TP/IPSec, SSTP, and IKEv2. PPTP is the most basic protocol and is very easy to set up. However, it does not offer the strongest security and is not recommended for use with sensitive data. L2TP/IPSec is more secure than PPTP but can be more difficult to set up

What is the concept of giving users only the resources needed to do their job called? 14.1

The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access - or permissions - needed to perform his/her job functions.

Which encryption method encrypts individual files so that only the owner and authorized users can decrypt the file and read it? 9.3

There are several encryption methods that can be used to encrypt individual files, but the one that specifically allows only the owner and authorized users to decrypt and read the file is called Public Key Cryptography or Asymmetric Encryption.

Which formatting method can you perform using the operating system tools? 14.6

There are two types of formatting: high-level and low-level. High-level formatting involves writing the file system to the disk so the data can be organized and understood by software reading from it and writing to it. Low-level formatting is when the tracks and sectors are outlined on the disk.

Which document should you obtain after destroying a hard drive? 14.6

To recover data from a damaged hard drive, you will need to use data recovery software. Such applications include features that specialize in recovering data from a damaged hard drive. Failing this, your next best option is using a data recovery service.

Which protocols are commonly used to encrypt and secure wireless communications? 9.3

WEP, WPA, and WPA2 are Wi-Fi security protocols that secure wireless connections. They keep your data hidden and protect your communications, while blocking hackers from your network. Generally, WPA2 is the best choice, even though it consumes more processing power to protect your network

What determines the keystroke to open a CMOS editor? How can you find this information? 3.8

What determines the keystroke to open a CMOS editor? How can you find this information? The key(s) you press you open the CMOS editor depends on the BIOS manufacturer. The easiest way to find out which key to press is to read the screen as it boots or to consult the motherboard documentation.

How can redirection be dangerous for the user? 14.11

What is an Open Redirect Vulnerability? An Open Redirect Vulnerability entails an attacker manipulating the user and redirecting them from one site to another site

A lightweight version of Windows that boots from the USB drive and is typically used to help deploy Windows in an enterprise environment or for troubleshooting Windows issues. 14.7

Windows Pre-Installation Environment (WinPE)

Which tasks can be completed using Windows Update? 8.5

Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Microsoft product updates. You can use WSUS to fully manage the distribution of updates that are released through Microsoft Update to computers on your network.

A printer that communicates with wireless clients through radio frequency technologies such as Wi-Fi or Bluetooth. Wireless technologies help users to share print resources around an office or building without running cables. 13.2

Wireless printer

What are the three categories authentication methods? 14.4

You can think of a factor as a category of authentication. There are three authentication factors that can be used: something you know, something you have, and something you are. Something you know would be a password, a PIN, or some other personal information.


Related study sets

English Writing Workshop test 2020

View Set

CH 48 Hematological and Oncological Disorders

View Set

Chapter 14: The Organization of International Business

View Set

III. The Practice of Globalization

View Set

Adaptive Immunity (MasteringMicro)

View Set

Chapter 7- Activity Based Costing

View Set

MOOCs, 3D Environment, 3D Printing, & Wearable Technology

View Set