Lesson 17: Secure Web Browsing
You want to use a website that hosts training modules in a custom media format. What type of add-on would you need to install to play this media? A. A Plug-in B. An Extension C. A Theme D. A Cookie
A. A Plug-in You would need to install a type of browser add-on called a plug-in. Plug-ins should be restricted to interacting with the media object on the web page. Browser extensions add functionality to the browser by doing things like installing toolbars or changing menu options. Themes are used primarily to change the appearance of your browser. You can personalize the look of the browser by selecting custom images and color schemes. Cookies are not added to the browser, they're created by web pages and stored on your hard drive.
If you use an open network, what email configuration setting should you configure? A. Enable Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption to protect the account password B. Enable anti-malware software to protect from viruses C. Disable active content types like flash and Java to protect the web browser D. Enable a script blocker to prevent scripts from running
A. Enable Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption to protect the account password When using an open network, any data that you transmit could be intercepted by anyone else connected to the network and the person who owns it. To protect an email account password, enable Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption. Anti-malware is an important defense mechanism for protecting a computer; however, it is not a configuration setting for email. Active content types may be risky when browsing the Internet; however, disabling flash and Java is part of a web browser configuration and not an email configuration. A script blocker can prevent all scripts, good and bad, from running within a web browser. A script blocker is an add-on, not an email configuration setting.
Select the one UNTRUE statement in regard to cookies. A. A cookie is a plain text file created by a website you've visited and stored on your hard drive. B. It's not legal for a web site to store cookies on your computer. C. Cookies may contain more information about you than you are aware of. D. Spyware and adware may extract data from your cookies to track your computer use.
B. It's not legal for a web site to store cookies on your computer. Although it is legal for web sites to store cookies on your computer, you can sometimes configure browser settings to limit the personal information they collect and store. Web sites you visit may use a cookie (a simple text file) to record information you key into forms, track how often you visit a site, and so on. Some types of Personally Identifiable Information (PII) can be used to identify you personally, where you live and what you do. Sites should generally publish a privacy policy to let you know what data is being collected and shared. Cookies can't spread malware, but they are a great source of information for spyware and adware.
Select the one UNTRUE statement in regard to browser pop-up windows. A. Pop-up windows are usually designed to be helpful to the user. B. Pop-up windows are always a sign of viruses. C. Pop-up windows are implemented using scripts or add-ons. D. Pop-up windows can be controlled using browser settings.
B. Pop-up windows are always a sign of viruses Aggressive use of pop-up windows can be associated with adware and spyware, but not necessarily with a virus. Most pop-up windows are used to provide help or instructions about using a form or a field; but, they are also sometimes used for advertisements. Scripts and add-ons are sometimes run to create a pop-up in response to clicking a link. Browser setting can be used to help control both cookies and pop-ups. However, it's important to note that some applications require pop-up windows, and will not work if pop-ups are turned off in the browser setting.
You want to restrict access to a computer on your network to a single internet host running a particular application. What two things do you need to configure in your firewall's access control list? A. The SSID and the IP address B. The IP address of the host and the port number of the application C. The SSID and the application name D. The IP address of the host and the application name
B. The IP address of the host and the port number of the application On a TCP/IP network, each host is identified by an IP address, while each application protocol (HTTP, FTP, SMTP, and so on) is identified by a port number. Packet filters on a firewall can be applied to IP addresses and port numbers. The IP address can identify the host throughout the entire network; whereas, and SSID is a local identification code. Restricting access to a host running a particular application would require the identification of the application; however, an application name would not be recognizable by the firewall. The firewall access control list requires the IP address and port number.
You are using a computer in an Internet cafe. What should you do at the end of the session? A. Log out of all applications you've been using. B. Log off the computer you're using. C. Power off the computer. D. Clear the browser cache.
Clear the browser cache. Had you started using the browser in private browsing mode, no cookies would have been saved. Clearing the browser cache, however, will clear any cookies saved, so your personal data will not be available to the next user of that computer. Logging off the computer will prevent access to some of the apps you were using, but will not eliminate cookies. Powering off the computer may eliminate some cookies, but some may remain. Logging out of all applications will protect those applications from someone else using them, but cookies will still be on that computer for possible access by the next user.
What identifies a website as using the secure HTTPS protocol with a valid certificate? A. The URL shows the "http://" protocol and the browser shows a padlock icon. B. The website has a recent copyright date. C. Check the Better Business Bureau. D. The URL shows the "https://" protocol and the browser shows a padlock icon.
D. The URL shows the "https://" protocol and the browser shows a padlock icon. The URL shows the "https://" protocol and the browser shows a padlock icon. For sites that have passed special validation regimes, the address bar will be shown in green. If a site uses https but the certificate is not trusted by the browser, an alert is displayed. A copyright date gives some idea how long the company has been in business. Although the Better Business Bureau may have statistics about the company's finances and behavior, the security of their website wouldn't be an issue unless some unethical or illegal activity has been reported. The "http://" protocol allows web pages without security certificates to display in the browser.
You have installed a screensaver application. Later, after updating your anti-virus software, a malicious program is found. This appears to have infected your system at the same time as the screensaver was installed. What class of malware is this? A. Spyware B. Virus C. Adware D. Trojan Horse
D. Trojan Horse
