System Security Quizzes
Which of the following describes a logic bomb?
A program that performs a malicious activity at a specific time or after a triggering event.
Which of the following is an example of an internal threat?
A user accidentally deletes the new product designs.
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?
Add a separate A/C unit in the server room.
A computer or small network that is not connected to the rest of the network or the internet is known as:
Air gap
Which of the following BEST describes an inside attacker?
An unintentional threat actor. This is the most common threat.
Which of the following is the correct definition of a threat?
Any potential danger to the confidentiality, integrity, or availability of information or systems
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering?
Authority
Sometimes, an attacker's goal is to prevent access to a system rather than to gain access. This form of attack is often called a denial-of-service attack and causes which impact?
Availability loss
If a fingerprint or retina scan is required to open a secured door, which kind of physical security has been implemented?
Biometric locks
Which deviation in power is the longest in duration?
Blackout
A collection of zombie computers have been set up to collect personal information. Which type of malware do the zombie computers represent?
Botnet
Which of the following threat actors seeks to defame, shed light on, or cripple an organization or government?
Hacktivist
Prepare to Document means establishing the process you will use to document your network. Which of the following makes this documentation more useful?
Have a printed hard copy kept in a secure location.
Most equipment is cooled by bringing cold air in the front and ducting the heat out of the back. What is the term for where the heat is sent in this type of scenario?
Hot aisle
Match the general attack strategy on the left with the appropriate description on the right. (Each attack strategy may be used once, more than once, or not all.)
Stealing information- Exploitation Preparing a computer to perform additional tasks in the attack.- Staging Crashing systems.- Exploitation Gathering system hardware information.- Reconnaissance Penetrating system defenses to gain unauthorized access. Breaching Configuring additional rights to do more than breach the system.- Escalating privileges
The root account has all privileges and no barriers. Which of the following is another name for the root account?
Superuser account
Which of the following is a program that appears to be a legitimate application, utility, game, or screensaver, but performs malicious activities surreptitiously?
Trojan horse
Which device is used to allow a USB device to charge but blocks the data transfer capabilities of the device?
USB data blocker
Which device is used to ensure power to a server or network device during short power outages?
Uninterruptible power supply
Your company has five salesmen who work out of the office and frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection implementation to address your concerns?
Use cable locks to chain the laptops to the desks.
What is the recommended humidity level for server rooms?
50%
Which of the following is the BEST definition of the term hacker?
A general term used to describe any individual who uses their technical knowledge to gain unauthorized access to an organization.
Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components?
Class C
When training your employees on how to identify various attacks, which of the following policies should you be sure to have and enforce? (Select two.)
Clean desk policies Password policies
In 2001, a worm exploited vulnerabilities in Microsoft Internet Information Services (IIS) to infect over 250,000 systems in under nine hours. What was this worm called?
Code Red
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security risks is most pressing?
Confidentiality
Which of the following are often identified as the three main goals of security? (Select three.)
Confidentiality Availability Integrity
You have hired 10 new temporary workers who will be with the company for three months. You want to make sure that the user accounts cannot be used for login after that time period. What should you do?
Configure account expiration in the user accounts.
Which of the following reduces the risk of a threat agent being able to exploit a vulnerability?
Countermeasures
As you go through the process of making your network more manageable, you discover that employees in the sales department are on the same network segment as the human resources department. Which of the following steps can be used to isolate these departments?
Create a separate VLAN for each department.
Which type of update should be prioritized even outside of a normal patching window?
Critical updates
Which of the following items would be implemented at the Data layer of the security model?
Cryptography
Which special network area is used to provide added protection by isolating publicly accessible servers?
DMZ
Jason is at home, attempting to access the website for his music store. When he goes to the website, it has a simple form asking for a name, email, and phone number. This is not the music store website. Jason is sure the website has been hacked. How did the attacker accomplish this hack?
DNS cache poisoning
When confidential or protected data is exposed, either intentionally or accidentally, it is considered to be which of the following?
Data breach
DNS tunneling is a common method that allows an attacker to accomplish which attack?
Data exfiltration
Every ACME computer comes with the same account created at the factory. Which kind of vulnerability is this?
Default accounts and passwords
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
Deploy a mantrap
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in?
Development phase
Which of the following BEST describes a cyber terrorist?
Disrupts network-dependent institutions
Which of the following is a common social engineering attack?
Distributing hoax virus-information emails
Documenting procedures and processes are part of which milestone in the NSA's Manageable Network Plan?
Document Your Network
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? (Select two.)
Double-entry door Turnstile
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
Educate users about malware. Schedule regular full-system scans.
A Faraday cage is used to prevent what from leaving an area?
Electromagnetic emissions
It is important to follow correct procedures when running electrical cables next to data cables in order to protect against which environmental concern?
Electromagnetic interference
Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique?
Elicitation
The Policies, Procedures, and Awareness layer of the security model includes which of the following? (Select two.)
Employee onboarding User education
Which of the following is the single greatest threat to network security?
Employees
Which of the following are solutions that address physical security? (Select two.)
Escort visitors at all times Require identification and name badges for all employees
Which option is a benefit of CCTV?
Expand the area visible by security guards
Which kind of virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions?
Fileless virus
Which of the following items would you secure in the Perimeter layer of the security model?
Firewalls
You have recently been hired as the new network administrator for a startup company. The company's network was implemented prior to your arrival. One of the first tasks you need to complete in your new position is to develop a manageable network plan for the network. You have already completed the first and second milestones, in which documentation procedures were identified and the network was mapped. You are now working on the third milestone, which is identifying ways to protect the network. Which tasks should you complete as a part of this milestone? (Select two.)
Identify and document each user on the network. Physically secure high-value systems.
Which impact of vulnerabilities occurs when an attacker uses information gained from a data breach to commit fraud by doing things like opening new accounts with the victim's information?
Identity theft
Having a legitimate reason for approaching someone to ask for sensitive information is called what?
Impersonation
You are an IT consultant. You are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. She informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media. You notice the organization's network switch is kept in the server closet. You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. The office manager informs you that her desktop system no longer boots and asks you to repair or replace it, recovering as much data as possible in the process. You take the workstation back to your office to work on it. Which security-related recommendations should you make to this client?
Implement a hardware checkout policy.
A script kiddie is a threat actor who lacks knowledge and sophistication. Script kiddie attacks often seek to exploit well-known vulnerabilities in systems. What is the BEST defense against script kiddie attacks?
Keep systems up to date and use standard security practices.
Power, heating, ventilation, air conditioning systems (HVAC), and utilities are all components of which term?
Infrastructure
In healthcare, regulations often dictate that important systems remain unpatched to maintain compliance. Which kind of vulnerability does this introduce?
Inherent vulnerabilities
The IT manager in your organization proposes taking steps to deflect a potential threat actor. The proposal includes the following: Create and follow onboarding and off-boarding procedures. Employ the principal of least privilege. Have appropriate physical security controls in place. Which type of threat actor do these steps guard against?
Insider
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, which protection does the hashing activity provide?
Integrity
An employee stealing company data could be an example of which kind of threat actor?
Internal threat
Which of the following could an employee also be known as?
Internal threat
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following is the most important thing to do to prevent console access to the router?
Keep the router in a locked room.
Which of the following is a security approach that combines multiple security controls and defenses?
Layered security
Which of the following controls is an example of a physical access control method?
Locks on doors
You walk by the server room and notice that a fire has started. What should you do first?
Make sure everyone has cleared the area.
In which milestone should you use a network scanner and then confirm the scan manually with a room-by-room walkthrough?
Map Your Network
Which Microsoft tool can be used to review a system's security configuration against recommended settings?
Microsoft Security Compliance Toolkit
Which of the following is an example of a vulnerability?
Misconfigured server
Social engineers are master manipulators. Which of the following are tactics they might use?
Moral obligation, ignorance, and threatening
You are the security administrator for a small business. The floor plan for your organization is shown in the figure below. You've hired a third-party security consultant to review your organization's security measures. She has discovered multiple instances where unauthorized individuals have gained access to your facility, even to very sensitive areas. She recommends that you provide employees with access badges and implement access badge readers to prevent this from happening in the future. Click on the office locations where access badge readers would be most appropriate.
Network closest and Main entrance
By definition, which security concept uses the ability to prove that a sender undeniably sent an encrypted message?
Non-repudiation
A hacker scans hundreds of IP addresses randomly on the internet until they find an exploitable target. What kind of attack is this?
Opportunistic attack
Which device is often employed by power companies to protect cabling infrastructure from having cables added or removed and to prevent emissions from being retrieved from the air?
PDS
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose?
PTZ
Burning, pulping, and shredding are three ways to securely dispose of data in which form?
Paper
Windows Server Update Services (WSUS) is used to accomplish which part of a manageable network?
Patch management
Which of the following items would be implemented at the Network layer of the security model?
Penetration testing
Which of the following is one of the MOST common attacks on employees?
Phishing attack
Which security control, if not applied, can allow an attacker to bypass other security controls?
Physical access control
Which of the following includes all hardware and software necessary to secure data, such as firewalls and antivirus software?
Physical security
Your networking closet contains your network routers, switches, bridges, and some servers. You want to make sure an attacker is not able to gain physical access to the equipment in the networking closet. You also want to prevent anyone from reconfiguring the network to set up remote access or backdoor access. Which of the following measures are the best ways to secure your networking equipment from unauthorized physical access? (Select two. Each measure is part of a complete solution.)
Place your networking equipment in a room that requires key card entry. Place your networking equipment in a locked cage.
You maintain a network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting network availability. Which of the following should you implement?
Positive pressure system
A user is able to access privileged administrative features with an account that is not granted administrator rights. Which type of vulnerability is this?
Privilege escalation
A type of malware that prevents the system from being used until the victim pays the attacker money is known as what?
Ransomware
In which phase of an attack does the attacker gather information about the target?
Reconnaissance
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring?
Recovery
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor?
Remote Access Trojan (RAT)
Which of the following are characteristics of a rootkit? (Select two.)
Requires administrator-level privileges for installation. Resides below regular antivirus software detection.
For Milestone 4 (Reach Your Network), which of the following would be considered a secure protocol to use to reach your network?
SSH
Which of the following are examples of social engineering attacks? (Select three.)
Shoulder surfing Keylogging Impersonation
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Smart card
Any attack involving human interaction of some kind is referred to as what?
Social engineering
Match the general defense methodology on the left with the appropriate description on the right. (Each methodology may be used once, more than once, or not all.)
The constant change in personal habits and passwords to prevent anticipated events and exploitation. Randomness Diversifying layers of defense. Variety Giving users only the access they need to do their job and nothing more. Principle of least privilege Implementing multiple security measures to protect the same asset. Layering Eliminating single points of failure. Layering Giving groups only the access they need to do their job and nothing more. Principle of least privilege
Which of the following is the BEST example of the principle of least privilege?
Wanda has been given access to the files that she needs for her job.
A wireless access point configured to use Wired Equivalent Privacy (WEP) is an example of which kind of vulnerability?
Weak security configurations
The Application layer of the security model includes which of the following? (Select two.)
Web application security User management