220-1102 Security Flashcards
What is a small room with a set of two doors, one to the outside, unsecured area and one to the inner, secure area. Also known as a mantrap.
Access Control Vestibule
What are devices that store some unique information that a user carries on their person?
Security tokens
Which device provides a one-time use code that is used to authenticate a user in addition to a username and password?
RSA Token
What is the most common RSA Token in hard token form?
Key Fob
What is a fancy term for a metal detector?
Magnetometer
What kinds of drives can support access control lists (ACLs)
Drives with modern file systems such as NTFS, APFS, HFS+, and ext3/4
What is an example of a soft token?
Authenticator application
In a Windows domain, a computer running Windows Server is configured as a what?
domain controller
What does a domain controller store?
domain accounts
What can a login script do for a domain account?
Map network drives, place an information box on the screen, run applications and more
In active directory, what enables you to organize users and computers by function, location, permission and more?
Organizational units (OUs)
What do roaming profiles in active directory provide the user?
Each time the user logs into a new machine, their home folder data can move with them
What is the difference between active directory groups, security groups, and user groups?
Active directory groups and security groups are the same term. They are more powerful and more centrally managed than user groups.
What is an interlinked area of physical and logical security that includes: physical security, authentication, users, groups, and security policies?
Access Control
What encryption standard does WPA2 use?
Advanced Encryption Standard (AES)
Which wifi security addresses usability and security issues that affected its predecessor by including encryption to protect data of users on open (public) networks?
WPA3
Which encryption method was introduced in WPA and is supported by WPA2, but lessens security?
Temporal Key Integrity Protocol (TKIP)
Which authentication protocol enables a central authorization server to pass out keys that individual clients can present to access resources as needed?
Kerberos
What is malware that replicates and activates by attaching to executable programs or the drives boot sector?
Virus
What kind of virus live inside the system’s boot partition and activate their malicious code before the security software can start?
Boot sector virus
What is it called when a virus does something like corrupting data or stealing private information?
Activation
What kind of malware does not need to attach itself to other programs to replicate?
Worm
What is a piece of malware that appears or pretends to do one thing while, at the same time, doing something evil?
Trojan
What malware logs the user’s keystrokes and makes that information available to the attacker?
Keylogger
Which malware takes advantage of very low-level operating system functions to hide itself?
Rootkit
What are the 7 steps for malware removal
- Investigate and verify malware symptoms
- Quarantine infected systems
- Disable System Restore in Windows
- Remediate infected systems
A. Update anti-malware software
B. Scanning and removal techniques - Schedule scans and run updates
- Enable System Restore and create a restore point in Windows
- Educate the end user
When attempting to remediate an infected system, what do you do if you restore from a backup and the system is still infected?
Perform a clean install
CompTIA considers removing a virus as part of what step?
Remediation
What is a fake wireless access point configured to mimic the traits of a legitimate device and network?
Evil Twin
What attack is when the attacker injects malicious code into the Web app in order to trick it into sending things it shouldn’t to other users of the Web site?
Cross-site scripting (XSS)
Which Windows account has almost as much power as an Administrator?
Power User
Which NTFS setting controls which NTFS permissions apply to newly created files or subfolders?
Inheritance
Which variation of Bitlocker can encrypt removable drives?
Bitlocker to go
Which Windows feature opens a dialogue box when removable media is inserted into the computer, providing options based on what Windows finds on the drive, including starting the autorun application.
AutoPlay
Which Windows feature enables Windows to look for and read a file called autorun.inf immediately after a removable media device (optical disk or thumb drive) is inserted and automatically run whatever program that file lists?
Autorun
How do third party drive disposal services guarantee they have destroyed drives?
By issuing a certificate of destruction/recycling
What are phyiscal destruction techniques?
drilling, shredding, degaussing and incineration.
What security setting enables an administrator to set rules about whether packets should be sent or received based on the source or destination IP address?
IP filtering
Which security setting enables you to open an incoming connection to one computer automatically based on a specific outgoing connection?
Port triggering
Which security setting puts any system within the specified IP addresses outside the protection of the firewall, opening all ports and enabling all incoming traffic?
Screened subnet
Why should you change the SSID of a WAP?
The default SSID gives away important clues about the manufacturer and model of an access point
which shutdown option has the system restart instead of shutting down?
/r
In the command prompt, what does the F1 key do?
rebuilds the last command one letter at a time
In the command prompt, what does the F3 do?
rebuilds the entire command at once
How do you cycle through the history of your previous commands in command prompt?
Press the up arrow to see your previous commands. Press the right arrow to add the options
What is a deviation from established standards, specifications or requirements?
Non-compliance
Which AAA technology
- Encrypts the entire payload of the access-request packet
- is Primarily used for device administration
- Separates authentication and Authorization?
TACACS+
Which AAA technology
- is Primarily used for network access
- Combines authentication and authorization
- Encrypts only the password in the access-request packet
RADIUS
Which AAA technology is a completely open standard developed by the IETF? It is partially encrypted and uses UDP ports 1812 and 1813.
RADIUS
What was developed as a proprietary protocol by Cisco but has been released as an “open” description so other companies can implement it? It is fully encrypted and runs on TCP port 49
TACACS+
Which Wifi security standard utilizes AES-GCMP?
WPA3
What malware makes copies of itself by injecting itself as extra code added to the end of executable programs?
Virus
What kind of attack:
- Exploits the trust a user’s web browser has in a website
- A malicious script is injected into a trusted website
- The users browser executes attacker’s script
XSS
What kind of attack is when an attacker injects malicious code into a web app in order to trick it into sending things it should’t to other users of the Web Site.
Cross-Site Scripting (XSS)
What are the three different ways you can run an application as a administrator in windows?
- right click on an application icon and select run as administrator
- In the Windows start menu, press and hold control + shift keys and left-click on an application icon
- Launch windows run dialog box (windows logo key + R) type in the applications name and press control + shift + enter
in NTFS, does a folder copied from one location to another retain its original permissions or inherets permissions of its new parent folder?
parent folder
What is the correct syntax for applying read-only attributes to a file?
attrib +R [drive:] [path] [filename]
Which user group in Windows (Win 7 and before) had rights and permission that allowed its members to perform specific administrator-level tasks?
Power Users
In Windows, does a file moved on the same volume keep original permissions or inherits new permissions?
keeps original
In Windows, does a file moved to a different volume keep original permissions or inherits new permissions?
Inherits new permissions
What allows Windows to automatically execute code contained on a newly mounted storage media?
AutoRun
What is a system component that displays a dialog box containing applicable options for newly mounted storage media?
AutoPlay
What is quick format often referred to as?
High-level format
What simplifies networking by allowing devices to dynamically join a network, autoconfigure and learn about the presence and capabilities of other devices?
UPnP
What is referred to as zero-configuration networking?
UPnP
What is application software the selectively blocks access to websites?
Content Filter
What two types of VPNs allows a device to connect to the company network over an untrusted network?
Remote Access and Client-to-site
What software
- Gives permanent remote access
- Access is based on a local password
- A Windows tool used for connecting remotely to the user’s own computer
RDP
