4. Security principles Flashcards

1
Q

What happens when Windows Defender is turned on?

A

You are notified when spyware or other potentially unwanted software tries to install itself or run on your computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What native antispyware feature is included with Windows

A

Windows Defender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which type of software can assist you in protecting your computer against virus-related problems?

A

antivirus software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which software gathers the user’s information through the user’s internet connection without the user’s knowledge

A

spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which software damages or disrupts a system without the owner’s permissions?

A

malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In which specific area of a hard disk drive does a boot-sector virus place its starting code?

A

Master Boot Record (MBR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a virus

A

Malicious software (malware) that relies upon other application programs to execute and infect a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which type of attack is conducted by an email request from a financial institution asking you to log in and change your password using the provided link?

A

phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is dumpster diving

A

searching the garbage collection area or dustbin to look for non-shredded confidential documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is war chalking

A

leaving notations about the wireless network on the outside of a building

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is shoulder surfing

A

watching someone when he enters his login credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is tailgating

A

the act of gaining unauthorized access to a facility by using another user’s access credentials without the permission of the authorized person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When does a zero-day attack occur

A

When live environments become vulnerable and targeted before a fix or patch can be created by the vendor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a man-in-the-middle attack

A

When a hacker is positioned on both side of the attack to intercept communications between two sessions and devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the first action you should perform if you find that your fellow technician has left the door of the server room open

A

close the door

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which guidelines should you refer to if you find that someone has breached the security of the server room

A

The company’s security policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a smart card?

A

it is an authentication card with an integrated circuit built in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does a face recognition scanner do

A

It determines whether to authenticate a user by scanning the user’s face and comaring that scan to face scans already on file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does an iris scanner do

A

It determines whether to authenticate a user by taking a picture of the iris of the user’s eye and comparing the picture with iris pictures on file

20
Q

Which physical barrier acts as the first line of defense against an intruder

A

a fence

21
Q

What is a mantrap

A

a set of double doors that are generally monitored by a security guard

22
Q

Which authentication method uses fingerprint recognition as a method to identify an individual

A

biometric authentication

23
Q

Which authentication method uses a small card with an embedded silicon chip which stores information on it

A

smart card authentication

24
Q

What should you do if your smart card is stolen

A

Get it inactivated and replaced

25
Q

Which device can be installed to monitor visitor entry in server room when there is not enough manpower to escort the visitor

A

video surveillance cameras or closed-circuit television (CCTV)

26
Q

Which attributes or details of an employee can be used by biometric devices

A

fingerprint, face, signature, iris, and retina

27
Q

What does the acronym ACL denote

A

access control list

28
Q

What does the acronym VPN denote

A

virtual private network

29
Q

What is a digital certificate

A

an electronic file that establishes your identify via a public key infrastructure (PKI) to complete transactions

30
Q

Which three types of characters can be used in combination to set a strong password in Windows

A

alphabetic, numeric, and special characters

31
Q

cybersecurity

A

the practice of protecting information-related assets against whatever threatens them

32
Q

digital certifcate

A

a file created and signed using special cryptographic algorithms

33
Q

malware

A

a malicious or unwanted software designed to steal data or impair your computer’s performance

34
Q

PCI DSS

A

The Payment Card Industry Data Security Standard is a set of shared rules developed by the world’s major credit card companies and administered by the PCI Council

35
Q

Phishing

A

The use of fake but official-looking messages to trick users into performing dangerous actions

36
Q

Spam

A

The unsolicited emails or other electronic messages, with undesired or malicious content

37
Q

Spear phishing

A

A variant of phishing that targers specific people, such as members of an organization or even individual users

38
Q

Trojan horse

A

A type of malware that appears to be harmless or useful program, like a game or even an anti-virus application

39
Q

CIA Triad

A
  • Confidentiality
  • Integrity
  • Availability
40
Q

Confidentiality

A

Ensuring that information is viewable only bu authorized users or systems, and is either inaccessible or unreadbale to unauthroized users

41
Q

Integrity

A

Ensuring that information remains accurate and complete over its entire lifetime. In particular this means making sure that data in storage or transit can’t be modified in an undetected manner

42
Q

Availability

A

Ensuring that information is always easily accessible to authorized users. This means making sure that the connectivity and performance is maintained at the highest possible level

43
Q

Risk

A

The chance of harm coming to an asset

44
Q

Threat

A

Anything that can cause harm to an asset

45
Q

Vulnerability

A

Any weakness the asset has against potential threats