4. Security principles

Question 1

What happens when Windows Defender is turned on?

Answer 1

You are notified when spyware or other potentially unwanted software tries to install itself or run on your computer

Question 2

What native antispyware feature is included with Windows

Answer 2

Windows Defender

Question 3

Which type of software can assist you in protecting your computer against virus-related problems?

Answer 3

antivirus software

Question 4

Which software gathers the user’s information through the user’s internet connection without the user’s knowledge

Answer 4

spyware

Question 5

Which software damages or disrupts a system without the owner’s permissions?

Answer 5

malware

Question 6

In which specific area of a hard disk drive does a boot-sector virus place its starting code?

Answer 6

Master Boot Record (MBR)

Question 7

What is a virus

Answer 7

Malicious software (malware) that relies upon other application programs to execute and infect a system

Question 8

Which type of attack is conducted by an email request from a financial institution asking you to log in and change your password using the provided link?

Answer 8

phishing

Question 9

What is dumpster diving

Answer 9

searching the garbage collection area or dustbin to look for non-shredded confidential documents

Question 10

what is war chalking

Answer 10

leaving notations about the wireless network on the outside of a building

Question 11

What is shoulder surfing

Answer 11

watching someone when he enters his login credentials

Question 12

What is tailgating

Answer 12

the act of gaining unauthorized access to a facility by using another user’s access credentials without the permission of the authorized person

Question 13

When does a zero-day attack occur

Answer 13

When live environments become vulnerable and targeted before a fix or patch can be created by the vendor

Question 14

What is a man-in-the-middle attack

Answer 14

When a hacker is positioned on both side of the attack to intercept communications between two sessions and devices

Question 15

What is the first action you should perform if you find that your fellow technician has left the door of the server room open

Answer 15

close the door

Question 16

Which guidelines should you refer to if you find that someone has breached the security of the server room

Answer 16

The company’s security policy

Question 17

What is a smart card?

Answer 17

it is an authentication card with an integrated circuit built in

Question 18

What does a face recognition scanner do

Answer 18

It determines whether to authenticate a user by scanning the user’s face and comaring that scan to face scans already on file

Question 19

What does an iris scanner do

Answer 19

It determines whether to authenticate a user by taking a picture of the iris of the user’s eye and comparing the picture with iris pictures on file

Question 20

Which physical barrier acts as the first line of defense against an intruder

Answer 20

a fence

Question 21

What is a mantrap

Answer 21

a set of double doors that are generally monitored by a security guard

Question 22

Which authentication method uses fingerprint recognition as a method to identify an individual

Answer 22

biometric authentication

Question 23

Which authentication method uses a small card with an embedded silicon chip which stores information on it

Answer 23

smart card authentication

Question 24

What should you do if your smart card is stolen

Answer 24

Get it inactivated and replaced

Question 25

Which device can be installed to monitor visitor entry in server room when there is not enough manpower to escort the visitor

Answer 25

video surveillance cameras or closed-circuit television (CCTV)

Question 26

Which attributes or details of an employee can be used by biometric devices

Answer 26

fingerprint, face, signature, iris, and retina

Question 27

What does the acronym ACL denote

Answer 27

access control list

Question 28

What does the acronym VPN denote

Answer 28

virtual private network

Question 29

What is a digital certificate

Answer 29

an electronic file that establishes your identify via a public key infrastructure (PKI) to complete transactions

Question 30

Which three types of characters can be used in combination to set a strong password in Windows

Answer 30

alphabetic, numeric, and special characters

Question 31

cybersecurity

Answer 31

the practice of protecting information-related assets against whatever threatens them

Question 32

digital certifcate

Answer 32

a file created and signed using special cryptographic algorithms

Question 33

malware

Answer 33

a malicious or unwanted software designed to steal data or impair your computer’s performance

Question 34

PCI DSS

Answer 34

The Payment Card Industry Data Security Standard is a set of shared rules developed by the world’s major credit card companies and administered by the PCI Council

Question 35

Phishing

Answer 35

The use of fake but official-looking messages to trick users into performing dangerous actions

Question 36

Spam

Answer 36

The unsolicited emails or other electronic messages, with undesired or malicious content

Question 37

Spear phishing

Answer 37

A variant of phishing that targers specific people, such as members of an organization or even individual users

Question 38

Trojan horse

Answer 38

A type of malware that appears to be harmless or useful program, like a game or even an anti-virus application

Question 39

CIA Triad

Answer 39

• Confidentiality
• Integrity
• Availability

Question 40

Confidentiality

Answer 40

Ensuring that information is viewable only bu authorized users or systems, and is either inaccessible or unreadbale to unauthroized users

Question 41

Integrity

Answer 41

Ensuring that information remains accurate and complete over its entire lifetime. In particular this means making sure that data in storage or transit can’t be modified in an undetected manner

Question 42

Availability

Answer 42

Ensuring that information is always easily accessible to authorized users. This means making sure that the connectivity and performance is maintained at the highest possible level

Question 43

Risk

Answer 43

The chance of harm coming to an asset

Question 44

Threat

Answer 44

Anything that can cause harm to an asset

Question 45

Vulnerability

Answer 45

Any weakness the asset has against potential threats