Ch16 Security

Question 1

Virus

Answer 1

Code that runs on a computer without the user’s knowledge; it infects the computer when code is accessed and executed.

Question 2

Worm

Answer 2

Similiar to viruses except that it self-replicates.

Question 3

Trojan Horse

Answer 3

Appears to perform legitimate function but are actually performing malicious functions behind the scenes.

Question 4

Spyware

Answer 4

Malicious software either downloaded unwittingly from a website or installed along with some other third-party software.

Question 5

Rootkit

Answer 5

Software designed to gain administrator-level control over a computer system without being detected.

Question 6

Spam

Answer 6

The abuse of electronic messaging systems such as e-mail, broadcast media, and instant messaging.

Question 7

Clearing

Answer 7

Removal of data with a certain amount of assurance that it cannot be reconstructed.

Question 8

Purging

Answer 8

aka sanitizing; removal of data done in such a way that the data cannot be reconstructed. may use bit-level erasure software to completely destroy all data on the media.

Question 9

What type of malware self-replicates

Answer 9

worm

Question 10

What type of malware is the abuse of electronic messaging systems?

Answer 10

Spam

Question 11

List three symptons of viruses?

Answer 11

1. Computer runs slowly.
2. Computer lock ups.
3. Unusual error messages are displayed.

Question 12

What is the science of recognizing humans based on physical characteristics?

Answer 12

biometrics

Question 13

A hard drive needs to be disposed of in a way so taht no one can access the data.

Which method should you use?

Answer 13

Destruction

Question 14

Which is the best mode to use when scanning for viruses?

Answer 14

safe mode.

Question 15

What are five ways to prevent spyware?

Answer 15

1. Adjust Internet Explorer security settings.
2. Install antispyware software.
3. Uninstall unnecessary applications and services.
4. Educate users on how to surf the web safely.
5. Consider technologies that discourage spyware.

Question 16

One of your customers tells you that a bank employee called and asked for the person’s bank balance and telephone number.

What is this an example of?

Answer 16

Social Engineering

Question 17

Turn on User Account Control in Win 7

Answer 17

Start >> Control Panel >> User Accounts and Family Safety >> User Accounts >> click Change User Account Control settings link.

Question 18

Four levels of Win 7 UAC

Answer 18

1. Always Notify
2. Default: Notify Me Only When Programs Try to Make Chances to My Computer.
3. Notify Me Only When Programs Try to Make Changes to My Computer (Do Not Dim My Desktop)
4. Never Notify - Shuts off UAC

Question 19

Where are NTFS permissions found?

Answer 19

Security Tab of the folder’s Properties Window.

Question 20

Two Components Needed for BitLocker Encryption

Answer 20

1. Trusted Platform Module - Chip on motherboard that stores encrypted keys or external USB key to store the encrypted keys.
2. Hard drive with two volumes, preferably created during installation of Windows.

Question 21

Why does BitLocker need two volumes on a hard drive?

Answer 21

One volume is needed for the operating system that will be encrypted, the other volume is the active volume that remains unencrypted so the computer can boot.

Question 22

Name a common security component of Win7/Vista?

Answer 22

User Account Control (UAC)

Question 23

A user complains that while away at lunch someone used his computer to send e-mails to other co-workers without his knowledge. What should you recommend?

Answer 23

Use the Windows Lock feature.

Question 24

What best describes encryption?

Answer 24

Prevents unauthorized users from viewing or reading data.

Question 25

One of the user’s on your network is trying to access files shared on a remote computer. The file’s share permissions allow the user full control. But, the NTFS permissions allow the user Read access.

What will be the resulting access for the user ?

Answer 25

Read access.

Question 26

6. You are the administrator for your network. You set up an administrative share called Data$. What is necessary for another user to access this share ?(Two Possible answers)

Answer 26

1. The user must have permissions to access the share.
2. The user must know the exact network path to the share.

Question 27

WEP Description / Encryption Level

Answer 27

1. Wired Equivelant Privacy
2. 64 bit

Question 28

WPA Description / Encryption Level

Answer 28

1. Wi-Fi Protected Access
2. 128 bit

Question 29

WPA2 Description / Encryption Level

Answer 29

1. Wi-Fi Protected Access v2
2. 256 bit

Question 30

TKIP Description / Encryption Level

Answer 30

1. Temporal Key Integrity Protocol - deprecated used with WEP / WPA
2. 128 bit

Question 31

CCMP Description / Encryption Level

Answer 31

1. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol; used with WPA2
2. 128 bit

Question 32

AES Description / Encryption Level

Answer 32

1. Advanced Encryption Standard; used with WPA/WPA2
2. 128, 192, and 256 bit

Question 33

Seven Ways to Secure SOHO Routers

Answer 33

1. Change default passwords
2. Changing / Disabling the SSID
3. Configuring Wireless Encryption
4. Enabling MAC Filtering
5. Disabling WPS
6. Assigning Static IP Addresses
7. Disabling physical ports.

Question 34

What describes the attempt to guess a password by using a combination of letters and numbers?

Answer 34

Brute Force

Question 35

List three ways to help secure a SOHO Router

Answer 35

1. Change default passwords
2. Enable MAC filtering
3. Enable WPA2

Question 36

What is the strongest form of wireless encryption?

Answer 36

AES

Question 37

You want to prevent rogue employees from connecting a laptop to the SOHO router and accessing the network. List two ways to accomplish this.

Answer 37

1. Enable MAC filtering
2. Disable physical port.