Chapt 23 (chapt 7 Security)

Question 1

You have a Windows domain network and want to ensure that users are required to meet password complexity requirements period What is the best way to implement this on the network?

A) use a firewall
B) use a VPN
C) use group policy
D) use DLP

Answer 1

Use group policy

In a Windows domain, password policies can be configured at the Domain level using Group Policy objects GPO. There are hundreds of variables that can be configured. Variables that can be configured relating to passwords include password complexity and length and time between allowed changes to passwords, and they lock out policy for failed attempts. DLP data loss prevention is the process of monitoring and identifying sensitive data to make sure it is accessed only by authorized persons

Question 2

You are setting up a new wireless router for a home office period which of the following should you change immediately when initially configuring the network? Choose two.

A) the routers default administrator username and password
B) the default SSID
C) the radio power level
D) the guest account password

Answer 2

A, B

When configuring a new wireless router, always change the administrators username and password first. This prevents would be Hackers from having easy access to the router. Then change the default ssid. These default values can easily be found online, and not changing them immediately makes your router more vulnerable to attack. The radio power level might be changed later if you discover the signal is too weak or too strong. There is no guest account on a router

Question 3

On a Windows 10 workstation, there are two NTFS volumes. The manager’s group has modify Access to the D:\mgmt directory. You move the folder to the D:\keyfiles folder, the which the manager’s group has read Access. What level of permissions will the manager’s group have to the new D:\keyfiles\mgmt directory?

A) full control
B) modify
C) read and execute
D) read

Answer 3

Modify

When you move a file or folder on the same NTFS volume, it will keep it’s original permissions. If you copy it or move it to a different volume, it will inherit permissions from its new parent directory

Question 4

You want to recycle some hard drives that your company no longer uses but want to ensure that other people will not be able to access the data. Which methods of removing the data are acceptable for your purposes? Choose two.

A) formatting the drive
B) using an overwrite utility
C) using a drive wipe utility
D) using electromagnetic fields

Answer 4

Using an overwrite utility and using a drive wipe utility

The best methods are using either overwrite or driveway programs. Overriding the drive and Tails copying over the data with new data. A common practice is to replace the data with zeros. Drive wipes do a similar thing. Formatting the drive does not guarantee that others can’t read the data. Electromagnetic fields or decalsing isn’t reliable and can damage the hard drive and won’t work on all solid state hard drives

Question 5

What does NTFS use to track users and groups and their level of access to resources?

A) ACLs
B) tokens
C) badges
D) control rosters

Answer 5

ACLs

With ntfs, each file, directory, and volume can have its own security. NTFS track security and access control lists for each resource. The access control list will contain the user or group name and the level of access they have been granted. The basic permissions to choose from our full control, modified, read and execute, list folder contents, read and write. There are also special permissions and settings that can be applied. A token is a software or Hardware that is used in multi-factor authentication and falls under the category of something a user has. Control rosters are used in areas that have security guards and contain a list of people who are allowed to enter

Question 6

Which of the following active directory Concepts can help enforce security settings? Choose two.

A) EFS
B) Group Policy updates
C) Port security
D) login Scripts

Answer 6

Group Policy updates on login scripts are a common way to push and enforce security settings on active directory objects. EFS is the encrypting file system, which is used to encrypt volumes, files and folders. Port security means opening or closing ports on a router to control what type of packets transverse the router

Question 7

What protocol was designed to authenticate remote users to a dial-in access server?

A) TKIP
B) TACACS+
C) VPN
D) RADIUS

Answer 7

RADIUS
Remote authentication dial-in user service was originally designed to authenticate remote users to a dial-in access server but is now used in several Authentication situations.

Question 8

What concept and active directory creates a directory subdivision within which may be placed users, groups, computers and other objects?

A) user
B) domain
C) organizational unit
D) home folder

Answer 8

Organizational unit
The organizational unit OU is a subdivision within which may be placed users, groups, more OU, and other objects. The OU exists on a domain, which is a group of users and resources under a single administrative control. Windows domains are managed by software called active directory. Active directory is organized into organizational units, usually for security purposes.

Question 9

Which of the following Authentication encryption protocols is older than the others and was developed by Cisco but became an open protocol in the 1990s and can be found on Linux distributions?

A) AES
B) TACACS+
C) Kerberos
D) RADIUS

Answer 9

TACACS+
Is an Authentication Protocol developed by Cisco that is now an open standard. It separates the AAA authentication authorization and accounting packets and encrypts them. It was released in 1993 and radius is an Authentication Protocol that was released in 1997. Kerberos is an open source Authentication Protocol that has been around since the 1980s.

Question 10

A user has joined your company as a network administrator. Let’s assume that their username is O’Shea. What is the recommended way to give O’Shea the administrative privileges they need?

A) add the O’Shea user account to the administrators group.
B) create an account called adminO’Shea. Add that account to the administrators group. Have the new administrator use the O’Shea account unless they need administrative rights, in which case they should use the adminO’Shea account
C) copy the administrator account and rename it O’Shea
D) add the OSHA user account to the power users group

Answer 10

B
Adding O’Shea to the administrators group will certainly work, but it is not recommended approach. Since members of the administrative group have such power they can inadvertently do harm such as an accidentally deleting a file that a regular user could not. To protect against this, the practice of logging in with an administrators group account for daily interaction is strongly discouraged. Instead, system administrators should log in with a user account with lesser privileges and change to the administrators group account with elevated privileges only when necessary

Question 11

Which type of security system uses physical characteristics to allow or deny access to locations or resources?

A) ID badges
B) bollards
C) biometrics
D) tokens

Answer 11

Biometrics

Question 12

A user is a member of the development group and the HR group. They are trying to access a local resource on an NTFS volume. The HR Group has full control permissions for the payroll folder and the development group has a deny read permission for the same folder. What is the user’s effective access to the payroll folder?

A) full control
B) read
C) write
D) deny

Answer 12

Deny

When there are conflicting in TFS permissions, generally they are combined, and the most liberal is granted. The exception to that is when there is an explicit deny. That overrides any allowed permissions

Question 13

Which of the following are advantages of using NTFS permissions over using share permissions? Choose two

A) NTFS permissions will override share permissions if there is a conflict
B) NTFS permissions affect users at the local computer, but share permissions do not
C) NTFS permissions are more restrictive in their access levels than share permissions
D) NTFS permissions can be set at the file level but share permissions cannot

Answer 13

B, D

NTFS permissions affect users regardless of whether they are at the local computer or accessing the resource across the network. They can also be applied to individual files where share permissions can be applied only to folders. One set of permissions is not inherently more restrictive than the other, as either type can be used to deny access in a given situation, at least when accessing across the network. When NTFS and share permissions affect the same folders the most restrictive permissions apply

Question 14

You use your smartphone for email and extensive internet browsing period you want to add an additional level of security to always verify your identity online when accessing various accounts. Which type of app do you need?

A) authenticator app
B) trusted Source app
C) biometric authenticator app
D) account encryption app

Answer 14

Authenticator app

An authenticator app can help securely verify your identity online, regardless of the account you want to log into. Different apps work in different ways, but the general procedure is that the app will generate a random code for you to type along with your username and password. The random code helps identify you and tells the site you are logging into that you really are who you say you are. The other options are not actual application types

Question 15

Which type of digital security is designed to protect your network from malicious software programs by both preventing them from entering the system and removing them if they are found?

A) firewall
B) anti-malware
C) EFS
D) UAC

Answer 15

Anti-malware

Anti malware software will help protect computers from malicious programs. Typically, anti-malware does everything that antivirus software does as well as identify threats Beyond just viruses. In fact, viruses are a type of malware. A lot of anti-malware software is marketed as antivirus software. A firewall is a hardware or software device designed to prevent certain types of traffic from entering or leaving a network

Question 16

You are configuring NTFS and share permissions on a Windows 11 workstation. Which of the following statements is true regarding permissions?

A) both NTFS and share permissions can be applied only at the folder level
B) NTFS permissions can be applied at the file or folder level, and share permissions can only be applied at the folder level
C) NTFS permissions can be applied only at the folder level, but share permissions can be applied to files and folders
D) both NTFS and share permissions support inheritance

Answer 16

B

Only NTFS permissions can be applied to individual files. Both NTFS and share permissions can be applied to volumes and folders. Share permissions are only effective when the resource is accessed via a network. NTFS permissions are effective whether the person access is the resource locally or via a network. NTFS permissions are inherited from a parent folder. Share permissions do not have inheritance

Question 17

You recently noticed a change on your computer. Now when you open your web browser, no matter what you search for, you get a dozen on solicited pop-up Windows offering to sell you items you didn’t ask for. What type of problem does your computer have?

A) spyware
B) ransomware
C) zombie/botnet
D) Trojan

Answer 17

Spyware

Spyware differs from other malware in that it works, often actively, on behalf of a third party. Rather than self-replicating, like viruses and worms, spyware is spread to machines by users who inadvertently ask for it. The users often do not know they have asked for it but have done so by downloading other programs, visiting infected sites, and so on. The spyware program monitors the user’s activity and responds by offering unsolicited pop-up advertisements sometimes known as adware, gathers information about the user to pass on to marketers, or intercepts personal data such as credit card numbers.

Question 18

A computer user wants to encrypt the data on their Windows 10 home device. They have administrative rights on the computer. Which of the following statements is correct?

A) they may be able to use Windows device encryption
B) they can use BitLocker
C) they can use BitLocker to go
D) they can use EFS

Answer 18

They may be able to use Windows device encryption

EFS allows for encryption and decryption of individual volumes, files and folders stored in NTFS volumes, whereas BitLocker encrypts entire drives, but neither of them is available in home additions of windows. If there is supporting Hardware, trusted platform module, enabled in the Bios or UEFI and secure boot enabled, then device encryption can be used instead. With Device encryption, only someone with authorization to use the device will be able to decrypt it. You must be logged in as an administrator to turn on device encryption. Go to start, choose settings, then select update on security, and then select device encryption. If the option is not there, then device encryption is not available on the device. You can also see if the hardware supports it by launching the system information utility as an administrator, then scrolling down to device encryption support

Question 19

Which of the following is true about the permissions shown in the graphic? Choose two.

A) they are only in effect when accessed via a network
B) they are NTFS permissions
C) this type can be used on files and folders
D) everyone can read inside this folder

Answer 19

A, D
These are share permissions. Share permissions have no effect when someone logs on locally, they only take effect when being accessed via a network. NTFS permissions apply whether logging on locally or via the network. Share permissions can only be applied to folders, not individual files. The only share permission set on this folder is that everyone can read it. No one has permission to change it

Question 20

A user is working on a Windows workstation. Their user account is a member of the manager’s group, and they are trying to access a folder name reports, located on a different computer. the NTFS permissions for the reports shared folder on that computer for the manager’s group are read and write. the folders share permissions for the manager’s group is the read permission. what are the users effective permissions on the reports folder?

A) full control
B) read and write
C) read
D) no access

Answer 20

Read

Because the user is accessing the NTFS base resource over the network, both NTFS and share permissions are applied. If there is a difference between the two of them, the most restrictive permissions are used. Therefore, the user has read access only

Question 21

A system administrator is concerned about Windows users and advertently installing malware from DVD ROMs and USB thumb drives that contain malicious code. What can they do to help prevent this from happening?

A) set restrictive user permissions
B) enable bios and UEFI passwords
C) disable auto run and auto play
D) enable data encryption

Answer 21

Disable auto run and auto play

Disable auto run and auto play should be selected on computers connected to the network. It is never a good idea to put any media in a workstation if you don’t know where it came from or what it is. The simple reason is that the media, cd, dvd, usb, SD, could contain malware. Compounding matters, the malware could be referenced in the autorun.inf file, causing it to be summoned when the media is inserted in the machine and requiring no other action. User permissions are not effective on optical drives whose content changes all the time.

Question 22

Which of the following is an open source authentication encryption protocol that is widely used and that uses a third party to verify user credentials?

A) AES
B) TACACS+
C) Kerberos
D) RADIUS

Answer 22

Kerberos

Kerberos was developed and named by computer scientists at mit. It is an open source Authentication Protocol that uses a third party to verify user credentials and symmetric key cryptography to encode Transmissions between parties. TACACS+ is an Authentication Protocol developed by Cisco that is now an open source standard. Radius is an Authentication Protocol that was originally used for dial-in access. It has morphed into a protocol used for authenticating remote Wi-Fi or on-premises users

Question 23

Which of the following is an example of a hard token? Choose two.

A) key fob
B) retina scanner
C) smart card
D) motion sensor

Answer 23

Key fob and smart card

Hard tokens are a physical security device that can be carried about by the user. A smart card has a chip whose data can be accessed by a reader to allow a user access to a secure area or computer system. A key fob generates a random number every few seconds that can be entered into a system as part of multi-factor Authentication

Question 24

Which of the following devices, often found in smartphones and other mobile devices, is used to pinpoint a person’s location on earth, and therefore can be used for multi-factor authentication?

A) magnetometer
B) retina scanner
C) key fob
D) hard token

Answer 24

Magnetometer

This measures magnetic fields and can be used to locate a person’s position on earth. As a part of multi-factor authentication, that location is compared to and allow or block list, and if the device to be accessed is in an allowed location, access may be granted.

Question 25

A computer user in the accounting department received a phone call from someone who claimed to be from the company’s bank. They had a partial account number and needed the user to verify the full account number, their username, and password before they could discuss the reason for their call with the user. The user said they would call them back, and the caller on the other end hung up abruptly. They contacted you and the IT department because it seems like such a strange call. What kind of attempted attack will you tell them just happened?

A) phishing
B) Vishing
C) Whaling
D) Evil twin

Answer 25

Vishing
Vishing, phishing, and whaling are variations of the same type of attack. In all of these, someone attempts to gain usernames and passwords or other information by intimidation, coercion, or other means. Then they will use that information to attack your company’s systems. They are all play on words for fishing. The attacker is casting a line and hoping you will bite on it. Vishing is using Voice calls, fishing uses email, and wailing is fishing for powerful or wealthy people

Question 26

Your web server just crashed because there was a flood of responses to a packet that looks like it was from your server but your server didn’t send it. What just happened?

A) whaling attack
B) denial of service attack
C) distributed dos attack
D) evil twin attack

Answer 26

Denial of service attack

This is a type of denial of service attack. Someone spoofs your IP address making it look like you, and send out request all at once to multiple hosts who respond to your IP address. Your server is flooded with those responses and crashes. It is called a Dos attack because users who want to use the server for legitimate purposes such as placing an order are unable to do to all the malicious traffic. Distributed denial of service attacks happen when many computers are used, as in a botnet.

Question 27

A computer user on your network is trying to access a folder named projects on a local NTFS volume. their user account is in the developers group. the developers group has read and execute permissions to the folder, and the users account has full control. what is the users effective access to the projects folder?

A) full control
B) read and execute
C) read
D) no access

Answer 27

Full control

In this case, the user has full control. When there are conflicting NTFS permissions, generally they are combined and the most liberal is granted. This holds true for conflicting permissions between groups or between a user’s account and group memberships. The exception is deny, which overrides all other permissions

Question 28

What active Directory security measure movies a user’s data to a server and off the local drive so that if a laptop is lost or stolen and someone gains access to it, they will not have access to information in the user’s data files?

A) home folder
B) Security Group
C) organizational unit
D) login script

Answer 28

Home folder

Using a home folder on active directory server to store the user’s file as a level of security because the user’s data is not on the local drive and it is less subject to being stolen.

Question 29

A friend is considering purchasing and Antivirus program. You let them know that there is one included with the Windows operating system. What settings should they look for in Windows settings?

A) Windows Defender Firewall
B) virus and threat protection
C) Windows update
D) device security

Answer 29

Virus and threat protection

In both Windows 10 and 11, a quick search for virus and threat protection will bring you to the Windows settings for that feature.

Question 30

You are a junior it administrator, and you are supervisor has asked you to ensure that all work stations have the built-in Windows Firewall activated. Where can you go to do that? Choose two.

A) firewall and network protection and the settings app
B) firewall and network protection and control panel
C) Windows Defender Firewall in the settings app
D) Windows Defender Firewall and control panel

Answer 30

A, D
The windows built-in firewall can be configured either in the settings app using firewall and network protection or in Windows Defender Firewall which is found in control panel

Question 31

Your company has a Windows domain managed by a domain controller. Following best practices, what feature of the domain controller is used to apply permissions to users?

A) active directory
B) user accounts
C) security groups
D) home folders

Answer 31

Security groups

A domain is a grouping of resources including people, computers, servers, printers and so on, into a single centrally controlled unit. A domain is managed by active directory software. A best practice is to group The users into security groups and assign permissions to the security groups. Members of the security group will have the access that was assigned to the group.