Core 2: Logical Security

Question 1

A type of hierarchical database structure used in Windows Server environments that enables centralized management of devices and resources on a network is known as:

HomeGroup
Active Directory
Workgroup
Windows domain

Answer 1

Active Directory

Question 2

On a Windows domain, this tool can be used by system administrators to configure initial desktop environment (which may include mapping a network drive or setting up access to a shared printer) for a specific user.

MDM policy
Login script
Group Policy
Directory permissions

Answer 2

Login script

Question 3

Which of the following terms describes a large network of Windows-based PCs under single administration?

HomeGroup
Windows domain
Active Directory
Workgroup

Answer 3

Windows domain

Question 4

In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.

Local Users and Groups
Resource Monitor
Group Policy
User Account Control (UAC)

Answer 4

Group Policy

Question 5

Windows Active Directory service allows for grouping users and computers into containers known as Organizational Units (OUs). An OU is the smallest unit to which system administrators can assign Group Policy settings to manage the configuration and use of accounts and resources within a given OU.

True
False

Answer 5

True

Question 6

In Windows domain environment, the term “Home Folder” refers to a directory on a local PC where users can back up their data and files.

True
False

Answer 6

False

Question 7

Which of the Windows Active Directory Group Policy settings allows network administrators to map a folder on a user’s PC to a server-based location?

Folder redirection
Local Users and Groups
User Account Control (UAC)
Directory permissions

Answer 7

Folder redirection

Question 8

Which of the following is an example of a soft token?

USB token
Authenticator app
Smart card
Key fob

Answer 8

Authenticator app

Question 9

Which type of software enables a centralized administration of mobile devices?

MFA
MMC
MDM
MFD

Answer 9

MDM

Question 10

What is the name of a logical security access control method in which a 48-bit physical address assigned to each Network Interface Card (NIC) is used to determine access to the network?

MAC address filtering
Network Address Translation (NAT)
Static IP addressing
Network Access Control (NAC)

Answer 10

MAC address filtering

Question 11

Which of the following answers refers to an example implementation of certificate-based authentication?

Smart card
ID badge
PIN code
Biometric lock

Answer 11

Smart card

Question 12

Virus definition database files contain detection patterns for known viruses. To be effective, an AV program needs up-to-date versions of these files which can be obtained through an AV software update feature.
True
False

Answer 12

True

Question 13

An antivirus database entry used for identifying malicious code is known as virus:

ID
Record
Signature
Repository

Answer 13

Signature

Question 14

An antivirus software is kept up to date via: (Select 2 answers)

 Driver updates
 Application updates
 Engine updates
 OS updates
 Virus signature updates

Answer 14

Engine updates

Virus signature updates

Question 15

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers)

Host-based firewall
Software firewall
Network-based firewall
Hardware firewall

Answer 15

Host-based firewall

software firewall

Question 16

Which of the following firewall types would provide the best protection for an ingress/egress point of a corporate network? (Select 2 answers)

Hardware firewall
Network-based firewall
Software firewall
Host-based firewall

Answer 16

Hardware firewall

Network-based firewall

Question 17

Which of the following is a set of firewall entries containing information on traffic considered safe enough to pass through?

Whitelist
Routing table
Blacklist
MAC address table

Answer 17

Whitelist

Question 18

In IT security, the term “User authentication” refers to the process of proving user identity to a system. Authentication process can be based on different categories of authentication factors, including unique physical traits of each individual, such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). Additional factors might include geolocation (“somewhere you are”), or user-specific activity patterns such as keyboard typing style (“something you do”). Multi-factor authentication systems require implementation of authentication factors from two or more different categories.

True
False

Answer 18

True

Question 19

Which of the following statements are true? (Select 2 answers)

NTFS permissions apply only to local users

NTFS permissions can be applied only on a folder level

NTFS permissions apply to both network and local users

NTFS permissions can be applied to a folder or individual file

Answer 19

NTFS permissions apply to both network and local users

NTFS permissions can be applied to a folder or individual file

Question 20

VPN connection types are divided into remote-access VPNs (used for connecting a computer to a network), and site-to-site VPNs (used for connecting networks).

True
False

Answer 20

True

Question 21

Which of the following ensures the privacy of a VPN connection?

Hashing
Tunneling
Authentication
Packet inspection

Answer 21

tunneling

Question 22

Which of the following is a dedicated device designed to manage encrypted connections established over an untrusted network such as the Internet?

VPN concentrator
Proxy server
Distributed switch
UTM appliance

Answer 22

VPN concentrator

Question 23

Examples of secure network protocols used for establishing VPN connections include: (Select 2 answers)

 IPP
 WEP
 IPsec
 HTTP
 TLS

Answer 23

IPsec

TLS

Question 24

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network?

DRP
DHE
DLP
DEP

Answer 24

DLP

Question 25

Which of the following is a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

DLP
NAT
ACL
DEP

Answer 25

ACL

Question 26

A rule-based access control mechanism implemented on routers, switches, and firewalls is known as:

ACL
CSR
DLP
AUP

Answer 26

ACL

Question 27

What is the function of a laptop’s smart card reader?

Storage expansion
Access control
Theft prevention
Data encryption

Answer 27

Access control

Question 28

Which of the following logical security controls provides a countermeasure against unsolicited electronic messages (a.k.a. spam)?

Mail relay
Host-based firewall
Email filtering
SMTP server

Answer 28

email filtering

Question 29

Which of the following can be used by system/network administrators to restrict a user’s ability to install software?

 AUP
 Group Policy
 Principle of least privilege
 MDM solutions
 All of the above

Answer 29

all of the above

Question 30

One of the ways of confirming that a software application comes from a trusted source is the verification of its digital signature. A digitally signed software proves the identity of the developer and guarantees that the application code hasn’t been tampered with since it was signed. The authenticity and integrity of the application’s code can be verified by comparing results of a cryptographic hash function (original hash published by the application developer vs. hash obtained from a downloaded app).

True
False

Answer 30

true

Question 31

A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as principle of least privilege.

True
False

Answer 31

true