Domain 3: Security Session 1 Flashcards

1
Q

Which type of malware needs a carrier, such as a Microsoft Office app, in order to propagate?
Choices:

A - Virus
B - Worm
C - Spyware
D - Trojan horse

A

A - Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
A user downloaded what was thought to be an antivirus program but instead turned out to be malware. Which type of malware infected the user's computer?
Choices:
A - Virus 
B - Worm 
C - Trojan 
D - Ransomware
A

C - Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which type of malware is most likely to infect an MBR?
Choices:

A - Virus
B - Worm
C - Trojan
D - Rootkit

A

D - Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which is an example of a phishing attack?
Choices:

A - An email which targets a specific individual
B - A seemingly credible update which corrupts the MBR
C - A seemingly credible update which locks up the system
D - An email from a seemingly credible source asking for personal information

A

D - An email from a seemingly credible source asking for personal information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which type of phishing attack targets executives or individuals in high authority who have access to a lot of money?
Choices:

A - Whaling
B - Tailgating
C - Spear phishing
D - Social engineering

A

A - Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which is an example of social engineering?
Choices:

A - A black hat individual audits a system
B - An attacker leaves a backdoor on a system using a rootkit
C - Someone under a false guise calls an individual and solicits logon information
D - Someone using false credentials creates a fake email account and uses it to send out harmful information

A

C - Someone under a false guise calls an individual and solicits logon information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Shoulder surfing is when someone looks at a user’s screen while the user enters sensitive information.

A - True
B - False

A

A - True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which best defines a botnet or zombies?
Choices:

A - A command server controlling multiple computers
B - Multiple computers carrying out an attack simultaneously
C - One person controlling multiple computers simultaneously
D - One computer infects other computers using the zombie virus

A

B - Multiple computers carrying out an attack simultaneously

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which type of password attack refers to the attacker simply guessing the password until they get it right?
Choices:

A - Botnet
B - Phishing
C - Spoofing
D - Brute force

A

D - Brute force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which are examples of non-compliant systems? Choose two answers.
Choices:

A - A computer with no antimalware protection
B - A computer with an outdated operating system
C - A computer which has the incorrect version of Office installed
D - A computer which has not run Windows Update in the past three days

A

A - A computer with no antimalware protection

B - A computer with an outdated operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which are ways to make users aware of security standards in the workplace? Choose two answers.
Choices:

A - End-user training
B - Acceptable use policy
C - Principle of least privilege
D - Discretionary access methods

A

A - End-user training

B - Acceptable use policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

One example of a man-in-the-middle attack is when a __________ is invaded by a third party who intercepts data and impersonates one of the two members involved.
Choices:

A - server
B - monitor
C - two-way email
D - two-way instant messaging chat

A

D - two-way instant messaging chat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A new hire at a company, in reading the security policy, sees that a clean desk policy is enforced. The new hire wants clarification from IT personnel as to what a clean desk policy entails. Which should the IT personnel tell the new hire?
Choices:

A - A clean desk policy involves keeping the desk dust-free
B - A clean desk policy involves keeping the desk free of food and drink
C - A clean desk policy involves keeping the desk free of network cables
D - A clean desk policy involves keeping the desk clear of any confidential documents

A

D - A clean desk policy involves keeping the desk clear of any confidential documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which disposal method is best used in relation to sensitive documents that are no longer needed?
Choices:

A - Shredder
B - Dumpster
C - Trash can
D - Recycle Bin

A

A - Shredder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A person tailgates a legitimate employee into a building and is now caught between that door and a more secure door. The person is trapped inside of which kind of area?
Choices:

A - Red
B - Blue
C - Tailgate
D - Mantrap

A

D - Mantrap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Using facial recognition to unlock a smartphone is a form of which type of physical security?
Choices:

A - RFID
B - Token
C - Biometrics
D - Smart card

A

C - Biometrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which device helps to cut off viewable angles on a monitor?
Choices:

A - Privacy filter
B - Screen cover
C - Screen dimmer
D - Brightness control

A

A - Privacy filter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which is an example of a digital antimalware security service?
Choices:

A - Applegate
B - Windows Update
C - Windows Firewall
D - Windows Defender

A

D - Windows Defender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Strong passwords are made up of uppercase and lowercase letters, numbers, and __________.
Choices:

A - verbs
B - symbols
C - long phrases
D - proper nouns

A

B - symbols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which are Linux permission levels? Choose three answers.
Choices:

A - Edit 
B - Write 
C - Read 
D - Listen 
E - Manage 
F - Execute
A

B - Write
C - Read
F - Execute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A user has received an email that seems like junk mail. Which action should the user take?
Choices:

A - Delete the email
B - Send a reply to the email
C - Open the email and see who sent it
D - Send the email to the junk email folder

A

D - Send the email to the junk email folder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A __________ does not qualify as multifactor authentication.
Choices:

A - username and password
B - retinal scanner and smart card
C - password and fingerprint scanner
D - smart card, username, and password

A

A - username and password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

In Linux, which is the equivalent of a trusted or untrusted software source?
Choices:

A - Directory commands
B - Trusted and untrusted folders
C - Trusted and untrusted packages
D - Trusted and untrusted commands

A

C - Trusted and untrusted packages

24
Q

Which four items should be taught to users to help protect sensitive information in an acceptable use policy?
Choices:

A - Take inventory
B - Look behind you
C - Lock a machine that is left on
D - Never share password information
E - Use third-party software whenever possible
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

A

C - Lock a machine that is left on
D - Never share password information
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

25
Q

Which are the four types of users in a server or network environment?
Choices:

A - Pro 
B - Guest 
C - Power 
D - Formal 
E - Standard 
F - Business 
G - Administrator
A

B - Guest
C - Power
E - Standard
G - Administrator

26
Q

It is easier to track permissions that are denied than permissions that are allowed on a network.

A - True
B - False

A

B - False

27
Q

Which are file attributes on an NTFS volume? Choose two answers.
Choices:

A - Edit
B - Hidden 
C - Read-only 
D - Write-only 
E - Read/Write
A

B - Hidden

C - Read-only

28
Q

System files can be found in which folders on a Windows device? Choose two answers.
Choices:

A - System32
B - System64
C - SysWOW32
D - SysWOW64

A

A - System32

D - SysWOW64

29
Q

__________ means a user only needs to log on once in order to access all of the resources on a network.
Choices:

A - TLS
B - Single sign-on
C - Being a power user
D - Administrative access

A

B - Single sign-on

30
Q

BitLocker is available in which versions of Windows? Choose two answers.
Choices:

A - Windows 7 Ultimate
B - Windows 8 Ultimate
C - Windows 7 Professional
D - Windows 8 Professional

A

A - Windows 7 Ultimate

D - Windows 8 Professional

31
Q

BitLocker To Go is used to encrypt which item?
Choices:

A - USB drive
B - Optical disc
C - Internal hard drive
D - External hard drive

A

D - External hard drive

32
Q

Which best defines a maximum password age?
Choices:

A - How long a password is used
B - How long a password can be used before it must be changed
C - The amount of time a password is used to protect an account
D - The amount of time that must pass before a password can be changed

A

B - How long a password can be used before it must be changed

33
Q

A password should always be used in order to prevent someone from easily accessing sensitive data.

A - True
B - False

A

A - True

34
Q

A technician needs to disable the Guest account on a computer, but cannot remember if it was already disabled. Which symbol should the technician look for to see if the Guest account is disabled?
Choices:

A - Red shield
B - Black shield
C - Red arrow pointing down
D - Black arrow pointing down

A

D - Black arrow pointing down

35
Q

AutoPlay can be disabled from which area of a Windows machine?
Choices:

A - Control Panel
B - Task Manager
C - Active Directory
D - Group Policy Editor

A

A - Control Panel

36
Q

A technician has a hard drive which was encrypted using BitLocker. The technician needs to move the data on the hard drive to a new location. Which protocols could the technician use to transfer the data while it is encrypted? Choose three answers.
Choices:

A - TLS 
B - EFS
C - AES 
D - SSH 
E - BitLocker
A

A - TLS
C - AES
D - SSH

37
Q

Which are screen locks used on mobile devices? Choose four answers.
Choices:

A - PIN
B - Slide 
C - Driver 
D - Retinal 
E - Certificate 
F - Password 
G - Face Unlock
A

A - PIN
B - Slide
F - Password
G - Face Unlock

38
Q

Which actions can be taken using a locator application for an iOS device? Choose three answers.
Choices:

A - Lock the device 
B - Perform a backup 
C - Make the device ring 
D - Erase data on the device 
E - Activate monitoring hardware
A

A - Lock the device
C - Make the device ring
D - Erase data on the device

39
Q

Which are examples of remote backup applications? Choose two answers.
Choices:

A - iCloud
B - Google.com
C - Apple Backup
D - Android Device Manager

A

A - iCloud

B - Google.com

40
Q

Although __________ devices are less prone to get viruses, it is still important to have a good antivirus or antimalware program.
Choices:

A - iOS
B - Linux
C - Android
D - Windows

A

A - iOS

41
Q

Apple mobile devices are updated and patched using which item?
Choices:

A - Store
B - iCloud
C - iTunes
D - App Store

A

D - App Store

42
Q

Which is required to decrypt a mobile device when it boots up?
Choices:

A - PIN
B - Face
C - Certificate
D - Fingerprint

A

A - PIN

43
Q

Which items make up multifactor authentication? Choose three answers.
Choices:

A - Biometrics 
B - Certificates 
C - Passwords 
D - Who you are 
E - What you have 
F - What you know
A

D - Who you are
E - What you have
F - What you know

44
Q

Which is a trusted application source for an Android device?
Choices:

A - OneDrive
B - Play Store
C - Google Store
D - Apps n’ Stuff

A

B - Play Store

45
Q

Which firewall element is the main focus for mobile devices?
Choices:

A - Ports
B - Protocols
C - Programs
D - Networks

A

C - Programs

46
Q

Profile security requirements should start with __________ regulations and be shaped from there.
Choices:

A - market
B - industry
C - corporate
D - industry or government

A

D - industry or government

47
Q

Which items can a shredder destroy? Choose two answers.
Choices:

A - CD
B - Hard drive
C - Flash drive
D - Credit card

A

A - CD

D - Credit card

48
Q

Which type of recycling format is performed at the hard drive disk manufacturer?
Choices:

A - Standard
B - High level
C - Low level
D - Advanced

A

C - Low level

49
Q
Which are hard drive recycling and repurposing tools? Choose two answers.
Choices:
A - Drill 
B - Overwrite 
C - Drive wipe 
D - Compactor 
E - Recycle format
A

B - Overwrite

C - Drive wipe

50
Q

Which process is used to adversely affect data on a hard drive, short of destroying the hard drive?
Choices:

A - Drilling
B - Hammering
C - Degaussing
D - Demagnetizing

A

C - Degaussing

51
Q

How should larger hardware be destroyed?
Choices:

A - Drill
B - Hammer
C - Incinerator
D - Degausser

A

C - Incinerator

52
Q

Which item proves that a device which needs to be destroyed has been destroyed?
Choices:

A - Inspection
B - Shredded paper
C - Pulled-apart equipment
D - Certificate of destruction

A

D - Certificate of destruction

53
Q

Which are wireless access point encryption protocols? Choose three answers.
Choices:

A - TLS 
B - SHL 
C - WEP 
D - WPA 
E - WPA2
A

C - WEP
D - WPA
E - WPA2

54
Q

Which feature allows users to easily connect to a wireless network without entering an SSID using a button?
Choices:

A - AES
B - WEP
C - WPS
D - WPA

A

C - WPS

55
Q

Decreasing the __________ of a wireless access point will also decrease the Wi-Fi speed.
Choices:

A - encryption
B - WPS levels
C - antenna levels
D - radio frequency signal

A

D - radio frequency signal

56
Q

Which area of a Windows machine is used to assign static IP addresses?
Choices:

A - Control Panel
B - Action Center
C - Active Directory
D - Network and Sharing Center

A

D - Network and Sharing Center

57
Q

When it comes to physical security, if an item can be __________, it should be secured.
Choices:

A - lifted
B - touched
C - formatted
D - downloaded

A

B - touched