Domain 3: Security Session 1

Question 1

Which type of malware needs a carrier, such as a Microsoft Office app, in order to propagate?
Choices:

A - Virus
B - Worm
C - Spyware
D - Trojan horse

Answer 1

A - Virus

Question 2

A user downloaded what was thought to be an antivirus program but instead turned out to be malware. Which type of malware infected the user's computer?
Choices:
A - Virus 
B - Worm 
C - Trojan 
D - Ransomware

Answer 2

C - Trojan

Question 3

Which type of malware is most likely to infect an MBR?
Choices:

A - Virus
B - Worm
C - Trojan
D - Rootkit

Answer 3

D - Rootkit

Question 4

Which is an example of a phishing attack?
Choices:

A - An email which targets a specific individual
B - A seemingly credible update which corrupts the MBR
C - A seemingly credible update which locks up the system
D - An email from a seemingly credible source asking for personal information

Answer 4

D - An email from a seemingly credible source asking for personal information

Question 5

Which type of phishing attack targets executives or individuals in high authority who have access to a lot of money?
Choices:

A - Whaling
B - Tailgating
C - Spear phishing
D - Social engineering

Answer 5

A - Whaling

Question 6

Which is an example of social engineering?
Choices:

A - A black hat individual audits a system
B - An attacker leaves a backdoor on a system using a rootkit
C - Someone under a false guise calls an individual and solicits logon information
D - Someone using false credentials creates a fake email account and uses it to send out harmful information

Answer 6

C - Someone under a false guise calls an individual and solicits logon information

Question 7

Shoulder surfing is when someone looks at a user’s screen while the user enters sensitive information.

A - True
B - False

Answer 7

A - True

Question 8

Which best defines a botnet or zombies?
Choices:

A - A command server controlling multiple computers
B - Multiple computers carrying out an attack simultaneously
C - One person controlling multiple computers simultaneously
D - One computer infects other computers using the zombie virus

Answer 8

B - Multiple computers carrying out an attack simultaneously

Question 9

Which type of password attack refers to the attacker simply guessing the password until they get it right?
Choices:

A - Botnet
B - Phishing
C - Spoofing
D - Brute force

Answer 9

D - Brute force

Question 10

Which are examples of non-compliant systems? Choose two answers.
Choices:

A - A computer with no antimalware protection
B - A computer with an outdated operating system
C - A computer which has the incorrect version of Office installed
D - A computer which has not run Windows Update in the past three days

Answer 10

A - A computer with no antimalware protection

B - A computer with an outdated operating system

Question 11

Which are ways to make users aware of security standards in the workplace? Choose two answers.
Choices:

A - End-user training
B - Acceptable use policy
C - Principle of least privilege
D - Discretionary access methods

Answer 11

A - End-user training

B - Acceptable use policy

Question 12

One example of a man-in-the-middle attack is when a __________ is invaded by a third party who intercepts data and impersonates one of the two members involved.
Choices:

A - server
B - monitor
C - two-way email
D - two-way instant messaging chat

Answer 12

D - two-way instant messaging chat

Question 13

A new hire at a company, in reading the security policy, sees that a clean desk policy is enforced. The new hire wants clarification from IT personnel as to what a clean desk policy entails. Which should the IT personnel tell the new hire?
Choices:

A - A clean desk policy involves keeping the desk dust-free
B - A clean desk policy involves keeping the desk free of food and drink
C - A clean desk policy involves keeping the desk free of network cables
D - A clean desk policy involves keeping the desk clear of any confidential documents

Answer 13

D - A clean desk policy involves keeping the desk clear of any confidential documents

Question 14

Which disposal method is best used in relation to sensitive documents that are no longer needed?
Choices:

A - Shredder
B - Dumpster
C - Trash can
D - Recycle Bin

Answer 14

A - Shredder

Question 15

A person tailgates a legitimate employee into a building and is now caught between that door and a more secure door. The person is trapped inside of which kind of area?
Choices:

A - Red
B - Blue
C - Tailgate
D - Mantrap

Answer 15

D - Mantrap

Question 16

Using facial recognition to unlock a smartphone is a form of which type of physical security?
Choices:

A - RFID
B - Token
C - Biometrics
D - Smart card

Answer 16

C - Biometrics

Question 17

Which device helps to cut off viewable angles on a monitor?
Choices:

A - Privacy filter
B - Screen cover
C - Screen dimmer
D - Brightness control

Answer 17

A - Privacy filter

Question 18

Which is an example of a digital antimalware security service?
Choices:

A - Applegate
B - Windows Update
C - Windows Firewall
D - Windows Defender

Answer 18

D - Windows Defender

Question 19

Strong passwords are made up of uppercase and lowercase letters, numbers, and __________.
Choices:

A - verbs
B - symbols
C - long phrases
D - proper nouns

Answer 19

B - symbols

Question 20

Which are Linux permission levels? Choose three answers.
Choices:

A - Edit 
B - Write 
C - Read 
D - Listen 
E - Manage 
F - Execute

Answer 20

B - Write
C - Read
F - Execute

Question 21

A user has received an email that seems like junk mail. Which action should the user take?
Choices:

A - Delete the email
B - Send a reply to the email
C - Open the email and see who sent it
D - Send the email to the junk email folder

Answer 21

D - Send the email to the junk email folder

Question 22

A __________ does not qualify as multifactor authentication.
Choices:

A - username and password
B - retinal scanner and smart card
C - password and fingerprint scanner
D - smart card, username, and password

Answer 22

A - username and password

Question 23

In Linux, which is the equivalent of a trusted or untrusted software source?
Choices:

A - Directory commands
B - Trusted and untrusted folders
C - Trusted and untrusted packages
D - Trusted and untrusted commands

Answer 23

C - Trusted and untrusted packages

Question 24

Which four items should be taught to users to help protect sensitive information in an acceptable use policy?
Choices:

A - Take inventory
B - Look behind you
C - Lock a machine that is left on
D - Never share password information
E - Use third-party software whenever possible
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

Answer 24

C - Lock a machine that is left on
D - Never share password information
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

Question 25

Which are the four types of users in a server or network environment?
Choices:

A - Pro 
B - Guest 
C - Power 
D - Formal 
E - Standard 
F - Business 
G - Administrator

Answer 25

B - Guest
C - Power
E - Standard
G - Administrator

Question 26

It is easier to track permissions that are denied than permissions that are allowed on a network.

A - True
B - False

Answer 26

B - False

Question 27

Which are file attributes on an NTFS volume? Choose two answers.
Choices:

A - Edit
B - Hidden 
C - Read-only 
D - Write-only 
E - Read/Write

Answer 27

B - Hidden

C - Read-only

Question 28

System files can be found in which folders on a Windows device? Choose two answers.
Choices:

A - System32
B - System64
C - SysWOW32
D - SysWOW64

Answer 28

A - System32

D - SysWOW64

Question 29

__________ means a user only needs to log on once in order to access all of the resources on a network.
Choices:

A - TLS
B - Single sign-on
C - Being a power user
D - Administrative access

Answer 29

B - Single sign-on

Question 30

BitLocker is available in which versions of Windows? Choose two answers.
Choices:

A - Windows 7 Ultimate
B - Windows 8 Ultimate
C - Windows 7 Professional
D - Windows 8 Professional

Answer 30

A - Windows 7 Ultimate

D - Windows 8 Professional

Question 31

BitLocker To Go is used to encrypt which item?
Choices:

A - USB drive
B - Optical disc
C - Internal hard drive
D - External hard drive

Answer 31

D - External hard drive

Question 32

Which best defines a maximum password age?
Choices:

A - How long a password is used
B - How long a password can be used before it must be changed
C - The amount of time a password is used to protect an account
D - The amount of time that must pass before a password can be changed

Answer 32

B - How long a password can be used before it must be changed

Question 33

A password should always be used in order to prevent someone from easily accessing sensitive data.

A - True
B - False

Answer 33

A - True

Question 34

A technician needs to disable the Guest account on a computer, but cannot remember if it was already disabled. Which symbol should the technician look for to see if the Guest account is disabled?
Choices:

A - Red shield
B - Black shield
C - Red arrow pointing down
D - Black arrow pointing down

Answer 34

D - Black arrow pointing down

Question 35

AutoPlay can be disabled from which area of a Windows machine?
Choices:

A - Control Panel
B - Task Manager
C - Active Directory
D - Group Policy Editor

Answer 35

A - Control Panel

Question 36

A technician has a hard drive which was encrypted using BitLocker. The technician needs to move the data on the hard drive to a new location. Which protocols could the technician use to transfer the data while it is encrypted? Choose three answers.
Choices:

A - TLS 
B - EFS
C - AES 
D - SSH 
E - BitLocker

Answer 36

A - TLS
C - AES
D - SSH

Question 37

Which are screen locks used on mobile devices? Choose four answers.
Choices:

A - PIN
B - Slide 
C - Driver 
D - Retinal 
E - Certificate 
F - Password 
G - Face Unlock

Answer 37

A - PIN
B - Slide
F - Password
G - Face Unlock

Question 38

Which actions can be taken using a locator application for an iOS device? Choose three answers.
Choices:

A - Lock the device 
B - Perform a backup 
C - Make the device ring 
D - Erase data on the device 
E - Activate monitoring hardware

Answer 38

A - Lock the device
C - Make the device ring
D - Erase data on the device

Question 39

Which are examples of remote backup applications? Choose two answers.
Choices:

A - iCloud
B - Google.com
C - Apple Backup
D - Android Device Manager

Answer 39

A - iCloud

B - Google.com

Question 40

Although __________ devices are less prone to get viruses, it is still important to have a good antivirus or antimalware program.
Choices:

A - iOS
B - Linux
C - Android
D - Windows

Answer 40

A - iOS

Question 41

Apple mobile devices are updated and patched using which item?
Choices:

A - Store
B - iCloud
C - iTunes
D - App Store

Answer 41

D - App Store

Question 42

Which is required to decrypt a mobile device when it boots up?
Choices:

A - PIN
B - Face
C - Certificate
D - Fingerprint

Answer 42

A - PIN

Question 43

Which items make up multifactor authentication? Choose three answers.
Choices:

A - Biometrics 
B - Certificates 
C - Passwords 
D - Who you are 
E - What you have 
F - What you know

Answer 43

D - Who you are
E - What you have
F - What you know

Question 44

Which is a trusted application source for an Android device?
Choices:

A - OneDrive
B - Play Store
C - Google Store
D - Apps n’ Stuff

Answer 44

B - Play Store

Question 45

Which firewall element is the main focus for mobile devices?
Choices:

A - Ports
B - Protocols
C - Programs
D - Networks

Answer 45

C - Programs

Question 46

Profile security requirements should start with __________ regulations and be shaped from there.
Choices:

A - market
B - industry
C - corporate
D - industry or government

Answer 46

D - industry or government

Question 47

Which items can a shredder destroy? Choose two answers.
Choices:

A - CD
B - Hard drive
C - Flash drive
D - Credit card

Answer 47

A - CD

D - Credit card

Question 48

Which type of recycling format is performed at the hard drive disk manufacturer?
Choices:

A - Standard
B - High level
C - Low level
D - Advanced

Answer 48

C - Low level

Question 49

Which are hard drive recycling and repurposing tools? Choose two answers.
Choices:
A - Drill 
B - Overwrite 
C - Drive wipe 
D - Compactor 
E - Recycle format

Answer 49

B - Overwrite

C - Drive wipe

Question 50

Which process is used to adversely affect data on a hard drive, short of destroying the hard drive?
Choices:

A - Drilling
B - Hammering
C - Degaussing
D - Demagnetizing

Answer 50

C - Degaussing

Question 51

How should larger hardware be destroyed?
Choices:

A - Drill
B - Hammer
C - Incinerator
D - Degausser

Answer 51

C - Incinerator

Question 52

Which item proves that a device which needs to be destroyed has been destroyed?
Choices:

A - Inspection
B - Shredded paper
C - Pulled-apart equipment
D - Certificate of destruction

Answer 52

D - Certificate of destruction

Question 53

Which are wireless access point encryption protocols? Choose three answers.
Choices:

A - TLS 
B - SHL 
C - WEP 
D - WPA 
E - WPA2

Answer 53

C - WEP
D - WPA
E - WPA2

Question 54

Which feature allows users to easily connect to a wireless network without entering an SSID using a button?
Choices:

A - AES
B - WEP
C - WPS
D - WPA

Answer 54

C - WPS

Question 55

Decreasing the __________ of a wireless access point will also decrease the Wi-Fi speed.
Choices:

A - encryption
B - WPS levels
C - antenna levels
D - radio frequency signal

Answer 55

D - radio frequency signal

Question 56

Which area of a Windows machine is used to assign static IP addresses?
Choices:

A - Control Panel
B - Action Center
C - Active Directory
D - Network and Sharing Center

Answer 56

D - Network and Sharing Center

Question 57

When it comes to physical security, if an item can be __________, it should be secured.
Choices:

A - lifted
B - touched
C - formatted
D - downloaded

Answer 57

B - touched