Exam Compass - Workstation Security Quiz

Question 1

The term “Data-at-rest encryption” refers to the encryption process that is applied to data residing in persistent storage (e.g., internal storage drive inside computer case).
True
False

Answer 1

True

Question 2

The importance of changing default usernames and passwords can be illustrated on the example of certain network devices (such as routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.
True
False

Answer 2

True

Question 3

The two factors that are considered important for creating strong passwords are: (Select 2 answers)
Password length
Minimum password age
Password history
Password complexity
Maximum password age

Answer 3

Password length

Password complexity

Question 4

A strong password that meets the password complexity requirement should contain: (Select the best answer)
Uppercase letters (A-Z)
Digits (0-9)
Non-alphanumeric characters if permitted (e.g., !, @, #, $)
Lowercase letters (a-z)
A combination of characters from at least 3 character groups

Answer 4

A combination of characters from at least 3 character groups

Question 5

Which of the following password examples is the most complex?
YzGdL3tU8wx
T$7C52WL4S9@W0
G$L3tU8wY@z
@TxBL$nW@Xt*a#

Answer 5

G$L3tU8wY@z

Question 6

An account policy setting that forces users to produce a new password every time they are required to change their old password is known as:
Password expiration
Password reuse
Password history
Password complexity

Answer 6

Password history

Question 7

Which of the account policy settings listed below prevents users from reusing old passwords?
Password expiration
Password history
Password length
Password complexity

Answer 7

Password history

Question 8

Which password policy setting prevents users from repeatedly changing their passwords to bypass the password history policy setting and get back to their original/preferred password?
Minimum password age setting
Password complexity setting
Account lockout threshold setting
Login time restrictions

Answer 8

Minimum password age setting

Question 9

Which of the following password policy settings prevents attackers using cracked passwords from gaining permanent access to a Windows workstation?
Login time restrictions
Password complexity setting
Account lockout threshold setting
Maximum password age setting

Answer 9

Maximum password age setting

Question 10

BIOS/UEFI passwords improve the security of a computer host. These low-level passwords may, for example, prevent unauthorized users to proceed when the computer is powered on (Supervisor/Administrator password), or restrict the scope of changes a user can make in the BIOS/UEFI interface (User password).
True
False

Answer 10

False

Question 11

The practice of implementing a computer screen lock is one of the end-user security best practices. The screen lock can be implemented as a password-protected screensaver that activates when the computer has been idle for a specific amount of time. In MS Windows, users can manually block unauthorized access by invoking the sign-in screen with the Windows logo + L key combination whenever they’re about to leave their computer desk. Screen locks can also be used as a countermeasure against brute-force attacks as they can be set to block computer access after a specified number of failed login attempts. The use of screensaver locks is an implementation of a more general security best practice which is logging off whenever the system is not in use.
True
False

Answer 11

True

Question 12

In Microsoft Windows 10, screen lock settings can be accessed via:
Settings > Personalization > Lock screen
Settings > Update & Security > Lock screen
Settings > System > Display > Lock screen
Settings > Devices > Display settings > Lock screen

Answer 12

Settings > Personalization > Lock screen

Question 13

Which of the answers listed below refers to a physical security measure against laptop theft?
Cable lock
Geotracking
LoJack for Laptops
Remote wipe

Answer 13

Cable lock

Question 14

USB locks are mechanical devices used for blocking a computer’s USB ports from unauthorized access. USB locks can also be used to prevent the removal of an external USB device attached to the computer.
True
False

Answer 14

True

Question 15

Privacy filter (a.k.a. privacy screen) is a protective overlay placed on the computer screen that narrows the viewing angle, so the screen content is only visible directly in front of the monitor and cannot be seen by others nearby. Privacy filter is one of the countermeasures against shoulder surfing.
True
False

Answer 15

True

Question 16

A sticky note with a password kept on sight in user’s cubicle would be a violation of which of the following policies?
Data labeling policy
Clean desk policy
Acceptable Use Policy (AUP)
User account policy

Answer 16

Clean desk policy

Question 17

The category of account management security best practices includes the practice of restricting user administrative privileges to operating systems and applications based on user duties. Operating systems simplify this process by introducing the concept of user groups equipped with different types of permissions which allow system administrators to simultaneously manage permissions of multiple user accounts based on group membership.
True
False

Answer 17

True

Question 18

Which of the following account management security measures narrows down a user’s computer access to specified hours?
Acceptable Use Policy (AUP)
Job rotation policy
Login time restrictions
Principle of least privilege

Answer 18

Login time restrictions

Question 19

Because the Guest account in MS Windows allows a user to log on to a network, browse the Internet, and shut down the computer, it is recommended to keep it disabled when it isn’t being used.
True
False

Answer 19

True

Question 20

Which account management security solutions provide countermeasures against brute-force attacks? (Select 2 answers)
Login time restrictions
Timeout period between login attempts
Principle of least privilege
Clean desk policy
Failed login attempts lockout

Answer 20

Timeout period between login attempts

Failed login attempts lockout

Question 21

An MS Windows component enabling automatic execution of code contained on a newly mounted storage media is called AutoPlay.
True
False

Answer 21

False

Question 22

In MS Windows, AutoRun is a system component that displays a dialog box containing applicable options for a newly mounted storage media.
True
False

Answer 22

False

Question 23

Which sequence of steps in Windows 10 provides access to the AutoPlay settings menu? (Select 3 answers)
Windows Control Panel (icon view) > System > AutoPlay
Settings > Devices > AutoPlay
Windows Control Panel (category view) > System and Security > AutoPlay
Windows Control Panel (icon view) > AutoPlay
Settings > System > AutoPlay
Windows Control Panel (category view) > Hardware and Sound > AutoPlay

Answer 23

Settings > Devices > AutoPlay

Windows Control Panel (icon view) > AutoPlay

Windows Control Panel (category view) > Hardware and Sound > AutoPlay