Securing Individual Systems Flashcards

1
Q

Rick logs into a public system as Guest and guesses correctly on a simple password to gain administrative access to the machine. What sort of attack surface does this represent?

Man-in-the-middle

Privilege escalation

Service vector

A

Privilege escalation

Privilege escalation scenarios have the bad guy increasing the scope of what he can do once authenticated to a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

John receives a driver-signing error for a specific DLL file in his Windows system. This a classic symptom of what sort of attack?

ARP poisoning

MAC spoofing

Refactoring

A

Refactoring

A refactoring attack tries to replace a device driver with a file that will add some sort of malicious payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Samantha recommended new systems for a group of developers at remote locations. Each system is identical, with high-end processing components. For storage, she needs a solution that provides storage redundancy and performance. She goes with RAID for each system, selecting four drives. Each user can lose up to two drives and not lose data. What RAID did she select?

RAID 1

RAID 5

RAID 6

A

RAID 6

A RAID 6 array requires at least four drives, but can lose up to two drives and still not lose data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Jason gets a tech call from Jill in accounting. Her system works fine most of the time, but every once in a while it loses connection to the wireless network. An inspection of Jill’s workstation shows that it’s right next to the employee break room. The break room has the typical appliances, such as refrigerator and microwave. Further questioning determines that the network drops most frequently at lunch, though sometimes during the typical afternoon break time. What could the problem be?

EMI

EMP

ESD

A

EMI

Get rid of that microwave oven! Electromagnetic interference can cause all sorts of problems, especially with wireless networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The Trusted Computing Group introduced the idea of the ________________, an integrated circuit chip that enables secure computing.

TCP

TPM

EMP

A

TPM

Trusted Platform Module (TPM) chips store a unique 2048-bit RSA key pair for security purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

John’s home system has automatic updates from Microsoft, yet at his office, his organization has a more formal method of updating systems called _______________.

Automatic updates

Patch management

TOS

A

Patch management

Patch management describes the process used to keep systems updated in the enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following best describes a Bluetooth attack that attempts to steal data from another device?

Bluejacking

Bluesnarfing

Man-in-the-middle

A

Bluesnarfing

Bluesnarfing attacks seek to gain data from a Bluetooth-connected device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What sort of malware requires the user to pay to remove the malware?

Keylogger

Adware

Ransomware

A

Ransomware

Ransomware demands payment to restore files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Marisol notices a small dongle between her USB keyboard and her system. Which of the following is most likely?

She is using an inline encryption device.

She has a TPM module.

Someone has installed a keylogger.

A

Someone has installed a keylogger.

A random USB dongle can be a malicious device, such as a keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Degaussing is associated with which form of data sanitation?

Clear

Purge

Destroy

A

Purge

Although a degausser essentially renders a hard drive unusable, it falls into the category of purge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly