Securing Individual Systems Flashcards
Which host threat might appear as an email message that addresses you by name and uses some other personal information, like an account number, to request additional personal information?
A) Phishing
B) Spam
C) Vishing
D) Spear phishing
D) Spear phishing
Spear phishing is correct. Phishing will not include any personal information, spam messages are usually advertisements, and vishing occurs over a voice line.
Which of the following are methods to store non-persistent data?
A) Snapshot B) Revert to known state C) Rollback to known configuration D) Live boot media E) All of the above
E) All of the above
All of the above. Non-persistent data is maintained in an active session but not saved in a data file and can be recovered using a snapshot file, configuration rollback to a known configuration, reverting to a known state, and using a live boot media.
Which of the following RAID levels require only two drives?
A) RAID 10
B) RAID 5
C) RAID 0
D) RAID 6
C) RAID 0
RAID 0 is correct. RAID 10 requires at least 4, RAID 5 requires at least 3, and RAID 6 requires at least 4 drives.
Which of the following storage technologies operates at the block level?
A) NAS
B) LAN
C) WAN
D) SAN
D) SAN
SAN is correct. NAS works at the file level, LAN and WAN are not storage technologies.
System hardware should be protected as a standard practice with which of the following?
A) Disabling legacy ports
B) Using USB devices
C) Booting servers only when disconnected from the network
D) None of the above
A) Disabling legacy ports
Disabling legacy ports (especially serial ports) is a great security practice. Using USB devices or booting servers when disconnected would be unwise and certainly not considered standard procedure.
Which type of interference is NOT due to radiation emission?
A) Electromagnetic interference (EMI)
B) Electrostatic discharge (ESD)
C) Radio frequency interference (RFI)
D) Shielded Ethernet cable
B) Electrostatic discharge (ESD)
Electrostatic discharge (ESD) is correct. EMI and RFI both result from radiation emission. Shielded Ethernet cable is cable used to protect against EMI and RFI.
True or false: It is not a good idea to change default username and password.
A) True
B) False
B) False
False. Not changing usernames and passwords will leave the host vulnerable to attacks.
True or false: Before encrypting a drive, it is vital to obtain a key and keep it in a safe place.
A) True
B) False
A) True
True. Without the key, there is no way to access data on the drive should something happen to the system.
FDE and SDE are both from which of the following?
A) Hardware security & disk encryption
B) Boot logon security
C) Certificate of trust
D) Backup recovery methods
A) Hardware security & disk encryption
FDE and SDE are disk encryption methods and used for disk hardware security. Full disk encryption (FDE) would be more than the boot log, and system data encryption (SDE) is the encryption method that ties key files to specific hardware and OS. A certificate of trust is an agreement method of what to trust. Backup recovery methods are not a form of FDE or SDE.
What software is made to run computers with particular attention to providing a secure computing environment?
A) Trusted operating systems
B) Safe mode
C) FDE
D) RAID 10 enabled
A) Trusted operating systems
A trusted operating system is created by the manufacturer to meet a specific configuration for high level security requirements. None of the rest of the options are OS systems; safe mode, FDE and RAID 10 may be components or configuration options set up in the trusted operating system.
When working with peripherals, what are some of the considerations to factor in?
A) What connection type will be best match for usage and security
B) If Bluetooth is enabled, what class is the device
C) How to update the firmware
D) All of the above
D) All of the above
All of the above. The connection type, the Bluetooth class, and update options will all need to be considered to match the environment and security programs.
What is a form of malware that locks you out of your system until you pay someone to unlock it?
A) Trojan
B) Spyware
C) Ransomware
D) Adware
C) Ransomware
Ransomware is correct. A Trojan is malware disguised as (or hiding inside) an otherwise useful program (such as a game or utility). Spyware is malware that runs in the background to record your activity and steal private information. Adware typically opens new windows containing Web ads.
A whitelist is a list of applications that are allowed to run on a system. This list can be created in which location(s)?
A) Host firewall B) Group policy C) Local machine D) Proxy server E) All of the above
E) All of the above
Whitelists can be configured on all the answers here: host firewall, group policy, local machine and proxy servers. Remember the hierarchy may affect the implementation!
Which of the following answers describe automation strategies?
A) Continuous monitoring with alerts B) Triggers based on thresholds or baselines C) Load balancing D) Firewall configurations E) All of the above
E) All of the above
Continuous monitoring with alerts, triggers based on threshold, load balancing and firewall configurations are all considered automation strategies. Any can send out alerts, and some can make modification in traffic flows and how change devices will handle changing traffic patterns.
Which of the following will destroy the media for future uses?
A) Delete
B) Shred
C) Format
D) All of the above
B) Shred
The shred process physically tears the media apart, rendering it completely non-functional. Delete and format will not destroy the media (and in most cases also does not destroy the data).