Security (1) Flashcards
our network has 20 Windows 10 workstations. When it comes to managing patches and updates, which of the following is the best practice?
Apply patches and updates once per month.
Apply patches and updates immediately after they become available.
Apply patches and updates only if they fix a critical security flaw.
Apply patches and updates immediately after they become available.
Patches and updates should be applied regardless of the severity of the issue. In addition, they should be applied immediately. Use Windows Update to manage the process for you
You have a Windows 10 workstation and want to prevent a potential hacker from booting to a CD from the optical drive. What should you do to help prevent this?
Restrict user permissions.
Set a BIOS/UEFI password.
Disable autorun.
Set a BIOS/UEFI password.
A strong Windows password will help protect Windows but does not protect the computer in general. If a user can get into the BIOS, then he can change the boot sequence, boot to a CD, and do some damage to the system. The way to protect against this is to implement a BIOS/UEFI password
Which type of security solution generally functions as a packet filter and can perform stateful inspection?
DLP
Antivirus/anti-malware
Firewall
Firewall
Firewalls are among the first lines of defense in a network. The basic purpose of a firewall is to isolate one network from another. Firewalls function as one or more of the following: packet filter, proxy firewall, or stateful inspection firewall
Which of the following are examples of physical security methods? (Choose two.)
Biometric locks
Multifactor authentication
Privacy filters
Firewalls
Biometric locks
Privacy filters
Biometric locks and privacy filters are physical security methods. Multifactor authentication may require a physical device (for example, something you have) but not necessarily. Firewalls can be hardware devices but can also be software packages
A user on your network reported that he got a telephone call from Diane in the IT department saying that he needed to reset his password. She offered to do it for him if he could provide her with his current one. What is this most likely an example of?
A spoofing attack
A social engineering attack
A man-in-the-middle attack
A social engineering attack
Social engineering is a process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization. A social engineering attack may occur over the phone, over email, or in person. The intent is to acquire access information, such as user IDs and passwords
our corporate IT department has decided that to enhance security they want to draft a mobile device management (MDM) policy to require both a passcode and fingerprint scan to unlock a mobile device for use. What is this an example of?
Authenticator application
Biometric authentication
Multifactor authentication
Multifactor authentication
Anytime there is more than one authentication method required, it’s multifactor authentication. In this case, it does involve using biometrics, but the passcode is not a biometric factor. Multifactor authentication usually requires two of the following three types of inputs: something you know (password), something you have (smart token), or something you are (biometrics)
Several employees at your company have been tailgating to gain access to secure areas. Which of the following security methods is the best choice for stopping this practice?
Door lock
Entry control roster
Mantrap
Mantrap
Tailgating refers to being so close to someone when they enter a building that you are able to come in right behind them without needing to use a key, a card, or any other security device. Using mantraps, which are devices such as small rooms that limit access to one or a few individuals, is a great way to stop tailgating
Robert has joined your company as a network administrator. His user account name is RobertS. What is the recommended way to give Robert the administrative privileges he needs?
Add the RobertS user account to the Administrators group.
Create an account called AdminRobertS. Add that account to the Administrators group. Have Robert use the RobertS account unless he needs administrative rights, in which case he should use the AdminRobertS account.
Copy the Administrator account and rename it RobertS.
Create an account called AdminRobertS. Add that account to the Administrators group. Have Robert use the RobertS account unless he needs administrative rights, in which case he should use the AdminRobertS account.
Adding RobertS to the Administrators group will certainly work, but it’s not the recommended approach. Since members of the Administrators group have such power, they can inadvertently do harm (such as accidentally deleting a file that a regular user could not). To protect against this, the practice of logging in with an Administrators group account for daily interaction is strongly discouraged. Instead, system administrators should log in with a user account (lesser privileges) and change to the Administrators group account (elevated privileges) only when necessary
You are designing a security policy for mobile phones on your network. Which of the following are common methods of biometric authentication used with mobile devices today? (Choose two.)
Fingerprint lock
Face lock
Swipe lock
DNA lock
Fingerprint lock
Face lock
Biometric authentication requires identification of a physical feature of the user, such as a fingerprint or facial scan. DNA is considered a form of biometric authentication, but it’s not commonly used today with mobile devices. (Imagine your phone needing to collect blood or saliva to authenticate you—no thanks!)
You have a Windows 7 workstation with one volume, C:, that is formatted with FAT32. What is the easiest way to enable this volume to have file- and folder-level security permissions?
Enable file and folder permissions in System Properties.
At a command prompt, type reformat c: /fs:ntfs.
At a command prompt, type convert c: /fs:ntfs.
At a command prompt, type convert c: /fs:ntfs.
If you’re using FAT32 and want to change to NTFS, the convert utility will allow you to do so. For example, to change the E: drive to NTFS, the command is convert e: /fs:ntfs.
Luana is a member of the Dev group and the HR group. She is trying to access a local resource on an NTFS volume. The HR group has Allow Full Control permission for the payroll folder, and the Dev group has Deny Read permission for the same folder. What is Luana’s effective access to the payroll folder?
Full Control
Write
No Access
No Access
When there are conflicting NTFS permissions, generally they are combined, and the most liberal is granted. The exception to that is when there is an explicit Deny. That overrides any allowed permissions
Which default Windows group was designed to have more power than normal users but not as much power as administrators?
Standard Users
Power Users
Advanced Users
Power Users
Microsoft wanted to create a group in Windows that was not as powerful as the Administrators group, which is how the Power Users group came into being. The idea was that membership in this group would be given Read/Write permission to the system, allowing members to install most software but keeping them from changing key operating system files. However, after Windows 7, the Power Users group now assigns permissions equivalent to the Standard user Users Group
You have just transformed a Windows workgroup into a small domain and are configuring user accounts. Which of the following is considered a best practice for managing user account security?
Require every user to log on as a Guest user.
Allow all users Read and Write access to all server files.
Follow the principle of least privilege.
Follow the principle of least privilege.
When assigning user permissions, follow the principle of least privilege; give users only the bare minimum that they need to do their job. Assign permissions to groups rather than users, and make users members of groups (or remove them from groups) as they change roles or positions
Someone has placed an unauthorized wireless router on your network and configured it with the same SSID as your network. Users can access the network through that router, even though it’s not supposed to be there. What type of security threat could this lead to?
Zombie/botnet
Noncompliant system
Man-in-the-middle
Man-in-the-middle
An unauthorized router with a seemingly legitimate configuration is specifically known as an evil twin. Those can lead to man-in-the-middle attacks, which involve clandestinely placing something (such as a piece of software or a rogue router) between a server and the user, and neither the server’s administrator nor the user is aware of it. The man-in-the-middle intercepts data and then sends the information to the server as if nothing is wrong. The man-in-the-middle software may be recording information for someone to view later, altering it, or in some other way compromising the security of your system and session
A security consultant for your company recommended that you begin shredding or burning classified documents before disposing of them. What security risk is the consultant trying to protect the company from?
Shoulder surfing
Dumpster diving
Social engineering
Dumpster diving
Companies normally generate a huge amount of paper, most of which eventually winds up in dumpsters or recycle bins. Dumpsters may contain information that is highly sensitive in nature, and attackers may seek it out by practicing dumpster diving. In high-security and government environments, sensitive papers should be either shredded or burned.
