Security (1) Flashcards

1
Q

Which of the following is a useful feature in the use of mantraps and entry control rosters?

Key fob

Security guard

Biometric lock

A

Security guard

A security guard is helpful in making a mantrap more effective and to maintain the entry control roster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An organization has contacted you for help in stopping security breaches on its servers. The latest breach involved the use of a flash drive to steal credentials. Which of the following is designed to stop this type of security breach?

Privacy screen

Cable lock

USB lock

A

USB lock

A USB lock prevents unused USB ports from being “borrowed” for data theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

RFID, magnetic strip, barcode, and QR code technologies can all be used by which of the following?

Badge reader

Smart card

Mantrap

A

Badge reader

Different types of badge readers use these technologies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A Kensington lock connector is used by which of the following devices?

Door lock

USB lock

Cable lock

A

Cable lock

The cable lock connector was developed by Kensington, hence the name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A mantrap is specifically designed to achieve which of the following?

Stop viruses from being introduced by users

Prevent multiple users from entering a secure area at the same time

Catch users who evade biometric locks

A

Prevent multiple users from entering a secure area at the same time

A mantrap is specifically designed to prevent tailgating. One door leads into the mantrap, and only when a single authorized person is present in the mantrap will the other door into the secure area be opened

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following violates the principle of least privilege?

Making all users administrators

Creating home folders

Using smart cards to restrict access

A

Making all users administrators

The principle of least privilege states that users should have permission to access only the resources they need to perform for their jobs—so making all users administrators is the opposite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are in charge of managing two different departments that need different types of access. Which of the following is the easiest way to provide the settings for each department?

Put each department into a separate domain

Write login scripts for each user in each department

Put each department into its own OU

A

Put each department into its own OU

Putting each department into its own organizational unit (OU) via Active Directory makes it easy to have separate settings for each department

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You are creating an MDM policy for your department, which tests and uses a wide variety of devices. Which of the following device types does not need to be included in the MDM policy?

Laptop

Smart phone

Desktop

A

Desktop

Desktop computers are not mobile, so they don’t need to be included in a mobile device management (MDM) policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You are working on security for a router that is used with a defined list of devices. Which of the following should you create to restrict access?

Whitelist

Blue screen

Blacklist

A

Whitelist

Creating a whitelist of MAC addresses allowed access is part of router security when it is used with a known list of devices. A blacklist is used to block specific computers by MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Your network uses self-signed security certificates for its intranet. A new user is alarmed because her browser displayed a certificate warning when trying to connect to a website on the intranet. Which of the following should you tell the user?

Never go to a website that displays a certificate warning.

Always ignore certificate warnings.

Company intranet sites are safe and you can proceed despite the warning.

A

Company intranet sites are safe and you can proceed despite the warning.

The user needs to know the difference between intranet and Internet sites because it affects the rules for handling browser warnings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you log in to a server with your user name and password, which type of authentication is being used?

Multifactor

TACACS

Single-factor

A

Single-factor

This is single-factor authentication because the user name and password together are a single factor (knowledge)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WPA/WPA2 Enterprise uses which type of server for authentication?

TKIP

AES

RADIUS

A

RADIUS

A RADIUS server is used for authentication instead of storing the encryption key in the router (as with SOHO networks)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

If a wireless network uses both TKIP and AES encryption, which two types of wireless security is it using? (Choose two.)

WPA

WEP

WPA2

Multifactor

A

WPA

WPA2

Many routers support both WPA and WPA2 protocols by enabling the use of both TKIP and AES encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Entering a code sent to a device along with a user name and password constitutes which type of authentication?

RADIUS authentication

Multifactor authentication

Single-factor authentication

A

Multifactor authentication

This is multifactor authentication because the user name/password combo is one factor (knowledge) and the code is the second factor (possession)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is true of WEP encryption? (Choose all that apply.)

Features 40-bit encryption

Some versions feature 256-bit encryption

Strongest wireless encryption standard

Weakest wireless encryption standard

A

Features 40-bit encryption

Weakest wireless encryption standard

The original version of WEP encryption uses 40-bit codes, and WEP is by far the weakest and easiest-to-crack wireless encryption standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A client calls you for help: the company files are encrypted and they’ll be deleted unless the company sends a payment in cryptocurrency. What type of attack has happened to your client’s company?

Malware

Trojan

Ransomware

A

Ransomware

A ransomware attack combines file encryption and the demand for payment of a ransom before the files will be decrypted

17
Q

A single server on your network was infected with malware, but 24 hours later, over a hundred servers were infected. What type of malware infection has attacked the network?

Trojan

Spyware

Worm

A

Worm

A worm is a type of malware designed to spread through network connections

18
Q

Employees at Company Z have been navigating to a lot of malicious websites and infecting their network. Which of the following would best help prevent infections?

Using a software firewall

Using a DNS filter

Running a DDoS attack on malicious websites

A

Using a DNS filter

Using a DNS filter helps prevent users from navigating to questionable websites, so it’s the best choice to prevent infections

19
Q

Instructing individuals in your company not to click on URLs in suspicious e-mail is an example of?

Social engineering

Paranoia

End-user education

A

End-user education

Instructing users in how to avoid e-mail traps is an example of end-user education

20
Q

A network server has been infected with malware that damages data. An up-to-date backup is available. When should the backup be restored?

After the infection is removed.

As soon as the infection is detected.

After another backup is run.

A

After the infection is removed.

The backup should be restored only after the infection is removed. A new backup should be created on the normal schedule after the server is restored to service

21
Q

A client reports that the organization’s wireless network is being flooded with pings and page requests far beyond normal limits. The pings and page requests are coming from a wide variety of locations. Your client is dealing with what type of attack?

DDoS

Impersonation

DoS

A

DDoS

A distributed denial of service (DDoS) is an attack coming from multiple locations that seeks to overwhelm a network resource so it can’t respond

22
Q

You receive an e-mail purporting to be from the head of IT that is asking you to install a piece of malware. Which type of attack is being used?

Impersonation

Spoofing

Rainbow table

A

Spoofing

The use of a false sender on the e-mail makes this an example of spoofing

23
Q

Security cameras reveal that someone is walking by the server room and pulling reports out of the trash. What is going on?

Dumpster diving

Shoulder surfing

Phishing

A

Dumpster diving

Dumpster diving is taking discarded information from any location, not just a dumpster

24
Q

The same day that your accounting software vendor is informed of a security vulnerability, you discover it was used to attack accounts payable. What type of vulnerability is being exploited?

Phishing

Man-in-the-middle

Zero-day

A

Zero-day

A zero-day attack takes place before or immediately after the software vendor discovers or has been provided knowledge of a vulnerability. It’s called zero-day because the vendor has had zero days to patch the vulnerability

25
Q

The RADIUS authentication server on your wireless network has been hacked and a list of old passwords has been leaked. Although none of the passwords are current, the list could still be used for which of the following attacks?

Spoofing

Impersonation

Dictionary

A

Dictionary

A dictionary attack uses a list of possible matches for passwords. Since many users who create their own passwords often recycle old passwords in whole or in part, a list of old passwords can be very useful in the hands of an attacker