Security

Question 1

Which of the following is a series of two doors with a small room between them?

Mantrap

Trapdoor

Badgetrap

Answer 1

Mantrap

A mantrap is a series of two doors with a small room between them. The user is authenticated at the first door and then allowed into the room. At that point, additional verification will occur (such as a guard visually identifying the person), and then the person is allowed through the second door. A trapdoor is a doorway that is usually hidden. A saferoom is a room that is impenetrable from outside, and badgetrap is not a term used when disusing doorway systems

Question 2

Which of the following physical characteristics is used to identify the user?

Hardware tokens

Biometric locks

Smart cards

Answer 2

Biometric locks

Biometric devices use physical characteristics to identify the user. Such devices are becoming more common in the business environment. Biometric systems include hand scanners, retinal scanners, and, possibly soon, DNA scanners. Hardware tokens are devices that contain security credentials. Smart cards are cards that contain a chip and credentials. Badge readers are devices that read the information on a card and allow or disallow entry

Question 3

In which filtering is the physical address used?

MAC address filtering

Email filtering

IP address filtering

Answer 3

MAC address filtering

As physical addresses are MAC addresses, MAC address filtering is the correct answer. Email filtering is the filtering of email addresses from which one is allowed to receive. IP address filtering is the type of filtering done on a router or firewall, based on IP addresses. URL filtering restricts the URLs that can be reached with the browser

Question 4

What firewall only passes or blocks traffic to specific addresses based on the type of application?

Packet filter firewalls

Proxy firewalls

Stateful inspection firewalls

Answer 4

Packet filter firewalls

A firewall operating as a packet filter passes or blocks traffic to specific addresses based on the type of application. The packet filter doesn’t analyze the data of a packet; it decides whether to pass it based on the packet’s addressing information. A proxy firewall is one that makes the Internet connection on behalf of the user and can control where the user goes. Stateful firewalls monitor the state of every TCP connection, thus preventing network mapping. A new-generation firewall is one that operates on all levels of the OSI model

Question 5

Which of the following was created as a first stab at security for wireless devices?

WPA

TKIP

WEP

Answer 5

WEP

Wired Equivalent Privacy (WEP) is a standard that was created as a first stab at security for wireless devices. Using WEP-encrypted data to provide data security has always been under scrutiny for not being as secure as initially intended. Wi-Fi Protected Access (WPA) and WPA2 are later methods that cane after WEP. Temporal Key Integrity Protocol is the encryption method used in WPA

Question 6

Which of the following was used to increase security in WPA?

TKIP

AES

IPSec

Answer 6

TKIP

WPA was able to increase security by using a Temporal Key Integrity Protocol (TKIP) to scramble encryption keys using a hashing algorithm. Temporal Key Integrity Protocol is the encryption method used in WPA. Advanced Encryption Standard (AES) is the encryption used in WPA2. IPSec is an industry-standard encryption method, and Secure Sockets Layer (SSL) is an encryption method used in many VPNs

Question 7

Which type of virus covers itself with protective code that stops debuggers or disassemblers from examining critical elements of the virus?

Companion

Macro

Armored

Answer 7

Armored

An armored virus is designed to make itself difficult to detect or analyze. Armored viruses cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus. A companion virus is one that attaches to a file or adopts the name of a file. A macro virus is one that hides in macros, and a multipartite virus is one that has multiple propagation methods

Question 8

What element of a virus uniquely identifies it?

ID

Signature

Badge

Answer 8

Signature

A signature is an algorithm or other element of a virus that uniquely identifies it. Because some viruses have the ability to alter their signature, it is crucial that you keep signature files current, whether you choose to manually download them or configure the antivirus engine to do so automatically. An ID is any types of identifying badge or marker. A badge is something worn to provide identification. Marking is not a word typically used when discussing algorithms or attacks

Question 9

Which of the following is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device?

Spoofing

Tailgating

Keyriding

Answer 9

Tailgating

Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. Many social-engineering intruders needing physical access to a site will use this method of gaining entry. Shadowing is when one user monitors another for training. Spoofing is the adoption of another’s email address, IP address, or MAC address. Keyriding is not a word typically used when discussing social engineering

Question 10

Which of the following is the process of masquerading as another user or device?

Shadowing

Spoofing

Duplicating

Answer 10

Spoofing

Spoofing is the process of masquerading as another user or device. It is usually done for the purpose of accessing a resource to which the hacker should not have access or to get through a security device such as a firewall that may be filtering traffic based on source IP address. Shadowing is when one user monitors another for training. Duplication is the creation of a matching object. Masking is not a term used when discussing impersonation

Question 11

Which Windows group allows members to install most software but keeps them from changing key operating system files?

Power user

Guest

Administrator

Answer 11

Power user

The Power Users group is not as powerful as the Administrators group. Membership in this group gives read/write permission to the system, allowing members to install most software but keeping them from changing key operating system files. This is a good group for those who need to test software (such as programmers) and junior administrators. The Guest group is used to allow restricted access to the device. The Administrators group allows full access to the device. The rights held by the Users group are a compromise between Admin and Guest

Question 12

Which NTFS permission is the least required to run a program?

Full Control

Read

Write

Answer 12

Write

This combines the permissions of Read with those of List Folder Contents and adds the ability to run executables. List Folder Contents allows viewing what items are in a folder. Full Control allows everything, and Read only allows reading documents

Question 13

Which of the following passwords is the strongest?

pAssword

Pa$$word

P@ssw0rd

Answer 13

P@ssw0rd

Although length is now considered the most important password security factor, complexity is also a factor, and these examples are all the same length. The password P@ssw0rd contains four character types, the most of any of the options, which increases the strength of the password. Password and pAssword contains only two types of characters. Pa$$word contains three types

Question 14

What principle should drive the granting of permissions?

Separation of duties

Least privilege

Job rotation

Answer 14

Least privilege

When assigning user permissions, follow the principle of least privilege by giving users only the bare minimum they need to do their job. Separation of duties prescribes that any operation prone to fraud should be broken up into two operations with different users performing each. Job rotation has the same goal but accomplishes it by requiring users to move around from job to job. Open rights is not a term used when discussing permission and rights

Question 15

Which type of screen lock uses gestures?

Fingerprint

Face

Swipe

Answer 15

Swipe

Swipe locks use a gesture or series of gestures, sometimes involving the movement of an icon to open the screen. In some cases, they require only knowledge of the mobile platform in use; they offer no security to the process because no authentication of the user is occurring. Fingerprint locks open when the correct fingerprint is presented. Facial locks require a matching face scan to open. Passcode locks require the configured passcode to unlock

Question 16

Which method is good for a lost mobile device?

Remote wipe

Geofencing

Screen lock

Answer 16

Remote wipe

Remote wipe gives you the ability to delete all content when a device is stolen or lost. Geofencing allows you to restrict use of the device to a geographic area. Screen locks prevent access to the home screen on the device. Segmentation of data is the separation of personal data from enterprise data on a device

Question 17

Which of the following involves applying a strong magnetic field to initialize the media?

Degaussing

Incineration

Hammer

Answer 17

Degaussing

Degaussing involves applying a strong magnetic field to initialize the media (this is also referred to as disk wiping). This process helps ensure that information doesn’t fall into the wrong hands. Incineration is the burning of the storage device. Hammers can be used to destroy the device. Deleting is the least effective way of removing information

Question 18

Which method of destroying the data on a hard drive is most effective?

Degaussing

Incineration

Clearing

Answer 18

Incineration

Physically destroying the drive involves rendering the component no longer usable. Incineration is the burning of the storage device. Degaussing involves applying a strong magnetic field to initialize the media (this is also referred to as disk wiping). This process helps ensure that information doesn’t fall into the wrong hands. Clearing is a method that still leaves the data recoverable with data forensics. Deleting is the least effective way of removing information

Question 19

Which of the following was a concept that was designed to make it easier for less knowledgeable users to add a new client to the WLAN without manually entering the security information on the client?

SSID

WPS

WEP

Answer 19

WPS

Wi-Fi protected setup (WPS) was a concept that was designed to make it easier for less knowledgeable users to add a new client to the WLAN without manually entering the security information on the client. One method involves pushing a button on the AP at the same time a client is attempting to join the network so that the settings are sent to the client. Other methods involve placing the client close to the AP, and near-field communication is used for the process. Service Set identifier (SSID) is the name of the WLAN. Wired Equivalent Privacy (WEP) and Wi-Fi protected Access (WPA) are wireless security protocols

Question 20

Which of the following should always be changed from the default?

SSID

WPS

WEP

Answer 20

SSID

Every wireless AP or wireless router on the market comes with a default SSID. Cisco models use the name tsunami, for example. You should change these defaults and create a new SSID to represent your WLAN. Wi-Fi protected setup (WPS) was a concept that was designed to make it easier for less knowledgeable users to add a new client to the WLAN without manually entering the security information on the client. One method involves pushing a button on the AP at the same time a client is attempting to join the network so that the settings are sent to the client. Other methods involve placing the client close to the AP, and near-field communication is used for the process. Wired Equivalent Privacy (WEP) and Wi-Fi protected Access (WPA) are wireless security protocols