Security Flashcards

Objective 6

1
Q

An online retailer experienced an outage. An investigation revealed that the server received more requests than it could handle, and customers could not log in as a result. Which of the following best describes this scenario?

A. Hardware failure

B. Denial of service

C. On-path attack

D. Social engineering

A

B. Denial of Service

availability concern

A denial of service (DoS) attack occurs when a server or network resource is overwhelmed with more requests or traffic than it can handle, resulting in legitimate users being unable to access the service. In this scenario, the server received more requests than it could handle, leading to the outage and preventing customers from logging in. This is consistent with the characteristics of a denial of service attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following best explains the reason for password expiration?

A. To disable unused user IDs

B. To invalidate any compromised passwords

C. To discourage writing down passwords

D. To enforce new password complexity rules

A

B. To invalidate any compromised passwords

The primary reason for password expiration is to enhance security by ensuring that passwords are regularly changed, thereby reducing the risk associated with compromised passwords. If a password is compromised (e.g., through a data breach or social engineering attack), the expiration policy ensures that the compromised password becomes invalid after a certain period, limiting the window of opportunity for unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An IT manager wants to prevent end users from booting alternative operating systems on workstations. Which of the following security-related best practices would be used to accomplish this?

A. Installing a host-based firewall

B. Setting a BIOS password

C. Patching the operating system

D. Removing unnecessary software

A

B. Setting a BIOS password

Setting a BIOS (Basic Input/Output System) password can prevent unauthorized users from accessing or modifying the BIOS settings, including the boot order. By setting a BIOS password, the IT manager can restrict users’ ability to boot from alternative operating systems or external bootable media without proper authorization.

When a BIOS password is set, users are prompted to enter the password when accessing the BIOS setup utility or attempting to change the boot order. Without the correct password, users cannot modify the BIOS settings, ensuring that the system boots only from the specified operating system installed on the workstation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following terms best describes the outcome of a text message that is encrypted from its original form?

A. Cipher

B. Vector

C. Plain

D. Algorithm

A

A. Cipher

In cryptography, a cipher is an algorithm for performing encryption or decryption. When a text message is encrypted from its original form, it undergoes a process where it is transformed into an unintelligible form using a specific algorithm or cipher. The result of this encryption process is often referred to as the ciphertext. A cipher ensures that the original message is protected from unauthorized access or interception by converting it into a format that can only be understood by authorized parties who possess the appropriate decryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An attacker is using subversive tactics to gain the trust of a target in order to obtain entry to a location or access to confidential information. Which of the following best describes this scenario?

A. Phishing attack

B. Social engineering

C. On-path attack

D. Eavesdropping

A

B. Social Engineering

gain trust to gain entry/ info

Social engineering involves manipulating individuals into divulging confidential information or performing actions that compromise security. In the scenario described, the attacker is using subversive tactics to gain the trust of a target in order to obtain entry to a location or access to confidential information. This type of attack relies on psychological manipulation rather than technical exploits. The attacker may use various tactics such as impersonation, pretexting, or building a rapport with the target to deceive them into providing access or sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A small company lacks the resources to properly verify a user’s identity when the user calls in for technical support. To which of the following is the company susceptible?

A. Wiretapping

B. On-path attack

C. Snooping

D. Social engineering

A

D. Social Engineering

Social engineering involves manipulating individuals into divulging confidential information or performing actions that compromise security. In this scenario, the small company lacks the resources to properly verify a user’s identity during technical support calls. This vulnerability can be exploited by attackers using social engineering techniques to deceive support staff into providing unauthorized access or sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following creates multifactor authentication when used with something you have?

A. Single sign-on

B. Hardware token

C. Geolocation

D. Password

A

D. Password

Multifactor authentication (MFA) requires users to provide two or more authentication factors to verify their identity. One common factor is “something you have,” which typically refers to a physical token or device that the user possesses. A hardware token is a physical device that generates one-time passwords or codes that are used as part of the authentication process. When combined with a password (something you know), a hardware token creates multifactor authentication, providing an additional layer of security beyond just a password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A corporate network just implemented a 60-day password-warning banner. Which of the following is most likely going to happen in 60 days?

A. Password reset

B. Password expiration

C. Password reuse

D. Password implementation

A

B. Password expiration

When a corporate network implements a 60-day password-warning banner, it typically means that passwords will expire after 60 days. Users will receive a warning notification when their passwords are about to expire, prompting them to change their passwords within the specified time frame.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Employees must use a badge to enter and exit the building. Each time the badge is used, a log entry is created and stored to record who has entered and exited the building. Which of the following best describes what the log entries provide?

A. Automation

B. Accounting

C. Authorization

D. Authentication

A

B. Accounting

a log entry is created, what best describes the log = accounting

The log entries maintain a record of who has entered and exited the building, essentially serving as an accounting mechanism for tracking individuals’ movements. This information can be used for various purposes such as attendance tracking, security auditing, and ensuring compliance with access policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following are benefits of a security awareness training program? (Choose two.)

A. Enhances overall security

B. Provides information on how to avoid phishing

C. Lowers the incidence of hardware failures

D. Increases the availability of computers

E. Advances end users’ technical skills

F. Creates IT security opportunities for end users

A

A.Enhances overall security

B. Provides information on how to avoid phishing

Security awareness training programs educate employees about cybersecurity best practices, threats, and risks, leading to improved awareness and understanding of security measures. This enhanced awareness contributes to overall security by empowering employees to recognize and mitigate potential security threats effectively. Phishing attacks are a common and significant threat to organizational security. Security awareness training programs typically include guidance on identifying phishing attempts, understanding common phishing techniques, and adopting preventive measures to avoid falling victim to phishing scams. This knowledge helps employees recognize suspicious emails, links, or messages and reduces the likelihood of successful phishing attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A user is trying to set up a new wireless access point. Which of the following should the user do first?

A. Change the SSID to a unique name.

B. Change the default password.

C. Enable WPA2 encryption.

D. Enable the highest available wireless standard.

A

B. Change the default password

do first always

This should be the first step because leaving the default password unchanged poses a security risk. Default passwords are well-known and easily exploited by attackers. Changing the password helps prevent unauthorized access to the access point’s settings and network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Employees of a large technology company are provided access to the internet as a work resource. Which of the following most likely represents the level of privacy employees should expect when utilizing this resource?

A. Only the attempts to access unapproved URLs are logged.

B. All internet usage is logged by a corporate server and may be monitored live.

C. All internet browsing is private and anonymous.

D. Only the attempts to access sites that include prohibited keywords are logged.

A

B. All internet usage is logged by a corporate server and may be monitored live.

In a corporate environment, it is common for companies to log and monitor employees’ internet usage for various reasons, including security, compliance, and productivity monitoring. This level of monitoring allows the company to track employee activities, enforce acceptable use policies, detect potential security threats, and ensure compliance with regulations. Employees should expect that their internet activities, including visited websites, accessed content, and online communications, may be logged and monitored by the corporate IT department or security team.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An administrator is creating accounts based on departments within the company. Which of the following access models does this BEST represent?

A. Non-discretionary access

B. Mandatory access

C. Discretionary access

D. Role-based access

A

D. Role-based access

based on departments

In a role-based access control (RBAC) model, access to resources is determined based on the roles or responsibilities of users within an organization. Users are assigned specific roles, and permissions are associated with these roles. When users belong to a particular department, they are assigned roles corresponding to that department, and their access rights are determined based on those roles. This approach simplifies access management, improves security, and ensures that users have appropriate access to resources based on their organizational roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A user from the accounting department received a call asking for hardware and software information. To which of the following is this user being exposed?

A. Eavesdropping

B. Impersonation

C. Phishing

D. Whaling

A

B. Impersonation

Integrity concern

Impersonation occurs when an attacker pretends to be someone else, such as a trusted individual or representative of a legitimate organization, to deceive the victim into providing sensitive information or performing actions that compromise security. In this scenario, the caller may be impersonating a legitimate representative or authority figure to gain access to hardware and software information from the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following may be prevented by adding locks and video cameras to the refuse collection location?

A. Eavesdropping

B. Social engineering

C. Tailgating

D. Dumpster diving

A

D. Dumpster Diving

Dumpster diving is the practice of searching through dumpsters or trash bins to find discarded items, often for the purpose of obtaining sensitive information or valuable materials. Adding locks and video cameras to the refuse collection location can help prevent unauthorized individuals from accessing the dumpsters or trash bins, thereby reducing the risk of dumpster diving.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A log entry indicating the deletion of a file by a user during a previous session is an example of data:

A. Analysis.

B. Exportation.

C. Querying.

D. Persistence.

A

D. Persistence

Data persistence refers to the retention of data over time, even after the process that created or modified the data has ended. A log entry indicating the deletion of a file by a user during a previous session is an example of data being retained and stored for later reference, making it persistent.

16
Q

Which of the following is BEST to do immediately after installing an OS on a new machine in order to mitigate OS vulnerabilities?

A. Disable system users.

B. Install antivirus software.

C. Enable the firewall.

D. Install patches.

A

D. Install Patches

This option is correct. Installing patches refers to applying updates released by the OS vendor to address known security vulnerabilities and improve system stability. It is crucial to keep the OS up-to-date with the latest patches to mitigate potential security risks.

17
Q

A systems administrator wants to ensure users cannot change their passwords to ones they have used before. Which of the following password best practices should the administrator implement?

A. Password complexity

B. Password length

C. Password expiration

D. Password history

A

D. Password history

Implementing password history ensures that users cannot reuse passwords they have used before. When users attempt to change their passwords, the system checks against a stored history of previous passwords to prevent reuse. This practice enhances security by reducing the risk of compromised accounts if old passwords are reused.

18
Q

A computer technician needs to keep track of the last three passwords any employee has used. Which of the following best practices would the technician MOST likely use?

A. Password complexity

B. Password history

C. Password length

D. Password manager

A

B. Password history

Password history is a security feature that allows administrators to keep track of the last several passwords a user has used. This feature prevents users from reusing their recent passwords when creating a new one, which enhances security by ensuring that passwords are not reused too frequently.

19
Q

Ann, a user, wants to remove unnecessary software and services from her personal computer to make it more secure. This is an example of:

A. baselining.

B. hardening.

C. patching.

D. updating.

A

B. Hardening

Hardening refers to the process of securing a system by reducing its attack surface and minimizing potential vulnerabilities. Removing unnecessary software and services from a computer is a common practice in hardening, as it helps eliminate potential entry points for attackers and reduces the system’s exposure to security risks.

20
Q

Which of the following CIA triad concerns is violated when known-good computer hard drives and printed documents are placed in the trash?

A. Availability

B. Confidentiality

C. Integrity

D. Accounting

A

B. Confidentiality

When known-good computer hard drives and printed documents are placed in the trash without proper disposal methods, the concern violated from the CIA triad is Confidentiality. Confidentiality refers to the protection of sensitive information from unauthorized access or disclosure. By discarding hard drives and printed documents in the trash without securely wiping data or shredding documents, there is a risk that confidential information contained within them could be accessed by unauthorized individuals, compromising the confidentiality of the data.

21
Q

A home user has recently purchased a new desktop computer. After following the prompts during setup and accepting all defaults, the user has noticed outbound network traffic. Which of the following is the MOST likely cause?

A. Pre-installed applications are reporting user information.

B. Applications are retrieving the latest security configuration changes.

C. Group Policy objects are being implemented.

D. The computer is mining cryptocurrency.

A

A. Pre-installed applications are reporting user information

The most likely cause of outbound network traffic after a home user has set up a new desktop computer and accepted all defaults is that pre-installed applications are reporting user information. Many pre-installed applications, especially those from third-party vendors or bundled with the operating system, may have features that automatically collect and transmit user data for various purposes such as usage analytics, advertising, or product improvement. These applications often come with default settings that allow them to communicate with remote servers over the internet, resulting in outbound network traffic.

22
Q

Which of the following is known to be the WEAKEST encryption standard?

A. WPA

B. WEP

C. AES

D. TKIP

A

B. WEP

WEP (Wired Equivalent Privacy) is known to be the weakest encryption standard among the options provided. WEP was the original encryption standard for securing wireless networks but has several vulnerabilities that make it relatively easy to crack. These vulnerabilities include a short key length, weak initialization vectors, and an outdated encryption algorithm. As a result, WEP is no longer considered secure and is not recommended for use in modern wireless networks.

23
Q

Which of the following would MOST likely facilitate a shared credential with another user?

a. Password encryption

b. Password validation

c. Password generator

d. Password manager

A

D. Password Manager

A password manager is most likely to facilitate a shared credential with another user. Password managers allow users to securely store and manage their passwords for various accounts. Some password managers also offer features for securely sharing passwords with other users, such as family members or colleagues, without revealing the actual passwords. This allows for convenient and secure sharing of credentials while maintaining the confidentiality of the passwords.

24
Q

An employee uses a password to log in to a company computer. Which of the following authentication methods did the employee use to gain access to the network?

a. Single-factor

b. Single Sign-on

c. Permissions

d. Multi-factor

A

A. Single-factor

The employee used a password, which is a single piece of information (something the employee knows) to authenticate and gain access to the network. This authentication method is known as single-factor authentication.

25
Q

Which of the following features will render a file unreadable without the proper cipher?

a. Compression

b. Encryption

c. Permissions

d. Password

A

B. Encryption

Encryption is the process of converting data into a code to prevent unauthorized access. When a file is encrypted, it becomes unreadable without the proper cipher or decryption key. This ensures that even if someone gains access to the encrypted file, they cannot read its contents without the encryption key.

26
Q

Which of the following would provide the MOST secure means of protecting a laptop? (Choose two.)

a. Long password

b. Biometrics

c. Hardware Token

d. Personal Identification Number

e. Security Questions

f. Eight-Character Password

A

A. Long Password
B. Biometrics

Long password: Using a long and complex password provides a strong layer of security for a laptop. A longer password with a mix of uppercase and lowercase letters, numbers, and special characters is harder to guess or crack through brute-force attacks. It significantly increases the time and effort required for an attacker to gain unauthorized access to the laptop.

Biometrics: Biometric authentication methods, such as fingerprint scanners or facial recognition systems, provide a high level of security by verifying a person’s unique physical characteristics. Biometric authentication is difficult to fake or replicate, making it a strong authentication method for protecting a laptop from unauthorized access. It adds an additional layer of security beyond traditional passwords or PINs.

27
Q

Which of the following is a reason why complex passwords are required?

A. To encourage password variety

B. To prevent someone from guessing them

C. To make them harder to remember

D. To reduce social engineering attacks

A

B. To prevent someone from guessing them

Complex passwords, typically characterized by a combination of uppercase letters, lowercase letters, numbers, and special characters, are required primarily to prevent unauthorized users from guessing them. By increasing the complexity of passwords, it becomes exponentially harder for attackers to use techniques like brute force attacks (trying various combinations of characters) to gain access to systems or accounts.

28
Q

Which of the following is primarily a confidentiality concern?

A. Eavesdropping

B. Impersonating

C. Destructing

D. Altering

A

A. Eavesdropping

listening in on a confidential conversation

Eavesdropping is a confidentiality concern because it involves unauthorized interception of communications or data. The attacker gains access to sensitive information without altering or modifying it, which breaches the confidentiality of the data.

Impersonating: This is primarily an integrity concern, where an attacker pretends to be someone else to gain access to systems or information.

Destructing: Destruction of data is primarily an availability concern, as it renders data unavailable for legitimate users.

Altering: Altering data is primarily an integrity concern, as it involves unauthorized changes to the data, compromising its accuracy and trustworthiness.

29
Q

Your friend Michael is setting up a wireless network and asks you which security option he should choose to make the network the most secure. What do you suggest?

A. WEP

B. WPA

C. WPA2

D. NAT

A

C. WPA2

weakest to strongest

Open > WEP > WPA > WPA2 > WPA3

WPA2 is the most secure encryption standard using AES.

30
Q

Which of the following security terms best describes the process of determining what a user can do with a resource?

A. Authentication

B. Authorization

C. Accounting

D. Nonrepudiation

A

B. Authorization

Answers the question what can you do or what are your permissions.

31
Q

Your network’s security model requires that the administrator configure permissions based on a user’s job within the company. What does this describe?

A. Rule-based access control

B. Role-based access control

C. Discretionary access control

D. Mandatory access control

A

B. Role-based Access control

Access is based on each users role within the company.

32
Q

Someone was recently caught sifting through your company’s trash looking for confidential information. What is this an example of?

A. Trash snooping

B. Dumpster diving

C. Phishing

D. Social engineering

A

B. Dumpster Diving

Going through the trash

33
Q

Which of the following creates multifactor authentication when used with something you have?

A. Single sign-on

B. Hardware token

C. Geolocation

D. Password

A

D. Password

We already have the factor “something you have”. We need something else to make it MFA. Password is something that we know. SSO deals with signing in one time then we can have access to multiple apps. Geolocation deals with the location that we’re allowed to work in.