Security

Question 1

Which user group should you assign to a new account on a Windows system if you want the user to have the ability to create and edit private files. stop and start the system, install applications, and add new device drivers?

Answer 1

Administrators

Question 2

While browsing the internet, you observe that your browser shows pop-up ads related to your recent keyword searches. What is this an example of?

Answer 2

Adware

Question 3

Which of the following is a valid distinguished name for the SocialBook common domain name?

Answer 3

SocialBook.org

Question 3

You have been contracted to assess a client’s building security. During your evaluation, you observe the following: all equipment secured with cable locks, server racks are locked and equipped with alarms, WAP for the guest Wi-Fi positioned on the receptionist’s desk, biometric locks are installed on high-security rooms. Based on these observations, which recommendation would you MOST likely make to enhance the client’s security?

Answer 3

Install the WAP on the ceiling or inside of a special locked box.

Question 4

A user finds they cannot access their computer files and receives a pop-up message stating that the files have been encrypted, along with instructions for purchasing a decryption. What type of malware is this?

Answer 4

Ransomware

Question 5

You are responsible for managing numerous workstations in a Windows domain and need to prevent unauthorized access through repeated password attempts. Which default Group Policy Object (GPO) includes a policy that you can enable to protect all domain computers from this type of security threat?

Answer 5

Default Domain Policy

Question 6

While reviewing video footage from your organization’s security cameras, you observe a suspicious individual using piggybacking to enter your building without a security badge. What security measure would you MOST likely implement to prevent this from happening in the future?

Answer 6

Access control vesitbule

Question 7

As a junior network technician at the local hospital, you’ve learned that the security administrator has implemented a new policy requiring users to log in to workstations using a fingerprint scanner. Which category of authentication does this represent?

Answer 7

Something you are

Question 8

What term is used to describe a system that lacks any anti-malware or firewall protection?

Answer 8

Unprotected

Question 9

What is an example of a hard token?

Answer 9

Smart card

Question 10

What is an example of multi-factor authentication?

Answer 10

PIN and authentication app

Question 11

A malicious individual contacts an employee via cell phone, claiming to be the vice president of the accounting department within the employee’s company. She states that she has forgotten her password and insists that the employee provide his password so she can access necessary reports for an upcoming presentation. She threatens to fire him if he refuses to comply. Which type of attack BEST characterize?

Answer 11

Vishing

Question 12

Which type of password cracking attack uses a list of words and phrases to guess the password?

Answer 12

Dictionary attack

Question 13

Lisa, an employee in HR, has created several important PDF documents that all office managers in her building need to access easily. She wants to ensure the files are easy to find and requires minimal maintenance while ensuring no other users can view them. As the IT technician, which solution would BEST meet Lisa’s requirements?

Answer 13

Network share

Question 14

To add a new computer to the SkyNet domain, which System Properties setting should be used?

Answer 14

System Properties > Computer Name

Question 15

An unauthorized individual gains entry to a secure area by following an authorized person through a door equipped with a badge reader. Which type of security threat does this situation illustrate?

Answer 15

Tailgating

Question 16

You have been brought in to evaluate a client’s security protocols. While conducting your assessment, you find that users an access files belonging to other departments. Which of the following measures would you recommend the company implement?

Answer 16

Principle of least privilege

Question 17

After implementing several lockout policies, which type of password attack will these measures MOST effectively defend against?

Answer 17

Online attack

Question 18

Which wireless security method relies on a shared key configured on both the wireless access point and all connected wireless devices?

Answer 18

WEP, WPA Personal, and WPA2 Personal

Question 19

What should you implement to monitor and manage the risks of a BYOD policy?

Answer 19

Mobile device management

Question 20

You are attempting to access a server within the company network from an external location using RDP, but your connection is unsuccessful. Which network device is your network administrator MOST likely required to adjust to enable this connection?

Answer 20

Firewall

Question 21

After entering a user ID and password, an online banking user is required to input a PIN that was sent via text message to their mobile phone. Which digital security method does this process exemplify?

Answer 21

Multifactor authentication

Question 22

You are the Active Directory administrator for a company with branch offices in multiple countries, including Mexico, Argentina, Canada, and the UK. Currently, the company has 250 employees organized by department, and it’s projected to grow rapidly over the next two years. You need to design a flexible organizational unit (OU) structure that can handle future growth without requiring frequent reorganization. Additionally, you want to easily assign rights to network resources based on departmental roles. What is a solution that BEST meets these needs?

Answer 22

Organize the OUs at the top level by office (country); then use group accounts to help control resource rights

Question 23

Which security measure can be integrated with a motion sensor to enhance protection?

Answer 23

Lights

Question 24

Which type of DoS attack exhausts the target’s resources by overloading a specific program or service?

Answer 24

Application layer

Question 25

What is an example of a soft token?

Answer 25

Authentication app

Question 26

You own a small startup with five employees, each with their own computer. Given the nature of your business, you don’t expect much growth in the next year or two. To keep costs low and simplify file sharing, internet access, printer access, and local network resources, which solution would be the BEST fit for your business?

Answer 26

A workgroup

Question 27

Which authentication category does a username and password fall under?

Answer 27

Something you know

Question 28

You have been tasked with investigating a recent cybersecurity breach. During your investigation, you found that the attacker exploited the login field to send commands to the server and stole user credentials from the database. Which type of attack did your client MOST likely experience?

Answer 28

SQL injection

Question 29

A technician helps Tom, an employee in the sales department, gain access to the client database by granting him Administrator privileges. Later, Tom finds out that he can access the salaries in the payroll database. Which security principle was compromised in this situation?

Answer 29

Principle of lease privilege

Question 30

What is the BEST describes authorization?

Answer 30

The resources that a user can access

Question 31

In your new role as a junior network technician at the local hospital’s IT department, which user group should your account be assigned to in order to effectively troubleshoot network communication issues?

Answer 31

Network Configuration Operator

Question 32

There are two primary types of firewalls you should know about. Which pertains to a network-based firewall?

Answer 32

Inspects traffic as it flows between networks

Question 33

You have five salespeople in your office who often leave their laptops unattended on their desks in cubicles. You’re worried the potential for theft. What is the MOST effective method to secure these laptops and prevent them from being stolen?

Answer 33

Use cable locks to chain laptops to the desks.

Question 34

Is it true or false that hard tokens provide protection even if they are lost of stolen?

Answer 34

False

Question 35

Which encryption algorithm incorporates a base key, the MAC address of the wireless access point, and a unique packet serial number for every transmitted packet?

Answer 35

TKIP (Temporal Key Integrity Pool)

Question 36

You have been tasked with assessing a client’s building security. During your evaluation, you observe the following features: a high fence surrounding the property, security cameras are positioned on all buildings, light poles illuminate the parking lot throughout, and vehicles can drive directly up to the building entrance. Based on these observations, what would MOST likely enhance security?

Answer 36

Install bollards

Question 37

Which of the following is true of an Organizational Unit (OU)?

Answer 37

An organizational unit is like a folder that subdivides and organizes network resources within a domain

Question 38

Where is the access control list stored on a Windows system?

Answer 38

Master File Table

Question 39

Which security practices most effectively demonstrates the principle of least privilege?

Answer 39

All users on a Windows workstation are Limited users except for one, who is responsible for maintaining the system

Question 40

You have been contracted to evaluate the security of your client’s organization. In the course of your assessment, you discover a rogue wireless access point that closely resembles the legitimate wireless network. What attack is MOST likely occurring?

Answer 40

Evil twin attack

Question 41

An employee in the legal department has created sensitive documents that need to be accessible to the executive staff in the same building. He wants to restrict access and ensure no one else in the company can find the files unless they have the specific UNC path. Which BEST meets Josh’s file management needs?

Answer 41

Administrative share

Question 42

What term describes the malicious activity involving the widespread distribution of unwanted and unsolicited email messages to multiple recipients?

Answer 42

Spamming

Question 43

Which security measures should be implemented at the building entrance to prevent weapons or unauthorized equipment from being brought inside?

Answer 43

Magnetometer

Question 44

Which user group should you assign to a Windows account the requires the ability to create files, run application, and install printers, while ensuring the user has only the minimum necessary permissions?

Answer 44

Users

Question 45

What is the service in the Windows Server OS that handles a centralized database for managing user accounts and security information?

Answer 45

Active Directory

Question 46

Which type of attack aims to overwhelm a target by sending more data than it can process?

Answer 46

Denial-of-service

Question 47

What does Windows use to manage and enforce what a user is authorized to access?

Answer 47

Access Control List

Question 48

Ava downloaded a free PDF editing application from the internet, and now her laptop is plagued by persistent desktop pop-ups, and several applications are failing to launch. Which type of malware has likely infected Ava’s laptop?

Answer 48

Trojan

Question 49

Which type of firewall examines network traffic based on TCP or UDP protocols?

Answer 49

Circuit-layer gateway

Question 50

As a security consultant, you’ve been brought in by an organization to assess their security protocols. Employees frequently receive phone calls from hackers attempting to extract sensitive information through aggressive tactics. What would be your PRIMARY recommendation to reduce the risk of these social engineering attacks?

Answer 50

Teach users how to recognize and respond to these attacks

Question 51

What part of BYOD risks poses both a security concern for the organization and a privacy concern for the user?

Answer 51

Mixing of personal and corporate data

Question 52

Which authentication method enables a printer to connect securely to a wireless network with minimal effort?

Answer 52

WPS (Wi-Fi Protected Setup)

Question 53

Which type of attack takes advantage of a software vulnerability that has yet to be identified by the developer?

Answer 53

Zero-day attack

Question 54

A user receives an email from a well-known video streaming service urging him to renew his membership, even though he has never signed up for one. Upon closer inspection, he notices that a hyperlink in the email directs him to a suspicious URL. What security threats does this situation represent?

Answer 54

Phishing

Question 55

At the company headquarters, multiple employees are experiencing sudden drops in their Wi-Fi access, followed by automatic reconnections to the same wireless network. Up investigation, you discover that a rogue access point has been established near the company headquarters, allowing someone to capture sensitive data from the company network. Which type of social engineering attack does this situation illustrate?

Answer 55

Evil twin

Question 56

Which feature should the public library implement to physically secure their new laptops and protect them from theft?

Answer 56

Cable locks

Question 57

What does Active Directory use to locate and name network objects?

Answer 57

DNS

Question 58

What is the common name for a program that serves no useful purpose, spreads to other systems, and frequently causes damage to resources on the infected systems?

Answer 58

Virus

Question 59

What is Spyware?

Answer 59

Spyware monitors the actions you take on your machine and sends the information back to the originating source.

Question 60

Which encryption algorithm is widely regarded as one of the strongest and is used across various types of networks, not just wireless ones?

Answer 60

AES (Advanced Encryption Standard)

Question 61

Which type of door lock uses Bluetooth technology to authenticate access to a specific lock?

Answer 61

Key fob

Question 62

In which type of security attack does a hacker intercept session cookies in order to access the victim’s account?

Answer 62

Session hijacking

Question 63

An employee in the sales department has requested his coworker to update the product descriptions in a sales document. She can access the file but is unable to save her changes. What digital security method is MOST likely preventing her from saving the file?

Answer 63

Directory permissions

Question 64

Which encryption method is used in WPA3 to generate a new key for every transmission?

Answer 64

SAE (Simultaneous Authentication of Equals)

Question 65

Which Windows service is responsible for storing registered biometric scans for authentication and verifying if they match the stored scan?

Answer 65

Windows Hello

Question 66

What is the term for security measures implemented through the OS and software?

Answer 66

Logical security

Question 67

Which processes is used to prove a user’s identity?

Answer 67

Authentication

Question 68

What is the best defense against an insider network threat?

Answer 68

Immediately revoke the employee’s credentials when they leave

Question 69

How would you log in to a computer that uses a picture password for authentication?

Answer 69

Swipe and tap with a three-step gesture

Question 70

An executive receives an email that appears to be from the financial institution that provides his company card. The text of the email includes his name and the company name, stating that there is a problem with his credit card. The email provides a link to verify the credit card, but when he hovers over the link, he notices that the web address seems strange. What BEST describes this type of attack?

Answer 70

Social engineering

Question 71

Which Windows feature requests user credential or permissions to prevent unauthorized actions, like accidental software installation?

Answer 71

User Account Control (UAC)

Question 71

A user has contacted support regarding an issue while trying to install an application on his new Windows 11 system. How account belongs to the Users groups, and the installation is not proceeding. What is the MOST likely reason for the installation problem?

Answer 71

His group membership does not allow her to install new software

Question 72

What policy permits employees to utilize their personal computers and mobile devices for work-related tasks?

Answer 72

BYOD (Bring Your Own Device)

Question 73

Which type of password cracking attacks is designed to avoid lockout policies?

Answer 73

Password spraying

Question 74

While traveling, you want to access your home computer using Remote Desktop, but after enabling it, you discover you cannot connect from outside your home network. What is the BEST solution to resolve this issue?

Answer 74

Open the firewall port for the Remote Desktop protocol

Question 75

What benefit of Bring Your Own Device (BYOD) policy arises from users becoming proficient in using their personal devices?

Answer 75

Increased productivity

Question 76

You need to access a shared folder named “Pictures” on a computer called “Home1” using the Universal Naming Convention (UNC) format. What is the valid UNC path?

Answer 76

\Home1\Pictures

Question 77

A technician is setting up a wireless access point and must choose from several security mode options. What offers the highest level of security?

Answer 77

WPA2 and AES

Question 78

A user reports being unable to uninstall an unnecessary program because the “Programs” option is missing from the Control Panel. You’ve checked the Local Group Policy Editor and found that the policy to hide the “Programs” option is not configured. However, other users in the same domain can access the “Programs” options without issue. Where should you investigate next to find out if the policy is enabled for this specific user?

Answer 78

GPOs linked to the organizational units that contain this user’s objects

Question 79

A domain controller is a Windows server that holds a copy of the Active Directory database, true or false?

Answer 79

True

Question 80

What are the two most common methods of distributing viruses?

Answer 80

1. Email
2. Malicious websites

Question 81

AES encryption keys that can be 128, 192, or 256 bits in length. However, it encrypts data in fixed-size blocks. What is the size of these data blocks?

Answer 81

128

Question 82

What is released by software vendors to address issues or vulnerabilities?

Answer 82

Patches

Question 83

The AAA security standard encompasses authentication, authorization, and accounting. Which authentication protocols is focused solely on providing authenication?

Answer 83

Kerberos

Question 84

Your company has recently adopted a BYOD policy. To safeguard the network, users are required to install an application on their devices that enables the security administrator to enforce security policies. What does this exemplify?

Answer 84

Mobile Device Management

Question 85

What term describes a situation where numerous compromised computers are infected with malware that enables an attacker (known as a herder) to control them to sending spam emails and executing DoS attacks?

Answer 85

Zombie/botnet

Question 86

What can be used to back up a company’s certificate database?

Answer 86

Certificate Manager

Question 87

A help desk technician identifies that a corrupt file is causing issues on a user’s computer. What is the quickest method to replace the corrupted file with a functioning one?

Answer 87

Use the C$ administrative share to copy the file

Question 88

One of your users receive a call from a person pretending to be from their bank. What is this an example of?

Answer 88

Spoofing