Security Flashcards

1
Q

A script that runs automatically when a user logs in, often used to map network drives, set environment variables, or launch apps.

A

Login Script

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A central collection of users, computers, and resources managed under a single set of rules and policies in Active Directory.

A

Domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A centralized way to control settings for users and computers in an AD environment, including enforcing updates, passwords, desktop restrictions, and more.

A

Group Policy / Updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A personal network folder assigned to a user for storing files; typically mapped to a specific drive letter at login.

A

Home Folder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AD objects used to assign permissions to resources or delegate rights to multiple users simultaneously.

A

Security Groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A policy that redirects user data folders (like Documents or Desktop) to a network location for easier backup and roaming profiles.

A

Folder Redirection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A wireless security protocol that uses AES encryption and was the industry standard for many years; more secure than WEP or WPA.

A

Wi-Fi Protected Access 2 (WPA2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The latest wireless security protocol offering stronger encryption, individualized encryption per device, and protection against brute-force attacks.

A

WPA3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An older encryption protocol used with WPA; less secure than AES and gradually being phased out due to known vulnerabilities.

A

Temporal Key Integrity Protocol (TKIP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A symmetric encryption algorithm used by WPA2 and WPA3; offers strong security and is widely used across various technologies, not just Wi-Fi.

A

Advanced Encryption Standard (AES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A secure, password-based authentication method used in WPA3 that replaces the less secure PSK method from WPA2; protects against offline dictionary attacks and provides forward secrecy.

A

Simultaneous Authentication of Equals (SAE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A centralized authentication protocol used for remote access and network services; uses UDP, combines authentication and authorization, and encrypts only the password.

A

Remote Authentication Dial-In User Service (RADIUS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A Cisco-developed protocol for centralized authentication; uses TCP, separates authentication, authorization, and accounting, and encrypts the entire payload.

A

Terminal Access Controller Access-Control System Plus (TACACS+)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A secure network authentication protocol that uses tickets and a trusted third party to verify users and services. Common in Active Directory environments.

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An authentication approach that requires two or more verification methods from different categories: something you know (password), something you have (token), or something you are (biometric).

A

Multifactor Authentication (MFA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A broad term for any malicious software designed to harm, exploit, or compromise data, devices, or networks. Includes viruses, trojans, spyware, ransomware, and more.

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A type of malware disguised as a legitimate program but contains malicious code that runs once the program is executed.

A

Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A stealthy form of malware that gives attackers privileged access to a system while hiding its presence from standard detection tools.

A

Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A type of malicious software that attaches itself to a file or program and spreads to other files or systems when executed.

A

Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Software that secretly gathers user information, such as browsing habits or personal data, often without consent.

A

Spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Malware that locks or encrypts user data and demands payment (a ransom) to restore access.

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Records every keystroke typed by a user to steal sensitive data like passwords, PINs, or credit card numbers.

A

Keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A type of virus that infects the master boot record (MBR) of a storage device, loading before the operating system starts.

A

Boot Sector Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Malware that hijacks system resources to secretly mine cryptocurrency, often degrading system performance.

A

Cryptominers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A special boot environment that starts the OS with minimal drivers and services; used to isolate malware and run cleanup tools safely.

A

Recovery Mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Software specifically designed to detect and remove viruses, often providing real-time protection and scanning capabilities.

A

Antivirus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A broader security tool that targets various forms of malicious software including spyware, ransomware, trojans, and more—not just viruses.

A

Anti-malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Security software that monitors and controls incoming and outgoing network traffic on a single device to help block unauthorized access or suspicious activity.

A

Software Firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Training programs that help users recognize fraudulent emails or websites designed to steal sensitive data like passwords or credit card numbers.

A

Anti-phishing Training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Educating users on how to avoid malware through best practices like not clicking unknown links, using strong passwords, and updating software regularly.

A

User Education Regarding Common Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A last-resort option for malware removal that wipes the system clean and reinstalls a fresh version of the operating system.

A

OS Reinstallation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Manipulating people into giving up confidential information or performing actions that compromise security, often through deception or trust exploitation.

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A type of attack that uses emails or messages posing as legitimate sources to trick users into clicking malicious links or revealing sensitive data.

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Voice-based social engineering where attackers call victims pretending to be someone trustworthy to gather sensitive information.

A

Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Looking over someone’s shoulder to observe sensitive information, such as passwords or PINs, often in public or work environments.

A

Shoulder Surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A phishing attack targeting high-profile individuals like executives or public officials, often using highly personalized tactics.

A

Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Following someone closely through a secure door or entry point without authorization, often pretending to be an employee or delivery person.

A

Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Pretending to be someone trusted—like tech support or a coworker—to gain access or information. Often used in person, via email, or phone.

A

Impersonation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Searching through trash or recycling bins to find sensitive documents or data that can be used for fraud or further attacks.

A

Dumpster Diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

A rogue Wi-Fi access point that mimics a legitimate one to trick users into connecting, allowing attackers to intercept data or install malware.

A

Evil Twin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

An attack where multiple compromised systems flood a target with traffic, overwhelming its resources and making it unavailable to users.

A

Distributed Denial of Service (DDoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

An attack where a single system floods a network or service with excessive requests to disrupt access or functionality.

A

Denial of Service (DoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

An attack that exploits a previously unknown software vulnerability before a patch is available, leaving systems defenseless.

A

Zero-day Attack

44
Q

Falsifying the identity of a user or system in order to deceive or gain unauthorized access (e.g., IP, email, or MAC address).

45
Q

Also known as a man-in-the-middle (MITM) attack; the attacker secretly intercepts and possibly alters communications between two parties.

A

On-path Attack

46
Q

An attack where an attacker tries every possible combination of characters to guess a password.

A

Brute-force Attack

47
Q

A password-cracking method that tries words from a predefined list or dictionary, often targeting weak or common passwords.

A

Dictionary Attack

48
Q

A security threat originating from someone within the organization who misuses access—either maliciously or accidentally.

A

Insider Threat

49
Q

An injection attack where malicious SQL commands are entered into input fields to manipulate or access backend databases.

A

Structured Query Language (SQL) Injection

50
Q

A web-based attack that injects malicious scripts into trusted websites, allowing attackers to steal data from users who visit the page.

A

Cross-site Scripting (XSS)

51
Q

A network of compromised computers or devices (often called zombies) controlled remotely by an attacker to launch coordinated attacks like DDoS.

52
Q

An individual device that has been infected with malware and is being controlled by an attacker as part of a larger botnet, often without the user’s knowledge.

53
Q

A type of cyberattack where the attacker secretly intercepts and possibly alters the communication between two parties without their knowledge. Often used to steal data or credentials. Also known as a man-in-the-middle (MITM) attack.

A

On-path Attack

54
Q

A weakness or flaw in software, hardware, or organizational processes that can be exploited by threats to gain unauthorized access, cause damage, or steal data.

A

Vulnerability

55
Q

FTP

A

20 (data), 21 (control)

56
Q

SSH

57
Q

Telnet

58
Q

SMTP

59
Q

DNS

60
Q

HTTP

61
Q

DHCP

A

67 (server), 68 (client)

62
Q

POP3

63
Q

NetBIOS

64
Q

IMAP

65
Q

SNMP

66
Q

LDAP

67
Q

HTTPS

68
Q

SMB

69
Q

RDP

70
Q

Transfers files between computers using a control and data channel

71
Q

Provides secure remote login and command execution using encryption

72
Q

Allows remote login to another host without encryption

73
Q

Sends email messages between servers

74
Q

Resolves domain names to IP addresses

75
Q

Loads websites using unencrypted web traffic

76
Q

Assigns IP addresses dynamically on a network

77
Q

Retrieves email from a server and downloads it to a local device

78
Q

Provides legacy file and printer sharing in older Windows networks

79
Q

Retrieves email while keeping it on the mail server

80
Q

Collects and organizes network device information and monitoring data

81
Q

Provides directory services like user and device lookups

82
Q

Loads websites using encrypted web traffic

83
Q

Shares files, printers, and other resources in Windows networks

84
Q

Allows remote desktop access to another computer over a network

85
Q

A user profile created and stored on the device itself versus one linked to an online identity for syncing settings, apps, and services across devices.

A

Local vs. Microsoft Account

86
Q

Account type that is intended for everyday use. It allows users to run apps, use the internet, and customize their personal environment, but it cannot install or uninstall software, change system settings, or manage other user accounts. It’s considered the safest type for daily use.

A

Standard Account

87
Q

An account type that has full control of the system. It can install and uninstall software, create and manage user accounts, change system-wide settings, and access protected system files. Administrator privileges are required for most maintenance and troubleshooting tasks.

A

Administrator

88
Q

Account type that is a built-in, very limited access profile designed for temporary or infrequent users. It cannot install programs, change settings, or access other users’ files. It’s disabled by default in modern Windows versions for security reasons.

A

Guest User

89
Q

Account type that is a legacy Windows group that has more permissions than a standard user but fewer than an administrator. It could install some software and access some system tools, but was restricted from high-level system management. This group is largely deprecated in modern Windows versions.

A

Power User

90
Q

Securely removing data from a storage device so it cannot be recovered. Often involves overwriting the drive multiple times with random data.

A

Erasing/Wiping

91
Q

A deeper, manufacturer-level formatting process that fully resets a storage device by rewriting sectors and mapping out bad ones

A

Low-Level Formatting

92
Q

The process of setting up a file system and clearing the file allocation table; does not fully erase existing data and is less secure for recycling.

A

Standard Formatting

93
Q

A network protocol that allows devices on the same network to discover each other and automatically configure services like media sharing or port forwarding. Convenient, but can introduce security risks if not properly managed

A

Universal Plug and Play (UPnP)

94
Q

the process of redirecting communication requests from one address and port number to another

A

Port Forwarding

95
Q

a process that takes the contents of a file and runs it through a mathematical algorithm to create a unique string of characters, known as a hash or checksum

96
Q

What does UAC stand for in Windows security? (Set 813)

A) User Access Control
B) Universal Admin Control
C) User Account Control
D) Unified Access Control

A

Answer: C) User Account Control

97
Q

Which port does HTTPS typically use? (Set 638)

A) 443
B) 80
C) 22
D) 21

A

Answer: A) 443

98
Q

What type of malware disguises itself as legitimate software? (Set 127)

A) Worm
B) Ransomware
C) Trojan
D) Spyware

A

Answer: C) Trojan

99
Q

Which Windows feature encrypts the entire disk? (Set 386)

A) Firewall
B) BitLocker
C) EFS
D) Windows Hello

A

Answer: B) BitLocker

100
Q

Which of the following methods ensures data is unreadable without the correct key? (Set 878)

A) Authentication
B) Authorization
C) Encryption
D) Hashing

A

Answer: C) Encryption

101
Q

Arrange the steps to enable BitLocker on a drive:
1) Right-click the drive
2) Select ‘Turn on BitLocker’
3) Choose how to unlock drive
4) Choose where to save recovery key
5) Start encryption

A
  1. Right-click the drive
  2. Select ‘Turn on BitLocker’
  3. Choose how to unlock drive
  4. Choose where to save recovery key
  5. Start encryption
102
Q

Arrange the steps for setting up a strong password policy:
1) Open Group Policy Editor
2) Navigate to Password Policy
3) Set password length
4) Set expiration days
5) Apply policy

A
  1. Open Group Policy Editor
  2. Navigate to Password Policy
  3. Set password length
  4. Set expiration days
  5. Apply policy
103
Q

Put the malware removal process in order:
1) Identify symptoms
2) Quarantine the system
3) Remediate
4) Schedule future scans
5) Reconnect to network

A
  1. Identify symptoms
  2. Quarantine the system
  3. Remediate
  4. Schedule future scans
  5. Reconnect to network
104
Q

Put the steps in order for configuring a firewall rule:
1) Open Windows Defender Firewall
2) Click Advanced Settings
3) Create new rule
4) Define ports and protocol
5) Apply rule

A
  1. Open Windows Defender Firewall
  2. Click Advanced Settings
  3. Create new rule
  4. Define ports and protocol
  5. Apply rule
105
Q

Put the steps to enable multifactor authentication (MFA) in order:
1) Sign in to security settings
2) Select MFA options
3) Enter verification method
4) Confirm and test MFA

A
  1. Sign in to security settings
  2. Select MFA options
  3. Enter verification method
  4. Confirm and test MFA