Security (2) Flashcards

1
Q

You have been hired to implement new network security practices. One of the things you need to do is create a document describing the proper usage of company hardware and software. What is this type of document called?

DLP

AUP

ACL

A

AUP

Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware. This policy should also outline the consequences for misuse. In addition, the policy (also known as a use policy) should address the installation of personal software on company computers and the use of personal hardware such as USB devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have a Windows 7 Enterprise workstation and want to encrypt the entire hard drive, including startup files. Which technology best meets your needs?

BitLocker

BitLocker To Go

EFS

A

BitLocker

BitLocker Drive Encryption allows you to use drive encryption to protect files—including those needed for startup and logon. This is available only with Windows 10 Professional and Enterprise versions, Windows 8 (Pro and Enterprise), and Windows 7 (Enterprise and Ultimate). For removable drives, BitLocker To Go provides the same encryption technology to help prevent unauthorized access to the files stored on them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Software was installed on a laptop without the user’s knowledge. The software has been tracking the user’s keystrokes and has transmitted the user’s credit card information to an attacker. What type of threat is this?

Zombie/botnet

Spoofing

Spyware

A

Spyware

Spyware differs from other malware in that it works—often actively—on behalf of a third party. Rather than self-replicating, like viruses and worms, spyware is spread to machines by users who inadvertently ask for it. The users often don’t know they have asked for it but have done so by downloading other programs, visiting infected sites, and so on. The spyware program monitors the user’s activity and responds by offering unsolicited pop-up advertisements (sometimes known as adware), gathers information about the user to pass on to marketers, or intercepts personal data such as credit card numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A new user named Jelica has joined your company as a network administrator. Which of the following statements is most correct regarding her network access?

She should have just one user account, with standard user-level permissions.

She should have two user accounts, one with user-level permissions and one with administrator-level permissions.

She should have thee user accounts, one with user-level permissions, one with administrator-level permissions, and one with remote access administrator-permissions.

A

She should have two user accounts, one with user-level permissions and one with administrator-level permissions.

Jelica should have a non-administrative account to use for day-to-day tasks. And Jelica also needs an account with administrative privileges to perform the administrative duties. When creating user accounts, follow the principle of least privilege: Give users only the permissions they need to do their work and no more. This is especially true with administrators. Those users should be educated on how each of the accounts should be used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which types of security threats are direct attacks on user passwords? (Choose two.)

Brute force

Zombie/botnet

Dictionary attack

Spoofing

A

Brute force

Dictionary attack

Password attacks occur when an account is attacked repeatedly. This is accomplished by using applications known as password crackers, which send possible passwords to the account in a systematic manner. Two types of password attacks are brute-force and dictionary attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You read corporate email on your iPhone and do not want others to access the phone if you leave it somewhere. What is the first layer of security that you should implement to keep others from using your phone?

Multifactor authentication

Full device encryption

Screen lock

A

Screen lock

All the options will increase the security of an iPhone. For just the basic level of security, though, enable a screen lock. A user will need to enter a code to gain access to the device. It’s typically enough to thwart casual snoops and would-be hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You use your mobile phone for email and extensive Internet browsing. You want to add an additional level of security to always verify your identity online when accessing various accounts. Which type of app do you need?

Authenticator app

Trusted source app

Biometric authentication app

A

Authenticator app

An authenticator app can help securely verify your identity online, regardless of the account you want to log into. Different apps work in different ways, but the general procedure is that the app will generate a random code for you to type in along with your username and password. The random code helps identify you and tells the site you are logging into that you really are who you say you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You have instructed users on your network to not use common words for their passwords. What type of attack are you trying to prevent?

Brute forcing

Dictionary attack

Social engineering

A

Dictionary attack

A dictionary attack uses a dictionary of common words to attempt to find the user’s password. Dictionary attacks can be automated, and several tools exist in the public domain to execute them. As an example of this type of attack, imagine guessing words and word combinations found in a standard English-language dictionary. The policy you have recommended could also help thwart those who may try to look over a shoulder to see a user’s password, but they can still see it whether it’s a common word or not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which type of malware is designed to look like a different program and, when installed, create a back door for an attacker to access the target system?

Trojan

Virus

Worm

A

Trojan

Trojan horses are programs that enter a system or network under the guise of another program. A Trojan horse may be included as an attachment or as part of an installation program. The Trojan horse can create a back door or replace a valid program during installation. It then accomplishes its mission under the guise of another program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You have been asked to dispose of several old magnetic hard drives. What is the name of the process of using a large magnet to clear the data off a hard drive?

Overwriting

Degaussing

Incineration

A

Degaussing

A large electromagnet can be used to destroy any magnetic media, such as a hard drive or backup tape set. The most common of these is the degaussing tool. Degaussing involves applying a strong magnetic field to initialize the media (this is also sometimes referred to as disk wiping). This process helps ensure that information doesn’t fall into the wrong hands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You recently noticed a change on your computer. Now when you open your web browser, no matter what you search for, you get a dozen unsolicited pop-up windows offering to sell you items you didn’t ask for. What type of problem does your computer have?

Spyware

Ransomware

Zombie/botnet

A

Spyware

Spyware differs from other malware in that it works—often actively—on behalf of a third party. Rather than self-replicating, like viruses and worms, spyware is spread to machines by users who inadvertently ask for it. The users often don’t know they have asked for it but have done so by downloading other programs, visiting infected sites, and so on. The spyware program monitors the user’s activity and responds by offering unsolicited pop-up advertisements (sometimes known as adware), gathers information about the user to pass on to marketers, or intercepts personal data such as credit card numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

On a Windows 7 workstation, there is one volume formatted with NTFS. The Developers group has Modify access to the C:\dev directory. You copy the folder to the C:\operations folder, to which the Developers group has Read access. What level of permissions will the Developers group have to the new C:\operations\dev directory?

Modify

Read & Execute

Read

A

Read

When a file or folder is copied on NTFS volumes, the new file or folder will inherit its permissions from its new parent folder. The old permissions will be discarded. However, when files and folders are moved, versus copying them, the original permissions are retained at the new location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Your office has recently experienced several laptop thefts. Which security mechanism is designed to protect mobile devices from theft?

Security token

USB lock

Key fob

A

USB lock

Users should never leave a company notebook computer, tablet computer, or smartphone in a position where it can be stolen or compromised while they are away from the office. USB locks or cable locks should be used to keep notebook computers securely in place whenever users are not near their devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which type of security device displays a randomly generated code that the user enters for access to computer resources?

RFID badge

Smart card

Key fob

A

Key fob

Key fobs are named after the chains that used to hold pocket watches to clothes. They are security devices that you carry with you; they display a randomly generated code that you can then use for authentication. This code usually changes very quickly (every 60 seconds is probably the average), and you combine this code with your PIN for authentication. RSA is one of the most well-known vendors of key fobs. These may also be called security tokens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which type of digital security needs to have constant updates to best protect your network or computer?

Antivirus

Firewall

Access control list

A

Antivirus

Antivirus software is an application that is installed on a system to protect it and to scan for viruses as well as worms and Trojan horses. Most viruses have characteristics that are common to families of viruses. Antivirus software looks for these characteristics, or fingerprints, to identify and neutralize viruses before they impact you. Antivirus software needs to be constantly updated to ensure that it can detect the most current viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are at work and receive a phone call. The caller ID indicates it’s coming from your manager’s desk. You can see your manager’s desk and no one is sitting there. What is likely happening?

A zombie/botnet attack

An impersonation attack

A zero-day attack

A

An impersonation attack

Impersonation is an attempt by someone or something to masquerade as someone else. You might think of impersonation attacks as affecting network systems, but they can affect phone systems as well

17
Q

Graham is working on a Windows 7 workstation. His user account is a member of the Managers group. He is trying to access a folder named reports, located on a different computer. The NTFS permissions for the reports shared folder on that computer for the Managers group are Read and Write. The folder’s shared permissions for the Managers group is Read permission. What is Graham’s effective permissions on the reports folder?

Full Control

Read and Write

Read

A

Read

Because Graham is accessing the NTFS-based resource over the network, both NTFS and Share permissions are applied. If there is a difference between the two of them, the most restrictive permissions are used. Therefore, Graham has Read access only

18
Q

A system administrator is concerned about Windows users inadvertently installing malware from CD- or DVD-ROMs that contain malicious code. What can she do to help prevent this from happening?

Set restrictive user permissions.

Enable BIOS/UEFI passwords.

Disable autorun.

A

Disable autorun.

It is never a good idea to put any media in a workstation if you do not know where it came from or what it is. The simple reason is that said media (CD, DVD, USB) could contain malware. Compounding matters, that malware could be referenced in the autorun.inf file, causing it to be summoned when the media is inserted in the machine and requiring no other action

19
Q

You are configuring NTFS and Share permissions on a Windows 8.1 workstation. Which of the following statements is true regarding permissions?

NTFS and Share permissions apply only when you are accessing a resource across the network.

NTFS permissions apply when you are accessing a resource on the local machine or across the network. Share permissions apply only when you are accessing a resource across the network.

NTFS permissions apply only when you are accessing a resource across the network. Share permissions apply when you are accessing resources on the local machine or across the network.

A

NTFS permissions apply when you are accessing a resource on the local machine or across the network. Share permissions apply only when you are accessing a resource across the network.

NTFS permissions can affect users logged on locally or across the network to the system where the NTFS permissions are applied. Share permissions are in effect only when the user connects to the resource via the network

20
Q

Which type of malware will attempt to hide itself by encrypting parts of itself, therefore changing its signature, to avoid detection?

Stealth virus

Phage virus

Polymorphic virus

A

Polymorphic virus

Polymorphic (literally, many forms) viruses change form to avoid detection. These types of viruses attack your system, display a message on your computer, and delete files on your system. The virus will attempt to hide from your antivirus software. Frequently, the virus will encrypt parts of itself to avoid detection. When the virus does this, it’s referred to as mutation. The mutation process makes it hard for antivirus software to detect common characteristics of the virus

21
Q

Which type of security threat gains administrative-level access for an attacker to perform another attack and then hides its presence from system management tools?

Virus

Spyware

Rootkit

A

Rootkit

Rootkits are software programs that have the ability to hide certain things from the operating system; they do so by obtaining (and retaining) administrative-level access. With a rootkit, there may be a number of processes running on a system that don’t show up in Task Manager, or connections that don’t appear in a Netstat display may be established or available—the rootkit masks the presence of these items

22
Q

Venkat wants to encrypt a few files on the NTFS volume on his Windows 7 workstation. He does not have administrative rights to the computer. Which of the following statements is correct?

He can use BitLocker.

He can use BitLocker To Go.

He can use EFS.

A

He can use EFS.

Encrypting File System (EFS) is available in most editions of Windows, and it allows for encryption/decryption of files stored in NTFS volumes. All users can use EFS, whereas only administrators can turn on BitLocker. It does not require any special hardware, while BitLocker benefits from having the Trusted Platform Module (TPM). As an additional distinction, EFS can encrypt just one file, if so desired, while BitLocker encrypts the whole volume and whatever is stored on it

23
Q

Which type of digital security is designed to protect your network from malicious software programs?

DLP

VPN

Anti-malware

A

Anti-malware

Anti-malware software will help protect computers from malicious programs. Typically, anti-malware does everything that antivirus software does as well as identify threats beyond just viruses. A lot of anti-malware software is marketed as antivirus software