Security Flashcards
What is a smart card?
A hardware device that has an embedded microchip that contains authentication or security information
What is a digital signature?
An electronic signature that can be used to prove the sender’s identity or a document’s signer
What is a digital certificate?
An electronic file that establishes your identity via a public key infrastructure (PKI) to complete transactions
What is chassis intrusion detection in the BIOS?
A physical intrusion detection system that alerts the user if the computer’s cover has been removed
Which type of attach is conducted by an email request from a financial institution asking you to log in and change your password using the provided link?
Phishing
What type of attack uses drones to obtain email accounts to send spam?
A botnet attack
What is the quickest way to lock a Windows 7 computer?
Win + L
How should you protect a portable computer from being stolen in your absence if the portable computer cannot be physically secured using a locking mechanism?
Lock the portable computer in a drawer
What should you do to ensure that an authorized user does not reveal security information or credentials to any unauthorized person?
Implement social engineering mitigation techniques
Which guidelines should you refer to if you find that someone has breached the security of the server room?
The company’s security policy
What is the FIRST action you should perform if you find that your fellow technician has left the door of the server room open?
Close the door
Which software gather’s the user’s information through the user’s internet connection without the user’s knowledge?
Spyware
Which recommended file system format for Windows XP enables advanced performance, security, and reliability features?
NTFS
What are two ways that you can encrypt a file?
- Right-click the file, select Properties, and click Advanced.
- Use the Cipher command
How can you enable some users to access certain files and restrict others from accessing the same files?
Set different permissions for the users
What are the four primary user groups on a Windows XP computer?
Administrators, Power Users, Users, and Guests
Which two passwords can be configured using the BIOS setup utility?
Supervisor password and user password
Which password can be configured to prevent unauthorized access to the BIOS setup utility?
Supervisor password
Which password prevents unauthorized users from booting up the computer?
User password
What should a technician do when facing an error ‘SSL certificates are no longer valid’?
Clear the SSL slate in Internet Explorer
Which type of software can assist you in protecting your computer against virus-related problems?
Antivirus
Why should you not store passwords in a text file on your desktop?
Someone can open the file and read your passwords
In a Microsoft Active Directory domain, what must a user’s password contain by default?
A password must contain three out of the following four conventions: • Upper-case letters • Lower-case letters • Numeric or special characters • At least 8 characters
What should an administrator tell a user about passwords?
Memorize the password, and do not tell anyone the password
What is the maximum length of the Windows password that is supported by Windows XP?
127 characters
What can you configure on a Microsoft Active Directory domain to ensure that all Windows XP and Vista users have passwords that adhere to the company security policy?
Group Policy object
What is the latest encryption standard that must be used to protect the data being transmitted over a wireless network?
Wi-Fi Protected Access, second generation (WPA2)
What are the three levels of encryption standards for wireless networks?
WEP, WPA, and WPA2
Which tool helps determine the security state of an organization?
Windows Baseline Security Analyzer
What should you do if you overhear a private conversation between two managers of a different department?
Keep the information confidential
Which security protocol is used to secure wireless local area networks (WLANs) defined in the IEEE 802.11 wireless networking standard?
Wired Equivalent Privacy (WEP)
What type of virus generally affects the system by attaching itself to MS-Office applications?
Macro virus
What type of virus can infect system files and boot sectors of a computer system?
Multipart and boot sector viruses
What does a polymorphic virus do?
Produces multiple operational copies of itself
What does a self-garbling virus do?
Formats its own code to prevent antivirus software from detecting it
What does a stealth virus do?
Hides the changes it makes as it replicates
What is a Trojan horse?
Malware that is disguised as a useful utility but embeds malicious code in itself
What is a virus?
Malicious software (malware) that relies upon other application programs to execute and infect a system
What uses tracking cookies to collect and report on a user’s activities?
Spyware
Which attributes or details of an employee can be used by biometric devices?
They include: • Fingerprints • Face • Signature • Iris • Retina • Hand geometry
What are two common tools from Microsoft to fight malware?
Windows Defender and Microsoft AniSpyware
What is the purpose of BitLocker in Windows Vista?
Drive encryption
Which wireless security protocol is most secure: WPA, WPA2, or WEP?
WPA2
Which Windows feature can cause your system to be reinfected with a virus?
The System Restore feature
In biometrics, which security is worse: a false negative or a false positive?
False positive
In biometrics, what is a false positive?
When someone who is NOT supposed to have access to the system is erroneously granted access
In biometrics, what is a false negative?
When someone who is supposed to have access to the system is erroneously denied access
What is adware?
Software installed on your computer that automatically displays advertisements when the software is running
Which security device protects the local network from outside hacking by blocking ports and filtering MAC addresses?
A firewall
What is the number of characters in a 256-bit WEP key?
58
What is the number of characters in a 104-bit WEP key?
26
What is the number of characters in a 40-bit WEP key?
10
Which command is used to run the driver installation of wireless connection?
DEVMGMT.MSC
Which encryption key is used to provide security along with the service set identifier (SSID) to access a secure wireless network?
The Wired Equivalent Privacy (WEP) key
Where is the Security Center icon located in Windows XP?
In Control Panel
The Security Center icon in Windows XP was introduced with which Service Pack?
SP2
In which specific area of a hard disk drive does a boot-sector virus place its starting code?
Master Boot Record (MBR)
What should you do to effectively use your virus scanner to protect your computer from mail-, Wed-, and removable media-borne viruses?
Configure the virus scanner to scan email, web pages, and removable media as well as your hard drive
What type of attack takes the control of a session between a server and a client?
Session hijacking
Which device can be installed to monitor visitor entry into a server room when there is not enough manpower to escort the visitor?
Video surveillance cameras or closed-circuit television (CCTV)
Which type of cards use a public key infrastructure (PKI) for secure access?
Smart cards
Which mode of communication does Bluetooth wireless technology use?
Radio waves
Which three types of characters can be used in combination to set a strong password in Windows XP?
Alphabetic, numeric, and special characters
Which wizard is used to setup a wireless connection in Windows XP?
Wireless Network Setup Wizard
Which tab on the Wireless Connection Properties dialog box of Windows XP SP1 or SP2 should be used to specify the name of the server to be used for authentication?
The Authentication tab
What should you do if your smart card is stolen?
Get it inactivated and replaced
Which authentication method uses a small card with an embedded silicon chip which stores information on it?
Smart card authentication
Which authentication method uses fingerprint recognition as a method to identify an individual?
Biometric authentication
Which authentication method can be used to identify a person on the basis of that person’s physiological or behavioral characteristics?
Biometric authentication
Which option should be selected in Control Panel > Administrative Tools to create a new local group?
Computer Management
Which tab under the User Accounts option in Control Panel will you use to ensure that a user must press the Ctrl+Alt+Del keys before logging in?
The Advanced tab
If a drive or a partition is converted from FAT32 to NTFS, which step needs to be performed to convert it back to FAT32 in Windows XP?
Format the drive or partition
What should you do to notify a user before deleting a shared folder from a network computer?
Send a Console Message by navigating to Computer > Management > Shared Folders > Shares > All tasks > Send Console Message
Which step should be performed first while deleting a shared folder from a network computer?
Notify all users by sending a console message
Which three permissions are given to a user by default when a folder is shared on a Windows XP computer?
Read and Execute, List Folder Contents, and Read permissions
What is the recommended process when you need to assign a group of permissions to a set of users?
Create a group. Assign the permissions to the group. Add all the user accounts to the group.
Why should you disable all unused features of your Web browser?
To provide the best security for your web browser
What is the term for creating TCP/IP packets using somebody else’s IP address?
IP spoofing
Where on a Windows XP computer can you find information about the user accounts that previously logged into the computer?
Security Log in Event Viewer
Which type of attack attempts to disrupt access to the server, which is forced to re-authenticate on each web page?
Distributed denial-of-service (DDoS)
On which protocol does an attacker attack by taking advantage of the security flaws during network implementation to carry out land attacks?
Transmission Control Protocol/Internet Protocol (TCP/IP)
Which five main attack vectors are used by social engineering hackers?
Online, telephone, waste management, personal approaches, and reverse social engineering
What is the name of the technique of circumventing technological security measures by manipulating people to disclose secure information?
Social engineering
What must you consider when calculating the effective permissions of a user accessing files through a network share on a remote computer with a disk that is formatted in NTFS?
You must determine the effective permissions by analyzing the share permissions and NTFS permissions
When you sign an email with a(n) _______________, the email cannot be changed or modified without changing the digital signature.
Encrypted signature
How do you send an encrypted email message?
Sign the message with an encrypted signature to the message so that the recipient can read the message without decrypting it and only needs decryption to verify the sender’s identity
Which authentication standard is enabled by default to secure network access for wireless network on Windows XP Service Pack 1 (SP1)?
IEEE 802.1x authentication standard
Which two protocols provide encrypted communications between 902.11x wireless clients and wireless access points?
Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA)
Which program is used to list frequently accessed shared folders on Windows XP computer?
My Network Places
Which process allows a shared folder from another computer to appear as a separate disk drive on your computer?
Drive mapping
Which technology used by cable modems varies the data transmission rate based on the number of users connected to the cable?
Shared connection technology
How many bit encryption key of initialization vector (IV) is generated and appended to the Wireless Equivalency Protocol (WEP) encryption key?
24-bit
What should you configure when setting up a wireless connection?
Configure the SSID and decide which encryption standard to use
Which protocol is used to indicate the subtype set authentication, whether or not encryption and authentication are used in data frames and management frames?
Wired Equivalent Privacy (WEP)
What are the two most commonly known types of malware?
Viruses and Trojan horses
What software damages or disrupts a system without the owner’s permissions?
malware
