Security (4) Flashcards
Which type of malware is designed to replicate itself and spread, without the need for inadvertent user action to help it do this?
Virus
Worm
Trojan
Worm
A worm is different from a virus in that it can reproduce itself, it’s self-contained, and it doesn’t need a host application to be transported. Many of the so-called viruses that have made the news were actually worms. Worms can use TCP/IP, email, Internet services, or any number of possibilities to reach their target
Your network has recently been hit with a significant amount of spam messages. What should you implement to help reduce this nuisance?
Firewall
Email filtering
Access control list
Email filtering
Email filtering, as the name implies, involves filtering email before passing it on. This can be done with messages intended both to enter and to leave the network, and it can head off problems before they can propagate. One of the simplest filters is the spam filter included with most email programs
You want to grant LaCrea the ability to change permissions for others on the Equity folder, which is on an NTFS volume. Which level of NTFS permission do you need to grant her?
Read & Execute
Change Permissions
Full Control
Full Control
The Full Control permission gives the user all the other permissions and the ability to change permissions for others. The user can also take ownership of the directory or any of its contents. There is no Change Permissions standard NTFS permission
You read an article on the Internet about a hacker who bragged about creating a program that can try to log in by guessing one million passwords per second. What type of attack is he attempting?
Zombie/botnet
Phishing
Brute forcing
Brute forcing
A brute-force attack is an attempt to guess passwords until a successful guess occurs. Because of the nature of this attack, it usually occurs over a long period of time, but automated programs can do it quickly. In this situation, you might have been tempted to choose a dictionary attack, but the defining characteristic of those attacks is the use of common words, which was not part of this question. (Brute force can be combined with dictionary attacks as well.)
Which of the following security methods will prove to be ineffectual when trying to prevent software-based attacks? (Choose two.)
Mantrap
Firewall
Anti-malware
Privacy filter
Mantrap
Privacy filter
A mantrap and privacy filters are physical security methods. They will not prevent software-based attacks. Firewalls can block malicious network traffic, and anti-malware can block malicious software such as viruses and worms
You have been instructed to destroy several old hard drives that contained confidential information, so you take them to a local company that specializes in this process. The IT director wants confirmation that the drives were properly destroyed. What do you need to provide him with?
Photos of the destroyed hard drives
A notarized letter from the disposal company
A certificate of destruction
A certificate of destruction
A certificate of destruction (or certificate of recycling) may be required for audit purposes. Such a certificate, usually issued by the organization carrying out the destruction, is intended to verify that the asset was properly destroyed and usually includes serial numbers, type of destruction done, and so on
You have a corporate iPhone. Today, you notice that there is a new iOS update available for your device. For the best security, which of the following is recommended?
Wait until corporate IT approves the change before updating your OS.
Update your OS immediately.
Wait one week to ensure that the OS update has no issues and then update your device.
Update your OS immediately.
The best rule of thumb is that if your OS vendor provides an update, you should install it as soon as possible. Some companies do want their corporate IT groups to vet the update first, but it’s still always a best practice to update sooner rather than later
Larissa is trying to access the Flatfiles folder on a remote NTFS volume. She is a member of the Datateam group. The Datateam group has NTFS permissions of Allow Read & Execute. The folder is shared with the Datateam group, but there are no explicit Allow or Deny permissions checked. What is Larissa’s access level to the Flatfiles folder?
Full Control
Read & Execute
Read
Read & Execute
Share and NTFS permissions are both consulted when accessing an NTFS resource across the network. The most restrictive permission set between the two is applied. If there are no explicit Allow or Deny share permissions set, though, then only the NTFS permissions apply
Sue is an administrator on the network and is logged in with an account in the Users group but not the Administrators group. She needs to run SFC on the computer, which requires administrative privileges. What is the easiest way for her to do this?
Log off and back on again with an account that is part of the Administrators group. Then open a command prompt and run SFC.
Open a command prompt by choosing Run As Administrator and then run SFC.
Right-click the SFC icon in Control Panel and choose Run As Administrator.
Open a command prompt by choosing Run As Administrator and then run SFC.
If you attempt to run some utilities (such as SFC) from a standard command prompt, you will be told that you must be an administrator running a console session in order to continue. Rather than opening a standard command prompt, choose Start ➢ All Programs ➢ Accessories and then right-click Command Prompt and choose Run As Administrator. The UAC will prompt you to continue, and then you can run SFC without a problem
Priscila is working at a Windows 8.1 workstation, formatted with NTFS. She is a member of the Dev group and the Ops group. The Dev group has Read access to the projects folder, and the Ops group has Write access. What is Priscila’s effective permissions for the projects folder?
Full Control
Read and Write
No access
Read and Write
When users are granted NTFS permissions from multiple groups, their effective permissions are cumulative, or the most liberal of the permissions assigned. In this case, Write also gives the ability to Read; therefore, the user has both
Which type of security method allows you to get your security device in close proximity to a reader (but doesn’t require touching) to validate access?
PIN code
Badge reader
Security token
Badge reader
A smart card is a type of badge or card that gives you access to resources, including buildings, parking lots, and computers. It contains information about your identity and access privileges. A protected computer or area has a badge reader in which you insert your card. In the case of using Radio Frequency Identification (RFID), the reader is a wireless, no-contact technology and the user does not need to touch the card to the reader
Someone has configured an external server with an IP address that should belong to one of your sister company’s servers. With this new computer, they are attempting to establish a connection to your internal network. What type of attack is this?
Spoofing
Man-in-the-middle
Zombie/botnet
Spoofing
A spoofing attack is an attempt by someone or something to masquerade as someone else. This type of attack is usually considered an access attack. The most popular spoofing attacks today are IP spoofing, ARP spoofing, and DNS spoofing. This is an example of IP spoofing, where the goal is to make the data look as if it came from a trusted host when it didn’t (thus spoofing the IP address of the sending host)
Which type of security device often incorporates RFID technology to grant access to secure areas or resources?
Smart card
Security token
Mantrap
Smart card
A smart card is a type of badge or card that gives you access to resources, including buildings, parking lots, and computers. It contains information about your identity and access privileges. Each area or computer has a card scanner or a reader in which you insert your card. Radio Frequency Identification (RFID) is the wireless, no-contact technology used with these cards and their accompanying reader
You are configuring a wireless network for a small office. What should you enable for the best encryption possible for network transmissions?
WPA2
WEP
WPA
WPA2
There are generally three wireless encryption methods available. From least to most secure, they are WEP, WPA, and WPA2. Always go with WPA2 unless strange circumstances prevent you from doing so
Which of the following prevention methods will best deter the usefulness of Dumpster diving for confidential materials?
Document shredding
Privacy filters
Cable locks
Document shredding
Companies normally generate a huge amount of paper, most of which eventually winds up in dumpsters or recycle bins. Dumpsters may contain information that is highly sensitive in nature, and attackers may seek it out by practicing dumpster diving. In high-security and government environments, sensitive papers should be either shredded or burned
