Security (5) Flashcards
It appears as though someone is trying to log in to a user account by guessing the password. Which account management policy will help prevent this type of attack?
Setting failed attempts lockout
Disabling autologin
Requiring strong passwords
Setting failed attempts lockout
Configure user account settings so that there are a limited number of login attempts (three is a good number) before the account is locked for a period of time. Legitimate users who need to get in before the block expires can contact the administrator and explain why they weren’t able to give the right password three times in a row, and illegitimate users will go away in search of another system to try to enter
Dianne is typing her password in to her workstation and notices her co-worker Todd hovering nearby. When she glances up at him, it appears as though he was watching her type, and he quickly looks away. What is this an example of?
Spoofing
Tailgating
Shoulder surfing
Shoulder surfing
One form of social engineering is shoulder surfing, and it involves nothing more than watching someone when they enter their sensitive data. They can see you entering a password, typing in a credit card number, or entering any other pertinent information. The best defense against this type of attack is simply to survey your environment before entering personal data
You are installing a small office wired network. The manager is concerned that employees will visit websites with objectionable material. Which feature should you look for in a router to help prevent such access?
Content filtering
Disabling ports
Port forwarding/mapping
Content filtering
Content filtering is the process of blocking objectionable content, from either websites or email. Many routers and firewalls will provide content filtering services. In many cases, a reference service is used to block websites, and filters can be implemented to scan emails for prohibited content
Your office is in a building with several other companies. You want to configure the wireless network so that casual users in the building are not able to easily see your network name. What should you do to configure this?
Enable WPA2.
Enable MAC filtering.
Disable SSID broadcasts.
Disable SSID broadcasts.
One method of “protecting” the network that is often recommended is to turn off the SSID broadcast. The access point is still there and can still be accessed by those who know of it, but it prevents those who are looking at a list of available networks from finding it. This should be considered a weak form of security because there are still ways, albeit a bit more complicated, to discover the presence of the access point besides the SSID broadcast
You have a Windows domain network and want to ensure that users are required to maintain strong passwords. What is the best way to implement this on the network?
Use a firewall.
Use DLP.
Use Group Policy.
Use Group Policy.
In a Windows domain, password policies can be configured at the domain level using Group Policy objects. Variables that you can configure include password complexity and length and the time between allowed changes to passwords
You are planning security protocols for your company’s new server room. What’s the simplest way to help keep potential attackers away from your servers?
Install a mantrap.
Use cable locks.
Lock the doors.
Lock the doors
Sometimes the obvious solutions are the best ones! A key aspect of access control involves physical barriers. One of the easiest ways to prevent those intent on creating problems from physically entering your environment is to lock your doors and keep them out
A user on your network reported that his screen went blank and a message popped up. It’s telling him that his files are no longer accessible, and if he wants them back, he needs to enter a credit card number and pay a $200 fee. Which type of malware has infected his system?
Rootkit
Ransomware
Trojan
Ransomware
With ransomware, software—often delivered through a Trojan horse—takes control of a system and demands that a third party be paid. The “control” can be accomplished by encrypting the hard drive, by changing user password information, or via any of a number of other creative ways. Users are usually assured that by paying the extortion amount (the ransom), they will be given the code needed to revert their systems to normal operations. Even among malware, ransomware is particularly nasty
You are setting up a new wireless router for a home office. Which of the following should you change when initially configuring the network? (Choose two.)
The router administrator’s username and password
The default SSID
The radio power level
The WPS setting
The router administrator’s username and password
The default SSID
When configuring a new wireless router, always change the username and password first. This prevents would-be hackers from having easy access to the router. Then change the default SSID
You are configuring a router for a small office network. The network users should be able to access regular and secure websites and send and receive email. Those are the only connections allowed to the Internet. Which security precaution should you take to prevent additional traffic from coming through the router?
Enable content filtering.
Enable port forwarding/mapping.
Use port security.
Use port security.
Disable all unneeded protocols/ports. In this case, ports 80 and 443 are needed for HTTP and HTTPS access, and ports 25, 110, and 143 may be needed for email. That’s it. If you don’t need them, remove the additional protocols, software, or services or prevent them (disable them, or block them, as the setting is typically called on a router) from loading. Ports not in use present an open door for an attacker to enter
Your iPhone requires a passcode to unlock it. Because of recent phone thefts around your office, you want to set your phone so that all data is destroyed if incorrect passcodes are entered 10 times in a row. Which feature allows you to do this?
Failed login attempts restrictions
Screen locks
Remote wipes
Failed login attempts restrictions
Failed login attempt restrictions will destroy all local data on the phone if incorrect passcodes are entered 10 times in a row. While this is recommended for users with phones that contain sensitive data and that are frequently taken into public venues or placed in compromising positions, the casual user should not turn on this feature unless they can be sure there will always be a recent backup available in iTunes
On a Windows 8 workstation, there are two NTFS volumes. The Managers group has Modify access to the D:\mgmt directory. You move the folder to the D:\keyfiles folder, to which the Managers group has Read access. What level of permissions will the Managers group have to the new D:\keyfiles\mgmt directory?
Full Control
Modify
Read & Execute
Modify
When you move a file or folder on the same NTFS volume, it will keep its original permissions. If you copy it or move it to a different volume, it will inherit permissions from its new parent directory
For users to log on to your network from a remote location, they are required to supply a username and password as well as a code from an RSA token. What type of security is this an example of?
Using a firewall
Using multifactor authentication
Using an access control list
Using multifactor authentication
When users log on to a computer or network, they are generally required to provide credentials such as a username or password. In multifactor authentication, the user is required to provide two or more items. These items are generally from two of three categories: something they know (such as a password), something they have (such as a code from a security token), or something they are (biometric screening)
You want to recycle some hard drives that your company no longer uses but do not want other people to have access to the data. Which methods of removing the data are acceptable for your purposes? (Choose two.)
Formatting the drive
Using an overwrite utility
Using a drive wipe utility
Using electromagnetic fields
Using an overwrite utility
Using a drive wipe utility
The best methods are either overwrite or drive wipe. Overwriting the drive entails copying over the data with new data. A common practice is to replace the data with 0s. Drive wipes do a similar thing. Formatting the drive does not guarantee that others can’t read the data. Using electromagnetic fields (or degaussing) isn’t reliable and can damage the hard drive. (Not to mention it won’t work at all on SSDs!)
Which of the following file attributes are turned on by default for system files on a Windows 8.1 workstation? (Choose two.)
Hidden
Archive
System
Read-only
Hidden
System
System files are critical to the operating system working properly and should not be changed or deleted. By default, the Hidden and System attributes are set. Some are also set to Read-only, but not all. For example, the virtual memory file (pagefile.sys) is a system file but is not Read-only
You have just installed a Windows 8.1 workstation. For better security, which user account should you disable?
Default User
Administrator
Guest
Guest
When Windows is installed, one of the default accounts it creates is Guest, and this represents a weakness that can be exploited by an attacker. While the account cannot do much, it can provide initial access to a system, and the attacker can use that to find another account or acquire sensitive information about the system. To secure the system, disable all accounts that are not needed, especially the Guest account, which is disabled by default
