Security

Question 1

A firewall operating as a ____ passes or blocks traffic to specific addresses based on the type of application and the port used.

Answer 1

packet filter

Question 2

A ___ firewall can be thought of as an intermediary between your network and any other network.

Answer 2

proxy

Question 3

____ firewalls are used to process requests from an outside network; the ____ firewall examines the data and makes rule-based decisions about whether the request should be forwarded or refused.

Answer 3

Proxy

Question 4

A proxy firewall typically uses two ____.

Answer 4

network interface cards (NICs).
*Note
This type of firewall is referred to as a dual-homed firewall.

Question 5

____ proxy functions read the individual commands of the protocols that are being served.

Answer 5

Application-level

Question 6

An implementation of this type of proxy must know the difference between ___ and ___ operations, for example, and have rules specifying how to execute them.

Answer 6

Get & Put

Question 7

A ____ proxy creates a circuit between the client and the server and doesn’t deal with the contents of the packets that are being processed.

Answer 7

circuit-level

Question 8

Many proxy servers also provide full ____, and other usage information that wouldn’t normally be kept by a circuit-level proxy server.

Answer 8

full auditing, accounting

Question 9

____ inspection is also referred to as ____ packet filtering.

Answer 9

Stateful

Question 10

____ describe how the employees in an organization can use company systems and resources, both software and hardware.

Answer 10

Acceptable use policies (AUPs)

Question 11

A ____ attack is an attempt to guess passwords until a successful guess occurs.

Answer 11

brute-force

Question 12

A ____ attack uses a dictionary of common words to attempt to find the user’s password.

Answer 12

dictionary

Question 13

A ___ attack typically uses a combination of dictionary entries and brute force.

Answer 13

hybrid

Question 14

___ are software programs that have the ability to hide certain things from the operating system; they do so by obtaining (and retaining) administrative-level access.

Answer 14

Rootkits

Question 15

A ____ virus exploits the enhancements made to many application programs.

Answer 15

macro

Question 16

A ____virus attaches itself to legitimate programs and then creates a program with a different filename extension.

Answer 16

companion

Question 17

A ____ attack is an attempt by someone or something to masquerade as someone else.

Answer 17

spoofing

Question 18

Rather than self-replicating, like viruses and worms, ___ is spread to machines by users who inadvertently ask for it.

Answer 18

spyware

Question 19

An ____ virus is designed to make itself difficult to detect or analyze. ____ viruses cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus.

Answer 19

armored

Question 20

A ____ virus attaches itself to legitimate programs and then creates a program with a different filename extension.

Answer 20

companion

Question 21

A ____ virus exploits the enhancements made to many application programs.

Answer 21

macro

Question 22

____ viruses can infect all of the documents on your system and spread to other systems via email or other methods. Macro viruses are one of the fastest-growing forms of exploitation today.

Answer 22

Macro

Question 23

A ___ virus attacks your system in multiple ways.

Answer 23

multipartite

Question 24

A ___ virus alters programs and databases and the only way to remove this virus is to reinstall the programs that are infected.

Answer 24

phage

Question 25

A ____ is an algorithm or other element of a virus that uniquely identifies it.

Answer 25

signature

Question 26

A ____ virus attempts to avoid detection by masking itself from applications.

Answer 26

stealth

Question 27

With a ____ virus an infected file may report a file size different from what is actually present.

Answer 27

stealth

Question 28

____ are programs that enter a system or network under the guise of another program.

Answer 28

Trojan horses

Question 29

With ____, software—often delivered through a Trojan horse—takes control of a system and demands that a third party be paid.

Answer 29

ransomware

Question 30

With ____ spoofing (also known as ___ poisoning), the media access control (MAC) address of the data is faked.

Answer 30

ARP

Question 31

With ___ spoofing, the ___ server is given information about a name server that it thinks is legitimate when it isn’t.

Answer 31

DNS

Question 32

This type of spoofing can send users to a website other than the one to which they wanted to go, reroute mail, or do any other type of redirection for which data from a DNS server is used to determine a destination.

Answer 32

DNS

Question 33

Software running on infected computers called zombies is often known as a ___.

Answer 33

botnet

Question 34

Given a security-related scenario, ____ can take into account such settings as restricting user permissions, setting login time restrictions, disabling the guest account, locking an account after a certain number of failed attempts, and configuring a screen lock when the system times out after a certain length of inactivity.

Answer 34

account management

Question 35

____ systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed.

Answer 35

Data loss prevention (DLP)

Question 36

One of the best-known DLP systems is ___

Answer 36

MYDLP

Question 37

Microsoft wanted to create a group in Windows that was not as powerful as the Administrators group, and that is how the ___ group came into being.

Answer 37

Power Users

Question 38

____ would be given read/write permission to the system, allowing members to install most software but keeping them from changing key operating system files.

Answer 38

Power users
*Note
The group did not work out as planned, and in Windows Vista, Windows 7, and Windows 8/8.1, the group has no more permissions than a standard user. The group is now only kept around for backward compatibility with Windows XP systems.

Question 39

Before Windows NT was released, it had become apparent to Microsoft that a new file system was needed to handle growing disk sizes, security concerns, and the need for more stability. ___ was created to address those issues.

Answer 39

NTFS

Question 40

One of the benefits of NTFS was a ____ system, which made it possible for Windows NT to back out of any disk operations that were in progress when it crashed or lost power.

Answer 40

transaction tracking

Question 41

With NTFS, files, directories, and volumes, each can have their own ___.

Answer 41

security

Question 42

It’s possible to convert from ___ to NTFS without losing data, but you can’t do the operation in reverse

Answer 42

FAT32

Question 43

If you’re using FAT32 and want to change to NTFS, the convert utility will allow you to do so. For example, to change the E: drive to NTFS, the command is convert

Answer 43

e: /FS:NTFS

Question 44

What NTFS permission gives the user all of the other choices and the ability to change permissions. The user can also take ownership of the directory or any of its contents?

Answer 44

Full Control

Question 45

What NTFS permission Combines the Read & Execute permission with the Write permission and further allows the user to delete everything, including the folder?

Answer 45

Modify

Question 46

What NTFS permission combines the permissions of Read with those of List Folder Contents and adds the ability to run executables?

Answer 46

Read & Execute

Question 47

What NTFS permission allows the user to navigate the entire directory structure, view the contents of the directory, view the contents of any files in the directory, and see ownership and attributes?

Answer 47

Read

Question 48

What NTFS permission allows the user to create new entities within the folder.

Answer 48

Write

Question 49

____ allows for encryption/decryption of files stored in NTFS volumes.

Answer 49

Encrypting File System (EFS)

Question 50

A ___ format (typically only accomplished in the factory) can be performed on the system, or a utility can be used to completely wipe the disk clean.

Answer 50

low-level

Question 51

Never perform a low-level format on ___ or ___ drives! They’re formatted at the factory, and you may cause problems by using low-level utilities on these types of drives.

Answer 51

IDE or SCSI

Question 52

____ the drive entails copying over the data with new data.

Answer 52

Overwriting

Question 53

____ involves applying a strong magnetic field to initialize the media (this is also referred to as disk wiping).

Answer 53

Degaussing

Question 54

A ___ is different from a virus in that it can reproduce itself, it’s self-contained, and it doesn’t need a host application to be transported.

Answer 54

worm

Question 55

____ is an attempt to steal a valid IP address and use it to gain authorization or information from a network.

Answer 55

TCP/IP hijacking

Question 56

A attack attempts to replay the results of a previously successful session to gain access.

Answer 56

replay

Question 57

A exploitation attack attempts to exploit weaknesses in software.

Answer 57

software
*Note
A common attack attempts to communicate with an established port to gain unauthorized access.

Question 58

Your computer is infected with a virus that can change signature each time it is executed. What type of virus is it?

Answer 58

Polymorphic

Question 59

What term refers to an antivirus software file updated from time to time to protect a computer from new viruses?

Answer 59

Definition

Question 60

Which of the following commands will show the MAC address on a Windows-based PC?

Answer 60

ipconfig /all

Question 61

Rootkits are programs that infiltrate the operating system in order to gain administrator-level access. Rootkits are notoriously difficult to detect and remove. Sometimes reinstalling the operating system is the only way to recover from a rootkit infection. Rootkits have the following features:

Answer 61

They allow an attacker to run packet sniffers secretly to capture passwords.

They allow an attacker to set a Trojan into the operating system and thus open a backdoor for anytime access.

They allow an attacker to replace utility programs that can be used to detect the attacker’s activity.

They provide utilities for installing Trojans with the same attributes as legitimate programs.

Question 62

___ is used to collect personal information stored in the computer and send it to a third party without the permission of the user.

Answer 62

Spyware

Question 63

What category of malware do pop-up advertisements fall beneath?

Answer 63

Adware