Security (6)

Question 1

A user discovers a strange text file at the root of her User directory. It contains everything she has typed over the past few days, including her credentials. What is the likely cause of the text file?

System auditing enabled

Keylogger installed

Email application in debug mode

Answer 1

Keylogger installed

A keylogger seems to be running on the system, monitoring and copying all that is typed on the keyboard. Obviously, this malware needs to be removed and incident response steps taken

Question 2

A user asks what can be done to keep his web browsing private. Which of the following would accomplish that?

Software firewall

SecureDNS

Anti-malware

Answer 2

SecureDNS

SecureDNS, specifically DNS over HTTPS, would enable a person to browse while keeping the DNS queries private

Question 3

What security solution would protect a user from unwanted network traffic probing her workstation?

Software firewall

SecureDNS

Anti-malware

Answer 3

Software firewall

A software-based firewall on the workstation would be able to stop unwanted network traffic, including port scans and probes

Question 4

A user is taking a flight tomorrow and intends on using his laptop while seated on the plane. The user asks what steps he can take protect his privacy from wandering eyes sitting next to them. What could you offer to install on their laptop?

Multifactor authentication

Antivirus

Privacy screen

Answer 4

Privacy screen

Privacy screens fitted on a display can shield the display content from anyone not sitting at the correct angle to the display

Question 5

What security concept helps to ensure non-repudiation (assurance that someone cannot deny something) when sending emails?

Comprehensive email signature

Digital signature using certificates

Phoning immediately after email is sent

Answer 5

Digital signature using certificates

Digital signatures can be used for non-repudiation. Digital signatures are done with digital certificates. A phone call or text might offer some assurance, but not to the degree as the email being digitally signed. Email signatures are simply your contact information and offer no true assurance

Question 6

The user wants to use multifactor authentication at her PC but does not want to carry a key fob and is strongly against biometrics. What method can you suggest?

Second password

Hardware token

Software token

Answer 6

Software token

The software token is stored on a general-purpose device, such as the PC. The hardware token option would involve carrying an added key fob or device. A fingerprint reader would be unacceptable as it involves biometrics. A second password defeats the benefit of using multifactor authentication

Question 7

What wireless protocol compensates for the weak encryption of WEP?

VLAN

TKIP

VPN

Answer 7

TKIP

Temporal Key Integrity Protocol (TKIP) is an encryption protocol for wireless connections that’s intended to replace WEP’s weak encryption

Question 8

Which of the following Active Directory concepts can help enforce security settings? (Choose two)

DLP

Group Policy/updates

Port security

Login script

Answer 8

Group Policy/updates

Login script

Group Policy/updates and login scripts are common ways to push and enforce security settings on Active Directory objects

Question 9

What 128-bit block size encryption algorithm, originally named Rijndael, was designed to replace DES?

VPN

DES3

AES

Answer 9

AES

Advanced Encryption Standard (AES) was originally named Rijndael, designed by Joan Daemen and Vincent Rijmen to replace the obsolete DES

Question 10

What protocol was designed to authenticate remote users to a dial-in access server?

TKIP

TACACS

RADIUS

Answer 10

RADIUS

Remote Authentication Dial-In User Service (RADIUS) was originally designed to authenticate remote users to a dial-in access server but is now used in several authentication situations

Question 11

Which of the following encryption protocols is older than RADIUS but was used for similar purposes?

TACACS+

TACACS

Extended TACACS

Answer 11

TACACS

Terminal Access Controller Access Control System (TACACS) is the older encryption protocol here. The other two variants of the name, TACACS+ and Extended TACACS, are actually different protocols altogether. SNMP is not an encryption protocol

Question 12

Your datacenter recently experienced a theft of a server from the rack. Which security mechanism would protect servers from future theft?

Security token

Server lock

Key fob

Answer 12

Server lock

It’s a bold move to try to steal a server. But a server lock or locks on the rack door would stall future theft attempts

Question 13

A user is complaining that he can no longer sign into his account because of too many bad attempts. What basic Active Directory function would help here?

Account deletion

Password reset/unlock account

Disable account

Answer 13

Password reset/unlock account

Resetting the password or unlocking the account would give the user back the opportunity to sign in. Creating a new account or deleting his account would not help in this situation. Disabling the account might be the next step if you find out the account has been compromised

Question 14

What concept in Active Directory creates a directory subdivision within which may be placed users, groups and other objects?

Domain

Home folder

Organizational unit

Answer 14

Organizational unit

The organizational unit is a subdivision within which may be placed users, groups, more organizational units, and other objects

Question 15

Normally, a company places a users’ profiles and folders on the local machine. Now, the organization would like a few users to be able to log in from other computers. What concept in Active Directory allows a user’s profile folders to be placed in storage somewhere else on the network?

Home folder

Folder redirection

Organizational unit

Answer 15

Folder redirection

Folder redirection allows users’ profile folders to be stored off of a local machine and instead placed in a more centralized location on the network

Question 16

Which command-line tool permits someone to make changes to the operating system without having to boot up Windows?

Emergency repair disk

System recovery options

WinRE / Recovery Console

Answer 16

WinRE / Recovery Console

The Windows Recovery Environment (Windows 8, 10) is a replacement for the Recovery Console, both of which are a command-line tool that allow the administrator the ability to copy or remove directories, enable or disable services, write a new Master Boot Record (MBR), format volumes, and much more

Question 17

Rainbow tables are used for what purpose?

To offer more color options for the desktop background

To compare cryptographic hashes for cracking passwords

To reverse polarity of the DVI video connector

Answer 17

To compare cryptographic hashes for cracking passwords

Rainbow tables are tables of cryptographic hash values, against which an attacker can compare a captured password hash. A match tells the attacker what was the original password string to compute that matching hash

Question 18

A Windows server volume for the Finance department is formatted with NTFS. The folder C:\receipts is shared with Travel group. Both Travel and Finance groups have Modify access to the directory C:\receipts. You move the C:\receipts folder to be under the C:\bigmoney folder. The Finance group alone has only Read access to the directory C:\bigmoney. Also, the C:\bigmoney folder is set to not propagate its permissions to any descendant folders. After the move, who has what permissions with the C:\bigmoney\receipts folder?

Finance group alone has only Read access

Both Finance and Travel have Read access

Both Finance and Travel have Modify access

Answer 18

Both Finance and Travel have Modify access

When files and folders are moved (not copied) on a NTFS volume, the original permissions are retained at the new location, as is done in this case. However, when files or folders are copied, the new file or folder will inherit its permissions from its new parent folder. The old permissions would be discarded. In this case, there was no permission propagation

Question 19

A Microsoft Windows mobile device has the ability to back up applications, settings, camera pictures and text messages. Backups can be saved locally or remotely. Which of the following remote backup applications is easiest and capable to save the listed data in the cloud?

No extra app needed for device to save all data remotely

Microsoft OneDrive

Microsoft Azure

Answer 19

No extra app needed for device to save all data remotely

Microsoft’s mobile OS is capable to save applications, settings, camera pictures and text messages to the cloud without having to install any backup application

Question 20

Windows user profiles contain a user’s settings and personal files. Profiles can be configured as either local, remote, mandatory or temporary, depending on user needs and company policy. Which of the following is the optimal user profile choice for a traveling sales engineer who may or may not have network access?

local

remote

mandatory

Answer 20

local

In this situation where the sale engineer may not have network access when travelling, the local profile is best. A local profile keeps settings and files on the laptop. Generally, since remote user profiles keep settings and files centralized on a company server, it is preferred. That requires travelers to have network access. Mandatory enforces settings from the administrator, but changes to the local laptop are lost at logoff. Temporary profiles are also means any file changes are lost when the user disconnects