Security

Question 1

Which term is used in reference to the process of identifying an individual?

Answer 1

Authentication

Question 2

Which term is used in reference to the process in which a user is identified via a username and password?

Answer 2

Authentication

Question 3

Which term is used in reference to the process of giving individual access to a system or resource?

Answer 3

Authorization

Question 4

Which term is used in reference to the process of keeping track of a users activity?

Answer 4

Accounting

Question 5

Which term is used in reference to the process that prevents someone from denying that she accessed a resource?

Answer 5

Nonrepudiation

Question 6

Which of the following is a secret numeric password used for authentication?

Answer 6

Pin

Question 7

Why type of electronic document contains a public key?

Answer 7

Digital certificate

Question 8

Which item is roughly the size of a credit card and allows access to a network and its resources?

Answer 8

Smart card

Question 9

Which type of authentication method identifies and recognizes people based on physical traits such as fingerprints ?

Answer 9

Biometrics

Question 10

Which authentication type is the default for active directory ?

Answer 10

Kerberos

Question 11

Which directory service is used with windows domains?

Answer 11

Active directory

Question 12

Which type of server runs active directory ?

Answer 12

Domain controller

Question 13

When you access permissions to a folder, you should first grant permissions to _____ rather than users.

Answer 13

Groups

Question 14

When you create a local user on a computer running in Windows 7, where is the user account stored?

Answer 14

SAM

Question 15

Which type of group can be granted rights and permissions?

Answer 15

Security

Question 16

Which of the following authorizes a user to perform certain actions in Windows, such as logging on or performing a backup?

Answer 16

Right

Question 17

When you grant access to print to a printer, which of the following are you granting?

Answer 17

Permission

Question 18

In which of the following locations are users and permissions stored for an NFTS folder?

Answer 18

Registry

Question 19

Which type of permissions are assigned directly to a file or folder?

Answer 19

Explicit

Question 20

Which of the following is the process of converting data into a format that cannot be read by another user?

Answer 20

Encryption

Question 21

Which authentication method sends the username and password in plain text?

Answer 21

PAP

Question 22

In Windows, which of the following is used to enable auditing?

Answer 22

NTCS permissions

Question 23

By default, the _____ group has full access to all resources within a domain.

Answer 23

Domain admins

Question 24

_______ allows you to log on once and access multiple related by different systems without having to log on again

Answer 24

Single sign on (SSO)

Question 25

Which of the following is the most common form of authentication?

Answer 25

Password

Question 26

Which of the following is true of using passwords ?

Answer 26

You should create a strong password

Question 27

Which of the following best describes a password that is at least seven characters long and uses three of the following categories (uppercase, lowercase, numbers, and special characters)?

Answer 27

Complex password

Question 28

Which of the following is used to define the length of a password in Windows ?

Answer 28

Group policies

Question 29

Which of the following is not a complex password?

Answer 29

John!taylor

Question 30

Which settings are used to keep track of incorrect login attempts and lock the account if too many attempts are detected within a certain set time?

Answer 30

Account lockout

Question 31

Which setting is used to prevent users from reusing the same the same password over and over?

Answer 31

Password history

Question 32

Which setting forces users to change their passwords?

Answer 32

Maximum password age

Question 33

Which type of attack tries to guess passwords by trying common words?

Answer 33

Dictionary attack

Question 34

Which type of attack tried to guess passwords by every combination of characters?

Answer 34

Brute-force attack

Question 35

Which malicious software captures every keystone and sends it to a hacker?

Answer 35

Keylogger

Question 36

Which type of software can you use to view usernames and passwords broadcasted over the network?

Answer 36

Sniffer

Question 37

Which of the following is the generally accepted minimum password length?

Answer 37

8

Question 38

Which of the following are the only passwords that should not expire?

Answer 38

Service accounts

Question 39

Which of the following should users do not do when dealing with passwords?

Answer 39

Write down your password in a piece of paper and keep it near your computer

Do not use names of children and pets

Do not give your password to your co-workers

Question 40

Describe what might happen if you require passwords to be too long

Answer 40

User will try to circumvent the password

Question 41

What limits how fast a password for an encrypted file is cracked?

Answer 41

The speed of your computer, particularly your processor

Question 42

What steps can you do to prevent someone from hacking your password?

Answer 42

Use strong passwords and change them frequently.

Question 43

What is used to prevent someone from guessing a password multiple times?

Answer 43

Account lockout settings

Question 44

Which type of device device isolated by filtering the packets that can enter it?

Answer 44

Firewall

Question 45

Which seven layer model is often used to describe networking technologies and services?

Answer 45

OSI

Question 46

On which OSI layer do routers function?

Answer 46

3

Network layer

Question 47

On which OSI layer do TCP and UDP function?

Answer 47

4

transport layer

Question 48

Which OSI layer is used by switches and bridges?

Answer 48

2

Data link layer

Question 49

Which port is used by smtp?

Answer 49

25

Question 50

Which port is used by LDAP?

Answer 50

389

Question 51

Which type of firewall filters packets based on IP address and ports?

Answer 51

Packet-filtering

Question 52

Which type of firewall is also known as a proxy server?

Answer 52

Application-level

Question 53

Which type of firewall looks at the previous conversations to determine if a packet should enter a network?

Answer 53

Stateful

Question 54

Which type of DoS attack uses large ICMP packets to cause an overflow of the memory buffers allocated for packets ?

Answer 54

Ping of death

Question 55

Which technology can be used to isolate a network of servers so that they cannot interact with other servers?

Answer 55

VLAN

Question 56

Which type of device looks at a packet and forwards it based on its destination IP address?

Answer 56

Router

Question 57

Which type of routing protocol sends the entire routing table to its neighbors?

Answer 57

Distance vector

Question 58

Which type of system detects unauthorized intruders and then takes action to stop them from proceeding ?

Answer 58

IPS

Question 59

Which type of server can be used to trap a hacker?

Answer 59

Honeypot

Question 60

Which special area serves as a buffer area between the internet and the internal network and can be used to hold web servers that are accessed from the internet?

Answer 60

DMZ

Question 61

How many firewalls should be used to create a sandwich DMZ?

Answer 61

2

Question 62

You administer several internet web servers that need to communicate with a SQL server. Where should the SQL server be placed?

Answer 62

Internal network

Question 63

Which of the following servers should not be placed on the DMZ?

Answer 63

Email mailbox servers

Question 64

Which technology allows a user at home to connect to the corporate network?

Answer 64

VPN

Question 65

Which IPSec protocol provides integrity protection for packet headers, data, and user authentication but does not encrypt the data load?

Answer 65

AH

Authentication header

Question 66

Which type of malware can copy itself and infect a computer without the users consent or knowledge?

Answer 66

Virus

Question 67

Which type of self-replicating program copies itself to other computers on a network without any user intervention and consumes bandwidth and computer resources?

Answer 67

Worm

Question 68

Which type of malware looks like a useful or desired executable programs but is in reality program that is supposed to cause harm to your computer or steal information from your computer?

Answer 68

Trojan horse

Question 69

Which type of malware collects your personal information or details about your browsing habits without your knowledge?

Answer 69

Spyware

Question 70

Which type of malware provides administrator level control over a computer system?

Answer 70

Root kit

Question 71

Which software component defends against spyware ?

Answer 71

Windows defender

Question 72

Which term is used in reference to a message warning you to delete an essential windows file?

Answer 72

Virus hoax

Question 73

Which server can be used to install windows updates for your organization?

Answer 73

WSUS

Windows server update service

Question 74

Which term is used in reference to multiple windows updated that have been packaged together as one installation and are well tested ?

Answer 74

Service packs

Question 75

Which windows feature notifies you when something tries make changes to your computer without your knowledge?

Answer 75

User account control

UAC

Question 76

Which host firewall is included with Windows 10?

Answer 76

Windows firewall

Question 77

Which term is used in reference to unsolicited junk email?

Answer 77

Spam

Question 78

Which email validation system is designed to stop spam that uses source address spoofing?

Answer 78

Sender policy framework

Question 79

Which of the following are spammers and hackers looking for when they want to send email through your network?

Answer 79

Open smtp servers

Question 80

Which tab internet explorer settings is used to delete history and cookies?

Answer 80

General

Question 81

Which internet explorer zone is the least secure ?

Answer 81

Local intranet zone

Question 82

Which technique is used to send you to a fake, but realistic-looking, website to verify your account information?

Answer 82

Phishing

Question 83

____ is software that is designed to infiltrate or affect a computer system without the owners informed consent.

Answer 83

Malware

Question 84

A _________ is program that provides a user with remote, unauthorized control or a system or unities an unauthorized task.

Answer 84

Backdoor

Question 85

Which of the following terms indicates that information is to be read only by those people for whom it is intended?

Answer 85

Confidentiality

Question 86

Which technology is not used to implement confidentiality?

Answer 86

Auditing

Question 87

Which of the following ensures data is not changed when it not supposed to be?

Answer 87

Integrity

Question 88

Which of the following is not a response when dealing with a risk?

Answer 88

Patching

Question 89

Which the following terms is used in reference to the security discipline that requires that a user is given no more privilege than what is deemed necessary to perform his job?

Answer 89

Principle of least privilege

Question 90

Which of the following terms is used in reference to a scope that hacker can use to break into a system ?

Answer 90

Attack surface

Question 91

Which of the following method whereby a hacker relies on the trusting nature of the person being attacked?

Answer 91

Social engineering

Question 92

Which of the following is considered the most effective way to protect against social engineering?

Answer 92

Employee awareness

Question 93

Which of the following is necessary to highly secure a system ?

Answer 93

More money

Question 94

Which of the following is the first line of defense when setting up a network ?

Answer 94

Physically secure the network

Question 95

Which concept determines what resources users can access after they log on?

Answer 95

Access control

Question 96

Which of the following is used to provide protection when one line of defense is breached?

Answer 96

Defense in depth

Question 97

Which of the following is used to identify a person before giving access ?

Answer 97

Authentication

Question 98

Which of the following is used to verify that an administrator is not accessing data that he should not be accessing?

Answer 98

Auditing

Question 99

Which type of device can be easily lost or stolen or can be used for espionage ?

Answer 99

Removable devices

Question 100

Which of the following is a physical or logical device used to capture keystrokes ?

Answer 100

Keylogger

Question 101

In dealing with risks, which response is accomplished when you or your organization purchased insurance to protect your bottom line when such a disaster or threat is realized?

Answer 101

Risk transfer

Question 102

A _____ is generally defined as the probability that an even will occur that can cause harm to a computer system, service or network.

Answer 102

Risk

Question 103

Throughout the past couple of years small _________ have been one of the largest challenges facing security professionals.

Answer 103

Mobile devices

Question 104

What do the initials CIA stand for in relation to security?

Answer 104

Confidentiality, integrity and availability