Security: Compare and contrast common prevention methods

Question 1

Which password policy setting allows you to configure how many new passwords must be created before an old one can be reused?

Answer 1

Password history

Question 2

When you log in remotely, you must provide a username, password, and smart card. How many factors of authentication is this?

Answer 2

Two factor

Although three items are presented, two items are something you know, and one is something you have

Question 3

What is a T-bar lock used for?

Answer 3

Securing a laptop to a physical object such as a desk

Question 4

______ allows users to freely access all systems to which their account has been granted access after the initial authentication

Answer 4

Single sign on

Question 5

What method is the most secure for distributing passwords to employees?

a. issue the same password to all users, upon logon, force users to change their password
b. send an e-mail to each user that contains their password
c. instruct users to report to their IT department with proper identification for password setup
d. instruct users to request passwords via email

Answer 5

c. instruct users to report to the IT department with proper identification for password setup

Question 6

A ______ is a physical token that is a one time password issued by a security device. The token is used to access network resources

Answer 6

RSA token

Question 7

A _____ is a setup with two doors and a small room between them.

The first door requires authentication to access the small room.

The second verification will occur to allow the user through the second door, which can only be opened once the first door is closed

Answer 7

Mantrap

Question 8

After determining the scope of a user’s job, what is the next step in implementing the principle of least privilege?

Answer 8

Determine the minimum set of privileges needed to perform the user’s job

Question 9

What is the aim of security awareness training?

Answer 9

To ensure all employees understand security responsibilities

This is the best way to prevent social engineering attacks

Question 10

_____ checks the identify of both ends of the connection, what authentication method does this?

Answer 10

Mutual authentication, sometimes known as two way authentication

Question 11

What two methods are used to monitor access control violations?

Answer 11

• Audit logs

- Intrusion detection system

Question 12

What is one of the highest levels of physical security?

Answer 12

Biometrics

Question 13

A(n) _______ uses devices such as smart cards or bio-metrics to provide access to authorized persons and prevent unauthorized access to a room

Answer 13

Access control system

Question 14

What is a smart card?

Answer 14

A hardware device that has an embedded microchip that contains authentication or security information

Question 15

To provide authentication on a network that contains two servers, what should be implemented?

Answer 15

Usernames with strong passwords

Question 16

_____ contain a microprocessor that stores information and are implemented with computers to improve network security

Answer 16

Smart cards

Usually, smart cards are read by card readers using radio waves

Question 17

What is the best implementation of multi factor authentication?

a. smart card, username, PIN
b. username, strong password, PIN
c. biometrics, smart card, strong password
d. smart card, username, strong password

Answer 17

c. biometrics, smart card, strong password

Question 18

What are some digital security methods?

Answer 18

• Anti virus software
• Firewalls
• User authentication with passwords

Question 19

What are some physical security measures?

Answer 19

• Locked doors
• Guards
• Mantraps
• Shredding old documents
• Biometrics
• RFID badges
• RSA tokens
• Privacy filters

Question 20

What are some methods you can take to guard against social engineering?

Answer 20

-User education

Question 21

What are some wireless security methods?

Answer 21

• Changing default username and password
• Change SSID
• Set encryption
• Disable SSID broadcast
• enable MAC filtering
• Access point placement
• Power levels
• Static IP addresses to wireless routers

Question 22

What are some data security methods?

Answer 22

• Hard drive formatting
• Sanitation
• Physical destruction

Question 23

What is the purpose of a privacy filter?

Answer 23

A privacy filter attaches to your monitor to prevent others from viewing what you have on your monitor

Question 24

The _______ involves ensuring users are given only the user rights they need to execute their authorized tasks

Answer 24

Principle of least privilege

Question 25

Gaining unauthorized access to data by using another user’s credentials is an example of what?

Answer 25

Piggybacking

Piggybacking involves one party willingly sharing information to another, knowing it may be used in the future

Question 26

What attributes can be used for biometric security?

Answer 26

• Voice
• Fingerprints
• Face
• Signature
• Retina
• Iris
• Hand geometry

Question 27

What ports should be opened on a firewall to allow access to all types of web sites?

Answer 27

Port 80 (HTTP)

Port 443 (HTTPS)