Security Fundamentals from Measure Up Flashcards
Which type of security service is concerned with preventing or detecting any tampering with data?
Confidentiality
Integrity
Availability
Authentication
Integrity
Which is the best way to prevent security compromises through social engineering?
Increased password complexity
User training
Employee ID badges
Internal e-mail servers
User training
Which is an example of least privelege?
Ensuring that all services run under the LocalSystem account.
Logging on as administrator for administrative tasks and Web browsing only.
Logging on as a limited user instead of an administrator to run applications.
Assigning administrator priveleges to applications instead of to users.
Logging on as a limited user instead of an administrator to run applications.
The principle of least privilege ensures that:
all users must use complex passwords.
data is encrypted.
availability is minimized.
users can only perform required tasks.
users can only perform required tasks.
Which would be an example of a social engineering attack?
Nonrepudiation
Phishing
Eavesdropping attack
Brute force attack
Phishing
You are a network administrator. you need to minimize the attack surface of your network. What would this involve?
Installing a physical lock to protect the servers
Creating shared folders
Ensuring that only required features are enabled
Enabling audit logging
Ensuring that only required features are enabled
What is affected when data is modified by mistake?
Confidentiality
Availability
Integrity
Authentication
Integrity
Which example best illustrates the IT security principle of least privelege?
A system service running in the security context of a local administrator
A shared folder using default sharing and NTFS permissions
A standard user whose account belongs to the local Administrators group
An administrator logged onto her workstation with a standard user account
An administrator logged onto her workstation with a standard user account
What is the advantage of preventing a wireless access point (WAP) from broadcasting its service set identifier (SSID)?
It blocks authorized clients from connecting to the WAP.
It enhances the authentication protection provided by the WAP.
It temporarily disable the WAP.
It prevents the WAP from appearing in the list of available wireless networks.
It prevents the WAP from appearing in the list of available wireless networks.
You need to secure your wireless network. Which provides the highest level of security?
Hidden SSID
WEP
WPA
MAC filtering
WPA
Which wireless security method uses Temporal Key Integrity Protocol (TKIP) encryption?
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access (WPA)
MAC filtering
Wi-Fi Protected Access (WPA)
You have a wireless network. You need to ensure that only specific client computers are able to access the wireless network. What should you do?
Use a software restriction policy.
Implement MAC filtering.
relocate the wireless access point.
Disable SSID Broadcasting.
Implement MAC filtering.
When you disable SSID broadcasting:
users must know the SSID to be able to connect to your wireless network.
user passwords transmitted over the Internet are not transmitted in a readable format.
wireless access points on you WLAN provide maximum security.
rogue wireless access points cannot be accessed.
users must know the SSID to be able to connect to your wireless network.
A wireless network that implements WEp:
provides maximum security.
is less secure than one that implements WPA or WPA2.
only allows users with specific IP addresses to communicate.
is not vulnerable to interference.
is less secure than one that implements WPA or WPA2.
To ensure that users cannot connect to a rogue wireless access point, you should:
install a wireless intrusion prevention system.
implement a password lockout policy.
use BitLocker.
require that users have a strong password.
install a wireless intrusion prevention system.
You Active Directory domain’s network computers access the Internet through a Network Address Translation (NAT) server deployed on a perimeter network. you need to ensure that the same Internet Explorer (IE) browser security policies are used by all clients. What should you do?
Edit Internet Options individually for each computer.
Configure IE browser security on the NAT server.
Create a domain-level Group Policy object (GPO).
Manually modify each computer’s registry.
Create a domain-level Group Policy object (GPO).
Which is a feature of the SmartScreen filter?
It encrypts data communication with then Web server.
It blocks content and files from known malicious Web sites.
It prevents the computer from logging the browser history.
It protects against cross0-site request forgery (CSRF) attacks.
It blocks content and files from known malicious Web sites.
Which technology provides security for data that is transmitted over the Internet?
EFS
ARP
SSL
RADIUS
SSL
What would you use to ensure that specific Web sites do not have access to user browsing patterns?
Software restriction policies
InPrivate Browsing
InPrivate Filtering
SmartScreen Filtering
InPrivate Filtering
Most of your network cabling is routed through secure cable runs. The network is wired with unshielded twisted pair (UTP) cable. One segment of cable will have to pass through an unsecured area as a backbone between two offices. Which action should you take to keep communication secure?
Use shielded twisted pair (STP) cable to wire the unsecured segment.
Route the cable for the unsecured segment through metal conduit.
Route the cable for the unsecured segment through the ceiling.
Use fiber optic cable to wire the unsecured segment.
Use fiber optic cable to wire the unsecured segment.
SYSKEY improves physical by requiring a password or special floppy disk to:
boot the server.
logon at the server.
write to removable media.
shut down the server.
boot the server.
A keylogger:
tracks Internet browsing history.
maintains a record of operating system generated events.
records every user keystroke.
captures encryption keys.
records every user keystroke.
You want to prevent users who are running Windows Vista and Windows 7 of your corporate network from copying sensitive data to removable media. What should you do?
Remove all floppy disk and CD/DVD drives.
Flag sensitive files as read-only.
Create a media library.
Define a group policy to control write access to removable media.
Define a group policy to control write access to removable media.
For what reason is physical security extremely important with laptops and other mobile devices?
They can be lost or stolen.
They do not provide authentication for users.
They do not support data encryption.
They are shared by multiple users.
They can be lost or stolen.
You work as a network security consultant. One of your clients reports that he suspects some of his electronic correspondence is being capture by a competitor. A security audit of the client’s Windows 10 workstation’s software environment resulted in no suspicious findings. You need to verify the security of the client’s computer. What should you look for on the client’s computer?
Keylogger
Trusted Plaform Module (TPM)
Virtual smart card
Private key
Keylogger
How does a worm differ from other viruses?
All worms are destructive.
A worm is self-replicating.
All worms are distributed as e-mail attachments.
A worm requires a host program.
A worm is self-replicating.
Malicious softward that masquerades as a beneficial utility is known as:
a Trojan horse.
spam.
a virus.
spyware.
a Trojan horse.
Which are common symptoms of a virus infection? (Each correct answer presents a complete solution. Choose two.)
An installed antivirus program is disabled and will not restart.
Your network user account is locked out.
Download speed is slow during Internet file download. New icons appear spontaneously on the desktop.
A new utility does not run as expected when executed.
An installed antivirus program is disabled and will not restart.
New icons appear spontaneously on the desktop.
Creating an antivirus quarantine area causes:
freeware to not be installed.
all cookies to be permanently deleted.
spyware to be detected.
potential viruses to be isolated.
potential viruses to be isolated.
A Trojan Horse is an example of:
a method of implementing security.
a computer virus.
data corruption.
an attack surface.
a computer virus.
What is an example of malware?
An unauthorized program that gathers information about the user
Hardware that does not have device drivers installed
A program that runs with administrator permissions
A network sniffer
An unauthorized program that gathers information about the user
With regard to computer security, a worm refers to:
a self-replicating computer virus.
a wireless network intrusion.
an open port on the firewall.
an unauthorized user.
a self-replicating computer virus.
You work as a security consultant. One of your clients informs you that as of today he is unable to access any of his personal files on his Windows 10 computer. The user’s computer displays a message box that prompts him to submit a Bitcoin payment to a third party in exchange for a decryption key that will unlock his files. What type of malware has infected the user’s computer?
Botnet
Ransomware
Rootkit
Adware
Ransomware
Which type of malware replicates itself without reliance on a host file?
Trojan horse
worm
virus
bot
worm
A brute force attack is used to:
discover details about network configuration.
discover passwords.
hijack communication sessions.
prevent access to network resources.
discover passwords.
You support a Windows Server 2003 Active Directory forest with multiple domains. Each domain stores user accounts for users at a specific geographic location. You need to apply a consistent password policy to Active Directory users through group policy. You want to keep the effort needed to apply and maintain the policy to a minimum. What should you do?
Define password policy at the domain level in the forest’s root domain.
Define password policy at the site level for each site.
Define password policy at the Users container in each domain.
Define password policy at the domain level in each domain.
Define password policy at the domain level in each domain.
Password history is used to enforce:
guesses before locking an account.
maximum time between password changes.
restrictions on password reuse.
minimum time between password changes.
restrictions on password reuse.
You set the Passwords must meet complexity requirements policy to Enabled. Minimum password length is set to 8. Which is a valid password?
$$Pwd##!99
dorWssaP
p1a2s3s4
!@#$%^&*
$$Pwd##!99
A strong password contains:
a private key.
a minimum of 5 characters.
a history of usage.
letters, numbers, and special characters.
letters, numbers, and special characters.
You need to ensure that users attempting to log in are automatically blocked from logging in after a specific number of failed login attempts. What should you create?
A security group
An account lockout policy
A software restriction policy
A password policy
An account lockout policy
You need to create a password policy to ensure that domain account passwords must be reset every two weeks. What should you do?
Define passwords complexity requirements.
Specify a minimum password age.
Specify a maximum password age.
Enforce password history.
Specify a maximum password age.
You enable the audit of successful and failed policy changes. Were can you view entries related to policy change attempts?
Application event log
System event log
Directory services event log
Security event log
Security event log
Which would you audit to detect attempts to guess user passwords?
Logon/logoff successes
Object access failures
Object access successes
Logon/logoff failures
Logon/logoff failures
You want to implement a consistent audit policy for your Active Directory domain. Which should you use?
Group Policy editor
Services utility
Computer properties
Security Account Manager (SAM)
Group Policy editor
Object access auditing is used to monitor:
which users log on to the network.
the amount of CPU usage.
which users open specific files.
the amount of memory usage.
which users open specific files.
For what purpose would you use security auditing to audit logon events?
To detect a possible password attack
To ensure that only authenticated users are accessing the network
To determine a user’s effective permissions
To know when to reset a user’s password
To detect a possible password attack
When you implement a security auditing policy,:
policies are applied at the user level.
all potential security breaches are recorded in the Application log.
auditing is performed only for logged on users.
policies are applied at the user level.
Implementing security auditing allows you to:
force users to use strong passwords.
implement a key logger.
determine if a security breach has occurred.
encrypt files to prevent unauthorized access.
provide physical security for your network.
determine if a security breach has occurred.