Security Test Dump

Question 1

QUESTION 1
A mail system administrator scans for viruses in incoming emails to increase the speed of mail processing. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
A. Decrease the chances of a virus getting to a client machine
B. Verify that the senders of the messages are legitimate
C. Ensure that all links in the messages are trustworthy
D. No change is needed.

Answer 1

A. Decrease the chances of a virus getting to a client machine

Question 2

QUESTION 2
You are volunteering at an organization that gets a brand new web server. To make the server more secure, you should add a second administrator account. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.
A. Disable unused services
B. Enable LM authentication
C. Enable NTLM authentication
D. No change is needed.

Answer 2

A. Disable unused services

Question 3

QUESTION 3
Role separation improves server security by:
A. Enforcing principle of least privilege.
B. Installing applications on separate hard disks.
C. Physically separating high security servers from other servers.
D. Placing servers on separate VLANs.

Answer 3

A. Enforcing principle of least privilege.

Question 4

QUESTION 4
The Windows Firewall protects computers from unauthorized network connections. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed'' if the underlined text makes the statement correct.
A. Email viruses
B. Phishing scams
C. Unencrypted network access
D. No change is needed

Answer 4

D. No change is needed

Question 5

QUESTION 5
Which of the following states that a user should never be given more privileges than are required to carry out a task?
A. Security through obscurity
B. Segregation of duties
C. Principle of least privilege
D. Role-based security

Answer 5

C. Principle of least privilege

Question 6

QUESTION 6
Which of the following is the process used by attackers for listening to the network traffic?
A. Eavesdropping
B. Subnetting
C. Sanitization
D. Hacking

Answer 6

A. Eavesdropping

Question 7

QUESTION 7
Which of the following is a Windows configuration option that enables administrators to restrict communication among domain members only?
A. Demilitarized zone
B. Server isolation
C. Domain isolation
D. Domain kiting

Answer 7

C. Domain isolation

Question 8

QUESTION 8
Which of the following is a set of rules that control the working environment of user accounts and computer accounts?
A. Mandatory Access Control
B. Access control list
C. Group Policy
D. Intrusion detection system

Answer 8

C. Group Policy

Question 9

QUESTION 9
By default, what level of security is set for the Local intranet zone?
A. High-Medium
B. Medium-Low
C. High
D. Low

Answer 9

B. Medium-Low

Question 10

QUESTION 10
Which of the following is a collection or list of user accounts or computer accounts?
A. Group
B. Active Directory
C. Domain
D. Public folder

Answer 10

A. Group

Question 11

QUESTION 11
Account lockout policies are used to prevent which type of security attack?
A. Brute force attacks
B. Users sharing passwords
C. Social engineering
D. Passwords being reused immediately

Answer 11

A. Brute force attacks

Question 12

QUESTION 12
What is the standard or basic collection of NTFS permissions?
A. Read and execute, read, write, full control, modify, list folder contents
B. Change permissions, read permissions, write permissions
C. Read attributes, list folder/read data, traverse folder/execute file
D. Create files/write data, create folders/append data, take ownership

Answer 12

A. Read and execute, read, write, full control, modify, list folder contents

Question 13

QUESTION 13
Which is the minimum requirement to create BitLocker-To-Go media on a client computer?
A. Windows XP Professional Service Pack 3
B. Windows Vista Enterprise Edition
C. Windows 7 Enterprise Edition
D. Windows 2000 Professional Service Pack 4

Answer 13

A. Windows XP Professional Service Pack 3

Question 14

QUESTION 14
Which enables you to change the permissions on a folder?
A. Take ownership
B. Extended attributes
C. Auditing
D. Modify

Answer 14

D. Modify

Question 15

QUESTION 15
A group of users has access to Folder A and all of its contents. You need to prevent some of the users from accessing a subfolder inside Folder A. What should you do first?
A. Disable folder sharing
B. Hide the folder
C. Change the owner
D. Block inheritance

Answer 15

A. Disable folder sharing

Question 16

QUESTION 16
What are three examples of two-factor authentication? (Choose three.)
A. A fingerprint and a pattern
B. A password and a smart card
C. A username and a password
D. A password and a pin number
E. A pin number and a debit card

Answer 16

A. A fingerprint and a pattern
B. A password and a smart card
E. A pin number and a debit card

Question 17

QUESTION 17
You need to limit the programs that can run on client computers to a specific list. Which technology should you implement?
A. Windows Security Center
B. Security Accounts Manager
C. System Configuration Utility
D. AppLocker group policies

Answer 17

A. Windows Security Center

Question 18

QUESTION 18
You create a web server for your school. When users visit your site, they get a certificate error that says your site is not trusted. What should you do to fix this problem?
A. Install a certificate from a trusted Certificate Authority (CA).
B. Use a digital signature.
C. Generate a certificate request.
D. Enable Public Keys on your website.

Answer 18

A. Install a certificate from a trusted

Question 19

QUESTION 19
What is an example of non-propagating malicious code?
A. A back door
B. A hoax
C. A Trojan horse
D. A worm

Answer 19

A. A back door

Question 20

QUESTION 20
A brute force attack:
A. Uses response filtering
B. Tries all possible password variations
C. Uses the strongest possible algorithms
D. Targets all the ports

Answer 20

B. Tries all possible password variations

Question 21

QUESTION 21
Humongous Insurance is an online healthcare insurance company. During an annual security audit a security firm tests the strength of the company’s password policy and suggests that Humongous Insurance implement password history policy. What is the likely reason that the security firm suggests this?
A. Past passwords were easily cracked by the brute force method.
B. Past passwords of users contained dictionary words.
C. Previous password breaches involved use of past passwords.
D. Past passwords lacked complexity and special characters.

Answer 21

B. Past passwords of users contained dictionary words.

Question 22

QUESTION 22
The WPA2 PreShared Key (PSK) is created by using a passphrase (password) and salting it with the WPS PIN. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.
A. Service Set Identifier (SSID)
B. Admin password
C. WEP key
D. No change is needed

Answer 22

A. Service Set Identifier (SSID)

Question 23

QUESTION 23
What are three major attack vectors that a social engineering hacker may use? (Choose three.)
A. Telephone
B. Reverse social engineering
C. Waste management
D. Honey pot systems
E. Firewall interface

Answer 23

A. Telephone
B. Reverse social engineering
C. Waste management

Question 24

QUESTION 24
Which two security settings can be controlled by using group policy? (Choose two.)
A. Password complexity
B. Access to the Run... command
C. Automatic file locking
D. Encrypted access from a smart phone

Answer 24

A. Password complexity

B. Access to the Run… command

Question 25

QUESTION 25
Cookies impact security by enabling: (Choose two.)
A. Storage of Web site passwords.
B. Higher security Web site protections.
C. Secure Sockets Layer (SSL).
D. Web sites to track browsing habits.

Answer 25

A. Storage of Web site passwords.

D. Web sites to track browsing habits.