Security Test Dump Flashcards

1
Q

QUESTION 1
A mail system administrator scans for viruses in incoming emails to increase the speed of mail processing. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
A. Decrease the chances of a virus getting to a client machine
B. Verify that the senders of the messages are legitimate
C. Ensure that all links in the messages are trustworthy
D. No change is needed.

A

A. Decrease the chances of a virus getting to a client machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
QUESTION 2
You are volunteering at an organization that gets a brand new web server. To make the server more secure, you should add a second administrator account. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.
A. Disable unused services
B. Enable LM authentication
C. Enable NTLM authentication
D. No change is needed.
A

A. Disable unused services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

QUESTION 3
Role separation improves server security by:
A. Enforcing principle of least privilege.
B. Installing applications on separate hard disks.
C. Physically separating high security servers from other servers.
D. Placing servers on separate VLANs.

A

A. Enforcing principle of least privilege.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
QUESTION 4
The Windows Firewall protects computers from unauthorized network connections. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed'' if the underlined text makes the statement correct.
A. Email viruses
B. Phishing scams
C. Unencrypted network access
D. No change is needed
A

D. No change is needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
QUESTION 5
Which of the following states that a user should never be given more privileges than are required to carry out a task?
A. Security through obscurity
B. Segregation of duties
C. Principle of least privilege
D. Role-based security
A

C. Principle of least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
QUESTION 6
Which of the following is the process used by attackers for listening to the network traffic?
A. Eavesdropping
B. Subnetting
C. Sanitization
D. Hacking
A

A. Eavesdropping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
QUESTION 7
Which of the following is a Windows configuration option that enables administrators to restrict communication among domain members only?
A. Demilitarized zone
B. Server isolation
C. Domain isolation
D. Domain kiting
A

C. Domain isolation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
QUESTION 8
Which of the following is a set of rules that control the working environment of user accounts and computer accounts?
A. Mandatory Access Control
B. Access control list
C. Group Policy
D. Intrusion detection system
A

C. Group Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
QUESTION 9
By default, what level of security is set for the Local intranet zone?
A. High-Medium
B. Medium-Low
C. High
D. Low
A

B. Medium-Low

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
QUESTION 10
Which of the following is a collection or list of user accounts or computer accounts?
A. Group
B. Active Directory
C. Domain
D. Public folder
A

A. Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
QUESTION 11
Account lockout policies are used to prevent which type of security attack?
A. Brute force attacks
B. Users sharing passwords
C. Social engineering
D. Passwords being reused immediately
A

A. Brute force attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

QUESTION 12
What is the standard or basic collection of NTFS permissions?
A. Read and execute, read, write, full control, modify, list folder contents
B. Change permissions, read permissions, write permissions
C. Read attributes, list folder/read data, traverse folder/execute file
D. Create files/write data, create folders/append data, take ownership

A

A. Read and execute, read, write, full control, modify, list folder contents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

QUESTION 13
Which is the minimum requirement to create BitLocker-To-Go media on a client computer?
A. Windows XP Professional Service Pack 3
B. Windows Vista Enterprise Edition
C. Windows 7 Enterprise Edition
D. Windows 2000 Professional Service Pack 4

A

A. Windows XP Professional Service Pack 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
QUESTION 14
Which enables you to change the permissions on a folder?
A. Take ownership
B. Extended attributes
C. Auditing
D. Modify
A

D. Modify

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
QUESTION 15
A group of users has access to Folder A and all of its contents. You need to prevent some of the users from accessing a subfolder inside Folder A. What should you do first?
A. Disable folder sharing
B. Hide the folder
C. Change the owner
D. Block inheritance
A

A. Disable folder sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
QUESTION 16
What are three examples of two-factor authentication? (Choose three.)
A. A fingerprint and a pattern
B. A password and a smart card
C. A username and a password
D. A password and a pin number
E. A pin number and a debit card
A

A. A fingerprint and a pattern
B. A password and a smart card
E. A pin number and a debit card

17
Q
QUESTION 17
You need to limit the programs that can run on client computers to a specific list. Which technology should you implement?
A. Windows Security Center
B. Security Accounts Manager
C. System Configuration Utility
D. AppLocker group policies
A

A. Windows Security Center

18
Q

QUESTION 18
You create a web server for your school. When users visit your site, they get a certificate error that says your site is not trusted. What should you do to fix this problem?
A. Install a certificate from a trusted Certificate Authority (CA).
B. Use a digital signature.
C. Generate a certificate request.
D. Enable Public Keys on your website.

A

A. Install a certificate from a trusted

19
Q
QUESTION 19
What is an example of non-propagating malicious code?
A. A back door
B. A hoax
C. A Trojan horse
D. A worm
A

A. A back door

20
Q

QUESTION 20
A brute force attack:
A. Uses response filtering
B. Tries all possible password variations
C. Uses the strongest possible algorithms
D. Targets all the ports

A

B. Tries all possible password variations

21
Q

QUESTION 21
Humongous Insurance is an online healthcare insurance company. During an annual security audit a security firm tests the strength of the company’s password policy and suggests that Humongous Insurance implement password history policy. What is the likely reason that the security firm suggests this?
A. Past passwords were easily cracked by the brute force method.
B. Past passwords of users contained dictionary words.
C. Previous password breaches involved use of past passwords.
D. Past passwords lacked complexity and special characters.

A

B. Past passwords of users contained dictionary words.

22
Q
QUESTION 22
The WPA2 PreShared Key (PSK) is created by using a passphrase (password) and salting it with the WPS PIN. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.
A. Service Set Identifier (SSID)
B. Admin password
C. WEP key
D. No change is needed
A

A. Service Set Identifier (SSID)

23
Q
QUESTION 23
What are three major attack vectors that a social engineering hacker may use? (Choose three.)
A. Telephone
B. Reverse social engineering
C. Waste management
D. Honey pot systems
E. Firewall interface
A

A. Telephone
B. Reverse social engineering
C. Waste management

24
Q
QUESTION 24
Which two security settings can be controlled by using group policy? (Choose two.)
A. Password complexity
B. Access to the Run... command
C. Automatic file locking
D. Encrypted access from a smart phone
A

A. Password complexity

B. Access to the Run… command

25
Q
QUESTION 25
Cookies impact security by enabling: (Choose two.)
A. Storage of Web site passwords.
B. Higher security Web site protections.
C. Secure Sockets Layer (SSL).
D. Web sites to track browsing habits.
A

A. Storage of Web site passwords.

D. Web sites to track browsing habits.