Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
66 Cards in this Set
- Front
- Back
|
One of the windows 7 workstations you manage has three user accounts defined on it. Two of the users are limited users while the third (user account) is an administrative user. Each limited and administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. What else could you do to increase the security of this system? (select two) Set a screensaver password enagle guest account change the two imited user accounts to restricted users assign each user a simple password so they wont be tempted to write it down. Disable the autorun on the system |
Set a screensaver password Disable the autorun on the system |
|
|
Which security practice is an example of the principle of least privilege? All users on a windows workstation have been assigned strong passwords all users on a windows workstation are limited users except for one user who is responsible for maintaining the system. The guest user account on a windows workstation has been disabled. Autorun has been disabled on a windows workstation |
all users on a windows workstation are limited users except for one user who is responsible for maintaining the system. |
|
|
Which are examples of a strong password? select two il0ve2EatIceCr2am skippy TuxP2nguinsRn0v3l NewYork Morganstern |
il0ve2EatIceCr2am TuxP2nguinsRn0v3l |
|
|
One of the windows 7 workstations you manage has four user accounts defined on it Two of the users are limited users while the third (your account) is an administrative user. The fourth account is the guest user account, which has been enabled to allow management employees convenient worksations access. Each limited and administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Auto run has been disabled on teh system. What should you do to increase the security of this system? Disable the guest account. Enable autorun on the system change the two limited user accounts to administrative users change your user account to a limited user |
Disable the guest account. |
|
|
You are responsible for disposing of several old workstations formerly used by accountants in your organizations's finance department. Before being shipped to a computer recycler, you decide to make sure any old data the hard drives is erased. To do this, you use the Windows XP Installation CDs that came with these systems to delete all partitions from the hard drives. Have you properly prepared these systems for disposal? No, the windows XP installer doesn't completely remove disk partitions. You need to use a linux fdisk utility to complex remove them. No, you need to also repartition and reformat the drives before disposal. Yes, the system are ready to be recycled. No, you should use disk whiping software to fully erase the drives. |
No, you should use disk whiping software to fully erase the drives. |
|
|
You have 5 salespersons who work out of your office and who frequently leave their laptops laying on tehir desk in their cubicles. You are concerned that someone might walk by and take on of these laptops. Which of the following is the best protection to impolement to address your concerns? Require strong passwords in teh local security policy. Use cable locks to chan the laptops to the desks Implement screen saver passwords encrypt all company data on the hard drives |
Use cable locks to chan the laptops to the desks |
|
|
You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them by placing an ad on teh Internet. These computers were previously used for storing sensitive information. What should you do prior to getting rid of computers? Reformat the hard drives Use data wiping sofware to clear the hard drives Delete users data and applications from the hard drives Include the original operating system discs and prouct keys with the computers |
Use data wiping sofware to clear the hard drives |
|
|
You are a security consultant and have been hired to evaluate an organization's physical security practives. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to the locked door in the reception area. sShe uses an ipad application to log any security events that may occur. She also uses her ipad to complete work tasks as assigned by the orgainization's CEO. Netowrk jacks are provided in teh reception area such that employees and vendors can sucess the company network for work-related purposes. Users within the secured work area have been trained to lock their worstations if they will be leaving them for any period of time. What recommendations would make this organization to increase their security (select two) Require users to use screensaver passwords disable the network jacks in teh rreception area Move the receptionist's desk into the decured area. Replace the biometric locks with smart cards. Train the receptionist to keep her ipad in a locked drawer when not in use. |
disable the network jacks in teh rreception area Train the receptionist to keep her ipad in a locked drawer when not in use. |
|
|
You have aset of DVD-RW disc that have been used to archive files for your latest development project. You need ot dispose of the discs. Which of the following methods should you use to best prevent extracting data from teh discs? Write junk data over the discs 7 times. delete the data on teh discs |
shredding |
|
|
You need to enable a screen saver password on the windows 7 workstations in your organization. Which control panel option should use to do this? Power options Personalization windows firewall ease of access system of security |
personalization |
|
|
An intruder waits near an organization's secured entrance until an employee approaches the entrance and unlocks it with a security badge. The intruder falls in the line behind the employee, who assumes the intruder is another employee and holds the door open for her. What kind of attack just occured? Denial of service tailgaiting smurf phishing |
tailgating |
|
|
What is the best countermeasure against social engineering? User awareness training access auditing strong passwords acceptable user policy |
user awareness training |
|
|
Several users have forwarded you an e-mail stating that your company's health insurance provider has just launchded a new webside for all employees. To access the site they are told in an emil to click a link and provide their personal information. Upon investigation, you discover that your companty's health insurane provider did not send this email. What kind of attack just occured? Phishing pickybacking denail of serviec smurf |
phishing |
|
|
Which of the following are common forms of social engeniiring attack? Hoax virus information e-mails using a sniffer to capture network traffic stealing the key card of an employee and using that end to enter a secured building distributing false information about your organization's financial status |
Hoax virus information e-mails |
|
|
You are security consultant and an organization has hired you to review tehir security measures. They are chiefly concerned that they could become the victim of a social engeneering attack. What should you recomend they do to mitigate the risk? Establish a written security policy. Teach users how to recognize and respond to social engineering attacks. Traini managers to monitors user activity Implement a border firewall to filter inbound network traffic |
Teach users how to recognize and respond to social engineering attacks. |
|
|
Which of the following are examples of social engineering? (select two) dumpster diving port scanning war dialing shoulder surfing |
dumpster diving shoulder surfing |
|
|
Which of the following is a form of attack that tricks victims into providing confidential information, such as idenity information or logon credentials, through e-mails or Web sites that impersonate an online entity that the victim trusts, such a financial institution or well known e-commerce site? Session hijacking fraggle attack phishing social engineering |
phishing |
|
|
What is ta program that appears to be a legimitate application, utility, game, or screensaver and that performs malicious activities surreptitiously? acvivex control outlook express worm trojen horse |
trojan horse |
|
|
Which of the follwoing actions add new features and fixes bugs for anti-malware software? updating the anti-malware engine remediating unhealthy computers quarantining infected files and systems downloading signature files automatically |
updating the anti-malware engine |
|
|
What is the key characteristic of a worm? A worm can replicate itself and spread to toher systems it is malware that lies dormant until triggered it is a malicious program that is disguised as legitimate sofware it monitors the actions you take on yoru machine and sends the information back to its originating source. |
A worm can replicate itself and spread to toher systems |
|
|
To tightly control the anti-malware settings on your ocmputer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occuring again? Carefully review open firewall ports and close any unneded ports create a scheduled tak to run sfc.exe daily. configure the software to automatically download the virus definition files as soon as they become available. switch to a more reliable anti-virus software |
configure the software to automatically download the virus definition files as soon as they become available. |
|
|
A user reports that her machine is behaving erratically. She suspects something is wrong because lately a firewall alert keeps indicating programs are trying to access Internet, and several files have disapeared or have been renamed. What do you suspect is causing these problems? Low system memory Inccorect drivers malware infection faulty network card |
malware infection |
|
|
What is the main difference between a worm and a virus? a worm can replicate itself and does not need a host for distribution. A worm requires an execution mechanism to start, while a virus can start itself. A worm is restricted to one system while a virus can spread from system to system. A worm tries to gather information, while a virus tries to destroy data |
a worm can replicate itself and does not need a host for distribution. |
|
|
You have installed anti-virus software on computers at yoru buisness. Within a few days, however, you notice that one computer has a virus. When ou question the user, she says she did install the same software a few days ago, but it was suppose dto be a file compression utility. She admits she did not scan the file before running it . What should you add to your security measures to help prevent this from happening again? proxy server user awareness training close unused wfirewall ports account lockout |
user awareness training |
|
|
What is a cookie amalicious program taht runs when you read an email attachment a file saved on your hard drive that tracks web site preferences and use a malicious program that disguises itself as a useful program an executable file that runs in the backgroudn and tracks internet use |
a file saved on your hard drive that tracks web site preferences and use |
|
|
After installing some software a few days ago, your DVD drive tray randomly began to open and close. Today, you were called itno your boss's office to discuss why you are calling 900 numbers while at work. Which type of malware would create these systems? grayware adware spyware trojan horse |
grayware |
|
|
What are the most common means of virus distribution? (select two) floppy discs commericial software cds downoading music files from the internet malicous web sites |
malicous web sites |
|
|
You have just installed anti0virus software on all computers on your company network. Which additional actions should you take to help protect system from malicious software? (slect two) disconnect all computers from teh itnernet Train users to update the virus definition files frequently Train users to scan removable storage decie before copying files Require strong passwords in teh local polity conggure all computers with a screen saver password configure email servers to block all attachments |
Train users to update the virus definition files frequently Train users to scan removable storage decie before copying files |
|
|
What is the common name for a program that has no useful purpose, but attempt to spread iself to other systems and often damages resources on the system where it is found? Trojan horse buffer overflow password attack virus |
virus |
|
|
You have installed anti-malware software that checks for viruses in email attachements. YOu configure the software to quarentiene any fiels with problems. You recieve an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. What has happened to the file? It has been deleted from your system It has bee nmoved to a folder on you computer the fiel extension has been changed to prevent it from running. The infection has been removed, and the file has been saved to different location. |
It has bee nmoved to a folder on you computer |
|
|
You have a computer that runs windows 7. Where would you go to check if the system can recognize and use any installed anti-virus software? network and sharing center security center windows firewall windows update |
security center |
|
|
Your anti-virus software has detected malware on your system. However the anti-virus sofware is unable to remove it, wand when you try to delet teh files, you can't because they are in use. What should you try first? Run sfc.exe boot into safe mode and try removing the malware restore or install the operating sytem update the ant-virus definition files |
boot into safe mode and try removing the malware |
|
|
Which of the follwoing best describes spyware? It monitors the actions you take on your machine and sends the information back to its originating source. It monitors the actions of the user that would denore their personal preferences, then sends popups and ads to the user that match their tastes. It is a malicious program that is disguised as legitimate sofware it is a program that attempts to damage a computer system and replicate itelf to other computer systems. |
It monitors the actions you take on your machine and sends the information back to its originating source. |
|
|
Which of the following could easily result in a mailbox being full so taht messages can't be cecieved? impersonation spam social engeneering phishing |
spam |
|
|
You discover that a system on your network has been infected with a worm. What is the best way to prevent the spread of the worm to other systems while you work on removing the worm? quarentien the computer close the firewall ports that the worm uses update the virus definition files on all computers run a system scan on otehr computerws |
quarentien the computer |
|
|
Which of the following is the most common form of authentication? photo id digital certificate on a smart card username and password fingerpritn |
username and password |
|
|
Which of the following security measures is a form of biometrics? tpm bios password fingerprint scanner chassis intrusion detection |
fingerprint scanner |
|
|
While trying to log on, a user accidentally typed the wrong password three times, and how the system tells him that he can't log on because of too many incorrect passwords. He still remembers his password, but jsut typed it wrong. He needs access as quickly as possible. What should you do? unlock the account change the password for the account have the user wait for the account to be unocked automatically enable the accoutn |
unlock the account |
|
|
What do biometrics use to perform authentication of identity? ability perform tasks knowledge of passwords human characteristics possession of a device |
human characteristics |
|
|
You manage two computers with the following user acounts: wrk1 has user accounts Mary and Admin. The Mary account does not have a password set; the admin account does. wrk2 has user accounts mary and julia. The mary account has a password set; the Jula account does not. You are working from wrk2 and would like to access a shared folder on wrk1. What credentials should you use to access the shared folder? type jula for the username and leave the password blank type Mary for the username and specifythe password Type mary for the username and leave the password blank type admin the username and specify the password |
type admin the username and specify the password |
|
|
Which of the following is an example of a strong password? at9iov45a a8bT11$yi desktop#7 robert 694 |
a8bT11$yi |
|
|
Which of the following is a hardware device that contains identification information and which can be used to control building access or computer logon? smart card wap ssid security policy biometric |
smart card |
|
|
Which of teh follwoing is not a form of biometrics? face regognition retina scan token decvice fingerprint |
token device |
|
|
A user is trying to log into her notebook computer. She enters the correct password for her user account, but the system won't let her authenticate, claiming the strong password has been entered. What's causing the problem? She has entered the wrong password too many times, causing intruder detection in windows to lock the system. The keyboard must be replaced. The scroll lock key has been pressed, locking all input from the keyboard. The CPU is in a power-saved mode causing all login attempts to be denied. She has turned Num Lock on causing numbers to be sent from the keyboard insteaf of letters |
She has turned Num Lock on causing numbers to be sent from the keyboard insteaf of letters |
|
|
YOu are configuring the local security policy of a windows system. You wnat to prevent users from reusing old passwords. YOu also want to force them to use a new password for at least 5 days before changing it again. Which policies should you configure? (select two) enforce password history Password complexity Maximum password age Minimum password age |
enforce password history Minimum password age |
|
|
Following Windows installation, you enable built-in Administrator acound. You remove the password for this account. YOu enable remote desktop on your account using the default settings. From home, you try to access your computer using remote desktop using the administrator account, but your are unable to log on. What should you do? Configure a password for a administrator account Make the adminitrrator account a member of a remote desktop user group ulock the administrator account disable fast user switching on the computer |
Configure a password for a administrator account |
|
|
You are configuring the local security policy of a windows system. You are want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsucessful logon attempts. Which policies should you configure? (select two) account lockout threshold maximum passsord age password complexity minimum password length account lockout duration enforce password history |
account lockout threshold minimum password length |
|
|
Which type of biometric authentication uses the ridges of your skin? keystroke dynamics retina scan face scan fingerprint |
fingerprint |
|
|
Which of the following are biometric devieces? (select two) smart card reader retina scanner digitizer face scanner |
retina scanner face scanner |
|
|
YOur organization is frequently vidisted by sales reps. While onsite, they frequently plug their notebook systems into any available wall jack, hoping to get Internet connectivity. You are concerned that allowing them to do this could result in the spread of malware throughout your network. What should you do? select two Implement private IP addressing with a network address traslation (NAT) router facing the Internet Implement MAC address filering Implement SNMP traps on your netork switch implement static IP addressing |
Implement MAC address filering implement static IP addressing |
|
|
A small buisnsss named Big bikes, Inc. has hired you to evaluate tehir wireless network secuirty practices. As you analyzetheir wireless network security practives. As you analyze theri facility, you note the following: They use 802.11a wireless network The wireless network SSID is set to BWLAN The wireless network is nto broadcasting the network SSID. The wireless network uses WPA2 with AEs security. OMni-directional access points are positioned aroudn teh periphery of the building. based on teh information, what should you recommend your client do to cincrease their wireless network security? Enable ssid broadcast implement directional access points upgrade to an 802.11g wireless network change the ssid to something similar to BIigBikeINc COnfigure the wireless network to use WEP security |
implement directional access points |
|
|
Your Client has hired you to evaluate tehir wired network security posture. As you tour their facility, you note the following: server systems are kept in a locked server room user accounts on desktop systems have strong passwords assigned A locked door is used to control access to the work area. Users must use ID badges to ender the area. Users conenct their personal mobile devices to their computers using USB cables. Users word in three 8hour shifts per day. Each computer is shared by three users. Each user has a limited account on teh computer they use. Based on this information, what should you recomend your client do to increase security? Provision each employee with their own computer system. Move the server systems to an empty cubicle in the work area Assign users easy-to-remember simpole passwords so they wont be tempted to write them down disable the usb ports on user's workstations |
disable the usb ports on user's workstations |
|
|
A small buisness named widgets, inc. Has hired you to evaluate their wireless network security practices. As you analzye their facility, you note the folowg using a wireless netowrk locator device: they use an 802.11n wireles netowrk the wireless network is broadcasting an SSID of Linksys The wireless network uses WPA2 with AES security Directional access points are positioned aroudn the periphery of the building. Based on this informatin, What should you recomend your client do to increasetheir wireless netowrk securty? select two disable ssid broacast upgrade to an 802.11g wireless network Configure the wireless network to use WPA ith TKIP security. Implement omni-directional access points. Change the SSID to something other than the defauult |
disable ssid broacast Change the SSID to something other than the defauult |
|
|
To access your company's internal network from home, you use secure shell (ssh) The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Which port needs to remain open so you can still work from home? 21 80 22 443 23 |
22 |
|
|
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following IP ports should you open on teh firewall. select two 443 143 25 21 110 |
25 110 |
|
|
In which of the following siturations should you install a firewall? You want internet users to see a single IP address when acceessing your company network You want to improve network performance by saving popular web sites locally you wnat to impement a password system for internet users who acess your private website. You want to resrict Internet users fro maccesseing private data on your network |
You want to resrict Internet users fro maccesseing private data on your network |
|
|
Which of the following actions taken directly improves system security on windwos systems. select two intall anti-virus sofware configure 802.11n networking use task schedule to take regular backups enable the windows firewalls Disable automatic updates |
intall anti-virus sofware enable the windows firewalls |
|
|
Yo uwant to be able to access your home computer using remote deskto pwhile traveling. YOu enable Remote desktop, but you find that you cannot access your computer outside of your home netowrk. What shoudl you do? Move your home computer outside of the firewall open the telnet and ftp ports in your firewall configure a vpn conenction to your computer open a firewall port for the remote desktop program |
open a firewall port for the remote desktop program |
|
|
Which of the following is a firewall function>? packet filtering ftp hosting encrypting packet rearanging protocol converting |
packet filtering |
|
|
You are configureing a firewall to allow access to a server hosted on the demiliterized zone of your network. You open IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most liely to be hosted on the server? email server, newesgroup server, dns server web server, email server web server, dns server, dhcp server web server, dns server, email server |
web server, email server |
|
|
Which fo the follwoing is the best device to deploy to protect your private network from a public untrusted network? Firewall gateway hub router |
firewall |
|
|
To increase security on your company's internal network the administrator has disabled as many ports as possible. Now, however, though you can browse the internet, you are unable to perform secure credit card transations. Which port nees to be enabled to allow secure transations? 443 69. 80 23 21 |
443 |
|
|
You would like to control internet access basedo n users, time of day, and web sites visited. How can you do this? Configure the local security policy of each system to add internet restrictions configure a packet-filtering firewall. Add rules to allwo or deny Internet Access. Configure internet zones using the internet options Install a proxy server. Allow internet access only through te proxy server Enable windwos firewall on each system. Add or remove exceptions to control access |
Install a proxy server. Allow internet access only through te proxy server |
|
|
Which of the follwoing functions are performed by proxy servers? select two filer unwanted email block unwanted packes from entering your private network block employees fro maccessing certain web sites cache web pages store client fiels |
block employees fro maccessing certain web sites cache web pages |
|
|
Two employees cannot access any sites outside of the local network, but can stil laccess internal files on other internal subnets. Other employees are nto experienceing the same problem. You suspect teh issue may have something to do with the proxy server on your network and the settings in internet explorer. What shoudl you do? Identify the proxy sever name and port number in internet options identify the filtering settings on the proxy server for specific internet sites reconfigure teh clients to send all traffic directly to the ISP, bypassing the proxy server. User ipconfig to confirm APIPA has not assigned an IP address |
Identify the proxy sever name and port number in internet options |
|
|
You connect your computer to a wireless netowrk avialable at the local library. You find that you can access all web sites you want on the itnernet except for two. What might be causing the problem? A proxy server is blcoking access to the web sites. Port triggering is deirecting traffic to the wrong IP address. A firewall is blocking ports 80 and 443 The router has neot been configure to perform port forwarding |
A proxy server is blcoking access to the web sites. |
