220-1102 Security

Question 1

What is a small room with a set of two doors, one to the outside, unsecured area and one to the inner, secure area. Also known as a mantrap.

Answer 1

Access Control Vestibule

Question 2

What are devices that store some unique information that a user carries on their person?

Answer 2

Security tokens

Question 3

Which device provides a one-time use code that is used to authenticate a user in addition to a username and password?

Answer 3

RSA Token

Question 4

What is the most common RSA Token in hard token form?

Answer 4

Key Fob

Question 5

What is a fancy term for a metal detector?

Answer 5

Magnetometer

Question 6

What kinds of drives can support access control lists (ACLs)

Answer 6

Drives with modern file systems such as NTFS, APFS, HFS+, and ext3/4

Question 7

What is an example of a soft token?

Answer 7

Authenticator application

Question 8

In a Windows domain, a computer running Windows Server is configured as a what?

Answer 8

domain controller

Question 9

What does a domain controller store?

Answer 9

domain accounts

Question 10

What can a login script do for a domain account?

Answer 10

Map network drives, place an information box on the screen, run applications and more

Question 11

In active directory, what enables you to organize users and computers by function, location, permission and more?

Answer 11

Organizational units (OUs)

Question 12

What do roaming profiles in active directory provide the user?

Answer 12

Each time the user logs into a new machine, their home folder data can move with them

Question 13

What is the difference between active directory groups, security groups, and user groups?

Answer 13

Active directory groups and security groups are the same term. They are more powerful and more centrally managed than user groups.

Question 14

What is an interlinked area of physical and logical security that includes: physical security, authentication, users, groups, and security policies?

Answer 14

Access Control

Question 15

What encryption standard does WPA2 use?

Answer 15

Advanced Encryption Standard (AES)

Question 16

Which wifi security addresses usability and security issues that affected its predecessor by including encryption to protect data of users on open (public) networks?

Answer 16

WPA3

Question 17

Which encryption method was introduced in WPA and is supported by WPA2, but lessens security?

Answer 17

Temporal Key Integrity Protocol (TKIP)

Question 18

Which authentication protocol enables a central authorization server to pass out keys that individual clients can present to access resources as needed?

Answer 18

Kerberos

Question 19

What is malware that replicates and activates by attaching to executable programs or the drives boot sector?

Answer 19

Virus

Question 20

What kind of virus live inside the system’s boot partition and activate their malicious code before the security software can start?

Answer 20

Boot sector virus

Question 21

What is it called when a virus does something like corrupting data or stealing private information?

Answer 21

Activation

Question 22

What kind of malware does not need to attach itself to other programs to replicate?

Answer 22

Worm

Question 23

What is a piece of malware that appears or pretends to do one thing while, at the same time, doing something evil?

Answer 23

Trojan

Question 24

What malware logs the user’s keystrokes and makes that information available to the attacker?

Answer 24

Keylogger

Question 25

Which malware takes advantage of very low-level operating system functions to hide itself?

Answer 25

Rootkit

Question 26

What are the 7 steps for malware removal

Answer 26

1. Investigate and verify malware symptoms 2. Quarantine infected systems 3. Disable System Restore in Windows 4. Remediate infected systems A. Update anti-malware software B. Scanning and removal techniques 5. Schedule scans and run updates 6. Enable System Restore and create a restore point in Windows 7. Educate the end user

Question 27

When attempting to remediate an infected system, what do you do if you restore from a backup and the system is still infected?

Answer 27

Perform a clean install

Question 28

CompTIA considers removing a virus as part of what step?

Answer 28

Remediation

Question 29

What is a fake wireless access point configured to mimic the traits of a legitimate device and network?

Answer 29

Evil Twin

Question 30

What attack is when the attacker injects malicious code into the Web app in order to trick it into sending things it shouldn't to other users of the Web site?

Answer 30

Cross-site scripting (XSS)

Question 31

Which Windows account has almost as much power as an Administrator?

Answer 31

Power User

Question 32

Which NTFS setting controls which NTFS permissions apply to newly created files or subfolders?

Answer 32

Inheritance

Question 33

Which variation of Bitlocker can encrypt removable drives?

Answer 33

Bitlocker to go

Question 34

Which Windows feature opens a dialogue box when removable media is inserted into the computer, providing options based on what Windows finds on the drive, including starting the autorun application.

Answer 34

AutoPlay

Question 35

Which Windows feature enables Windows to look for and read a file called autorun.inf immediately after a removable media device (optical disk or thumb drive) is inserted and automatically run whatever program that file lists?

Answer 35

Autorun

Question 36

How do third party drive disposal services guarantee they have destroyed drives?

Answer 36

By issuing a certificate of destruction/recycling

Question 37

What are phyiscal destruction techniques?

Answer 37

drilling, shredding, degaussing and incineration.

Question 38

What security setting enables an administrator to set rules about whether packets should be sent or received based on the source or destination IP address?

Answer 38

IP filtering

Question 39

Which security setting enables you to open an incoming connection to one computer automatically based on a specific outgoing connection?

Answer 39

Port triggering

Question 40

Which security setting puts any system within the specified IP addresses outside the protection of the firewall, opening all ports and enabling all incoming traffic?

Answer 40

Screened subnet

Question 41

Why should you change the SSID of a WAP?

Answer 41

The default SSID gives away important clues about the manufacturer and model of an access point

Question 42

which shutdown option has the system restart instead of shutting down?

Answer 42

/r

Question 43

In the command prompt, what does the F1 key do?

Answer 43

rebuilds the last command one letter at a time

Question 44

In the command prompt, what does the F3 do?

Answer 44

rebuilds the entire command at once

Question 45

How do you cycle through the history of your previous commands in command prompt?

Answer 45

Press the up arrow to see your previous commands. Press the right arrow to add the options

Question 46

What is a deviation from established standards, specifications or requirements?

Answer 46

Non-compliance

Question 47

Which AAA technology - Encrypts the entire payload of the access-request packet - is Primarily used for device administration - Separates authentication and Authorization?

Answer 47

TACACS+

Question 48

Which AAA technology - is Primarily used for network access - Combines authentication and authorization - Encrypts only the password in the access-request packet

Answer 48

RADIUS

Question 49

Which AAA technology is a completely open standard developed by the IETF? It is partially encrypted and uses UDP ports 1812 and 1813.

Answer 49

RADIUS

Question 50

What was developed as a proprietary protocol by Cisco but has been released as an "open" description so other companies can implement it? It is fully encrypted and runs on TCP port 49

Answer 50

TACACS+

Question 51

Which Wifi security standard utilizes AES-GCMP?

Answer 51

WPA3

Question 52

What malware makes copies of itself by injecting itself as extra code added to the end of executable programs?

Answer 52

Virus

Question 53

What kind of attack: - Exploits the trust a user's web browser has in a website - A malicious script is injected into a trusted website - The users browser executes attacker's script

Answer 53

XSS

Question 54

What kind of attack is when an attacker injects malicious code into a web app in order to trick it into sending things it should't to other users of the Web Site.

Answer 54

Cross-Site Scripting (XSS)

Question 55

What are the three different ways you can run an application as a administrator in windows?

Answer 55

- right click on an application icon and select run as administrator - In the Windows start menu, press and hold control + shift keys and left-click on an application icon - Launch windows run dialog box (windows logo key + R) type in the applications name and press control + shift + enter

Question 56

in NTFS, does a folder copied from one location to another retain its original permissions or inherets permissions of its new parent folder?

Answer 56

parent folder

Question 57

What is the correct syntax for applying read-only attributes to a file?

Answer 57

attrib +R [drive:] [path] [filename]

Question 58

Which user group in Windows (Win 7 and before) had rights and permission that allowed its members to perform specific administrator-level tasks?

Answer 58

Power Users

Question 59

In Windows, does a file moved on the same volume keep original permissions or inherits new permissions?

Answer 59

keeps original

Question 60

In Windows, does a file moved to a different volume keep original permissions or inherits new permissions?

Answer 60

Inherits new permissions

Question 61

What allows Windows to automatically execute code contained on a newly mounted storage media?

Answer 61

AutoRun

Question 62

What is a system component that displays a dialog box containing applicable options for newly mounted storage media?

Answer 62

AutoPlay

Question 63

What is quick format often referred to as?

Answer 63

High-level format

Question 64

What simplifies networking by allowing devices to dynamically join a network, autoconfigure and learn about the presence and capabilities of other devices?

Answer 64

UPnP

Question 65

What is referred to as zero-configuration networking?

Answer 65

UPnP

Question 66

What is application software the selectively blocks access to websites?

Answer 66

Content Filter

Question 67

What two types of VPNs allows a device to connect to the company network over an untrusted network?

Answer 67

Remote Access and Client-to-site

Question 68

What software - Gives permanent remote access - Access is based on a local password - A Windows tool used for connecting remotely to the user's own computer

Answer 68

RDP