Chapter 22 ■ Security Concepts Flashcards Preview

Comptia A+ > Chapter 22 ■ Security Concepts > Flashcards

Flashcards in Chapter 22 ■ Security Concepts Deck (20)
Loading flashcards...
1
Q
  1. Which component of physical security addresses outer-level access control?
    A. Perimeter security
    B. Mantraps
    C. Multifactor authentication
    D. Strong passwords
A

A. Perimeter security

2
Q
  1. You have a very small network in a home-based office, and you want to limit network
    access to only those hosts that you physically own. What should you utilize to make this
    possible?
    A. Static IP addresses
    B. Disabled DNS
    C. Default subnet mask
    D. Empty default gateway
A

A. Static IP addresses

3
Q
  1. As part of your training program, you’re trying to educate users on the importance of
    security. You explain to them that not every attack depends on implementing advanced
    technological methods. Some attacks, you explain, take advantage of human shortcomings
    to gain access that should otherwise be denied. Which term do you use to describe attacks
    of this type?
    A. Social engineering
    B. IDS system
    C. Perimeter security
    D. Biometrics
A

A. Social engineering

4
Q
  1. You’re in the process of securing the IT infrastructure by adding fingerprint scanners to
    your existing authentication methods. This type of security is an example of which of the
    following?
    A. Access control
    B. Physical barriers
    C. Biometrics
    D. Softening
A

C. Biometrics

5
Q
  1. Which type of attack denies authorized users access to network resources?
    A. DoS
    B. Worm
    C. Trojans
    D. Social engineering
A

A. DoS

6
Q
  1. As the security administrator for your organization, you must be aware of all types of
    attacks that can occur and plan for them. Which type of attack uses more than one computer
    to attack the victim?
    A. DoS
    B. DDoS
    C. Worm
    D. Rookits
A

B. DDoS

7
Q
  1. A vice president of your company calls a meeting with the IT department after a recent trip
    to competitors’ sites. She reports that many of the companies she visited granted access to
    their buildings only after fingerprint scans, and she wants your company to use a similar
    technology. Of the following, which technology relies on a physical attribute of the user for
    authentication?
    A. Smart card
    B. Biometrics
    C. Geo-fencing
    D. Tokens
A

B. Biometrics

8
Q
  1. You’ve discovered that credentials to a specific application have been stolen. The application
    is only accessed from one computer on the network. Which type of attack is this most
    likely to be?
    A. Man-in-the-middle
    B. Zero-day
    C. Denial-of-service (DoS)
    D. Smurf
A

A. Man-in-the-middle

9
Q
  1. A junior administrator comes to you in a panic. After looking at the log files, he has
    become convinced that an attacker is attempting to use a legitimate IP address to disrupt
    access elsewhere on the network. Which type of attack is this?
    A. Spoofing
    B. Social engineering
    C. Worm
    D. Password
A

A. Spoofing

10
Q
  1. Which of the following is different from a virus in that it can reproduce itself, is self-
    contained,
    and doesn’t need a host application to be transported?
    A. Worm
    B. Smurf
    C. Phish
    D. Trojan
A

A. Worm

11
Q
  1. A smurf attack attempts to use a broadcast ping on a network. The return address of the
    ping may be that of a valid system in your network. Which protocol does a smurf attack use
    to conduct the attack?
    A. TCP
    B. IP
    C. UDP
    D. ICMP
A

D. ICMP

12
Q
  1. Which wireless encryption protocol provides Advanced Encryption Standard (AES)
    encryption?
    A. Wired Equivalent Privacy (WEP)
    B. Wi-Fi Protected Access (WPA)
    C. Wi-Fi Protected Access 2 (WPA2)
    D. Temporal Key Integrity Protocol (TKIP)
A

C. Wi-Fi Protected Access 2 (WPA2)

13
Q
  1. You want to mitigate the threat of someone attaching a wireless access point to your wired
    network. What should you use to mitigate this threat?
    A. Firewall
    B. Data loss prevention (DLP)
    C. Active Directory
    D. Port security
A

D. Port security

14
Q
  1. You need to protect your users from potentially being phished via email. What of the
    following should you use to protect them?
    A. Antivirus software
    B. End-user education
    C. SecureDNS
    D. The principle of least privilege
A

B. End-user education

15
Q
  1. Your help desk has informed you that they received an urgent call from the vice president
    last night requesting his login ID and password. When you talk with the VP today, he says
    he never made that call. What type of attack is this?
    A. Spoofing
    B. Replay
    C. Social engineering
    D. Trojan horse
A

C. Social engineering

16
Q
  1. Internal users suspect repeated attempts to infect their systems, as reported to them by
    pop-up messages from their antivirus software. According to the pop-up messages, the
    virus seems to be the same in every case. What is the most likely culprit?
    A. A server is acting as a carrier for a virus.
    B. A password attack is being carried out.
    C. Your antivirus software has malfunctioned.
    D. A DoS attack is underway.
A

A. A server is acting as a carrier for a virus.

17
Q
  1. You’re working late one night and notice that the hard drive on your new computer is very
    active even though you aren’t doing anything on the computer and it isn’t connected to the
    Internet. What is the most likely suspect?
    A. A spear phishing attack is being performed.
    B. A virus is spreading in your system.
    C. Your system is under a DoS attack.
    D. TCP/IP hijacking is being attempted.
A

B. A virus is spreading in your system.

18
Q
  1. You’re the administrator for a large bottling company. At the end of each month, you
    routinely view all logs and look for discrepancies. This month, your email system error log
    reports a large number of unsuccessful attempts to log in. It’s apparent that the email server
    is being targeted. Which type of attack is most likely occurring?
    A. Brute-force
    B. Backdoor
    C. Worm
    D. TCP/IP hijacking
A

A. Brute-force

19
Q
  1. Your boss needs you to present to upper management the need of a firewall for the network.
    What is the thesis of your presentation?
    A. The isolation of one network from another
    B. The scanning of all packets for viruses
    C. Preventing password attacks
    D. The hardening of physical security
A

A. The isolation of one network from another

20
Q
  1. Which Active Directory component maps printers and drives during login?
    A. Home folders
    B. Organizational unit
    C. Login script
    D. Microsoft Management Console (MMC)
A

C. Login script