Chapter 9

Question 1

Which of the following is NOT a reason why supply chain infections are considered especially dangerous?

a. If the malware is planted in the ROM firmware of the device this can make it difficult or sometimes even impossible to clean an infected device.
b. Users are receiving infected devices at the point of purchase and are completely unaware that a brand new device may be infected.
c. It is virtually impossible to closely monitor every step in the supply chain.
d. Supply chains take advantage of the trusted “chain of trust” concept.

Answer 1

d. Supply chains take advantage of the trusted “chain of trust” concept.

Question 2

Which type of operating system runs on a firewall, router, or switch?

a. Server OS
b. Network OS
c. Device OS
d. Resource OS

Answer 2

b. Network OS

Question 3

Which of the following is NOT designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow?

a. Barricade
b. Fencing
c. Roller barrier
d. Type V controls

Answer 3

a. Barricade

Question 4

Which of the following is NOT a motion detection method?

a. Magnetism
b. Radio frequency
c. Moisture
d. Infrared

Answer 4

c. Moisture

Question 5

Which type of residential lock is most often used for keeping out intruders?

a. Encrypted key lock
b. Keyed entry lock
c. Privacy lock
d. Passage lock

Answer 5

b. Keyed entry lock

Question 6

A lock that extends a solid metal bar into the door frame for extra security is the _____.

a. triple bar lock
b. deadman’s lock
c. full bar lock
d. deadbolt lock

Answer 6

b. deadman’s lock

Question 7

Which statement about a mantrap is true?

a. It is illegal in the United States.
b. It monitors and controls two interlocking doors to a room.
c. It is a special keyed lock.
d. It requires the use of a cipher lock.

Answer 7

b. It monitors and controls two interlocking doors to a room.

Question 8

Which of the following is NOT a typical OS security configuration?

a. Employing least functionality
b. Restricting patch management
c. Disabling default accounts/passwords
d. Disabling unnecessary ports and services

Answer 8

b. Restricting patch management

Question 9

Which of the following can be used to secure a laptop or mobile device?

a. Mobile connector
b. Cable lock
c. Mobile chain
d. Security tab

Answer 9

b. Cable lock

Question 10

Which of the following is NOT a characteristic of an alarmed carrier PDS?

a. Requires periodic visual inspections
b. Uses continuous monitoring
c. Carrier can be hidden above the ceiling
d. Eliminates the need to seal connections

Answer 10

a. Requires periodic visual inspections

Question 11

Which of the following is NOT a memory vulnerability?

a. DLL injection
b. Pointer deference
c. Buffer overflow
d. Variable overflow

Answer 11

d. Variable overflow

Question 12

Which stage is a “quality assurance” test that verifies the code functions as intended?

a. Production stage
b. Testing stage
c. Staging stage
d. Development stage

Answer 12

c. Staging stage

Question 13

Which model uses a sequential design process?

a. Waterfall model
b. Rigid model
c. Agile model
d. Secure model

Answer 13

a. Waterfall model

Question 14

What allows for a single configuration to be set and then deployed to many or all users?

a. Snap-In Replication (SIR)
b. Active Directory
c. Group Policy
d. Command Configuration

Answer 14

c. Group Policy

Question 15

Which of the following is a cumulative package of all patches?

a. Rollup
b. Service pack
c. Patch
d. Hotfix

Answer 15

b. Service pack

Question 16

Which of the following is NOT an advantage to an automated patch update service?

a. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs.
b. Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time because each computer does not have to connect to an external server.
c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service.
d. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available.

Answer 16

c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service.

Question 17

How can an SDIO card be made secure?

a. Using the security mechanisms on a standard Wi-Fi network.
b. Turning on patch updates to the SDIO card.
c. Requiring a username before accessing the SDIO card.
d. SDIO cards are natively secure and no security settings are needed.

Answer 17

a. Using the security mechanisms on a standard Wi-Fi network.

Question 18

How does heuristic detection detect a virus?

a. A virtualized environment is created and the code is executed in it.
b. A string of bytes from the virus is compared against the suspected file.
c. The bytes of a virus are placed in different “piles” and then used to create a profile.
d. The virus signature file is placed in a suspended chamber before streaming to the CPU.

Answer 18

c. The bytes of a virus are placed in different “piles” and then used to create a profile.

Question 19

Which of these is a list of approved email senders?

a. Blacklist
b. Whitelist
c. Bluelist
d. Yellowlist

Answer 19

b. Whitelist

Question 20

Which of the following types of testing uses unexpected or invalid inputs?

a. Stress testing
b. Dynamic analysis
c. Static analysis
d. Runtime testing

Answer 20

b. Dynamic analysis

Question 21

What type of package helps prevent computers from becoming infected by differetn types of spyware?

Answer 21

A package known as antispyware helps prevent computer from becoming infected by different types of spyware.

Question 22

Which of the following are considered to be part of a typical OS security configuration? ( choose all that apply)

a) disabling default accounts/passwords
b) disabling unnecessary ports and services
c) password auditing
d) employing least functionality

Answer 22

b) disabling unnecessary ports and services
c) password auditing
d) employing least functionality

Question 23

What is provisioning?

Answer 23

Provisioning is the enterprise wide configuration, deployment, and management of multiple types of IT system resources. This concept relates to application development.

Question 24

What type of OS in firmware is designed to manage a specfic device like a video game console?

a) network OS
b) workstation OS
c) client )S
d) appliance OS

Answer 24

d) appliance OS

Question 25

An automated patch update service is used to manage patches within the enterprise instead of relying on the vector’s online updates.

(True/False)

Answer 25

True

Question 26

What type of update does not allow a user to refuse or delay security update?

a) security
b) preventative
c) forced
d) mandatory

Answer 26

c) forced

Question 27

A Wi-Fi enabled microSD card is an example of what type of device?

a) mobile card
b) PCIe
c) Secure Digital
d) SDIO

Answer 27

d) SDIO

Question 28

What type of filtering software divides email messages that have been received into two piles, spam and non-spam, and then analyzes every word in each email and determines how frequently a word occurs in the spam pile compared to the not-spam pile?

a) extension filtering
b) whitelist filtering
c) blacklist filtering
d) Bayesian filtering

Answer 28

d) Bayesian filtering

Question 29

When securing a laptop, it can be placed in an office or a desk drawer.

(T/F)

Answer 29

False