Core 2: Logical Security Flashcards Preview

CompTIA A+ 2019 > Core 2: Logical Security > Flashcards

Flashcards in Core 2: Logical Security Deck (31)
Loading flashcards...
1
Q

A type of hierarchical database structure used in Windows Server environments that enables centralized management of devices and resources on a network is known as:

HomeGroup
Active Directory
Workgroup
Windows domain

A

Active Directory

2
Q

On a Windows domain, this tool can be used by system administrators to configure initial desktop environment (which may include mapping a network drive or setting up access to a shared printer) for a specific user.

MDM policy
Login script
Group Policy
Directory permissions

A

Login script

3
Q

Which of the following terms describes a large network of Windows-based PCs under single administration?

HomeGroup
Windows domain
Active Directory
Workgroup

A

Windows domain

4
Q

In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.

Local Users and Groups
Resource Monitor
Group Policy
User Account Control (UAC)

A

Group Policy

5
Q

Windows Active Directory service allows for grouping users and computers into containers known as Organizational Units (OUs). An OU is the smallest unit to which system administrators can assign Group Policy settings to manage the configuration and use of accounts and resources within a given OU.

True
False

A

True

6
Q

In Windows domain environment, the term “Home Folder” refers to a directory on a local PC where users can back up their data and files.

True
False

A

False

7
Q

Which of the Windows Active Directory Group Policy settings allows network administrators to map a folder on a user’s PC to a server-based location?

Folder redirection
Local Users and Groups
User Account Control (UAC)
Directory permissions

A

Folder redirection

8
Q

Which of the following is an example of a soft token?

USB token
Authenticator app
Smart card
Key fob

A

Authenticator app

9
Q

Which type of software enables a centralized administration of mobile devices?

MFA
MMC
MDM
MFD

A

MDM

10
Q

What is the name of a logical security access control method in which a 48-bit physical address assigned to each Network Interface Card (NIC) is used to determine access to the network?

MAC address filtering
Network Address Translation (NAT)
Static IP addressing
Network Access Control (NAC)

A

MAC address filtering

11
Q

Which of the following answers refers to an example implementation of certificate-based authentication?

Smart card
ID badge
PIN code
Biometric lock

A

Smart card

12
Q

Virus definition database files contain detection patterns for known viruses. To be effective, an AV program needs up-to-date versions of these files which can be obtained through an AV software update feature.
True
False

A

True

13
Q

An antivirus database entry used for identifying malicious code is known as virus:

ID
Record
Signature
Repository

A

Signature

14
Q

An antivirus software is kept up to date via: (Select 2 answers)

 Driver updates
 Application updates
 Engine updates
 OS updates
 Virus signature updates
A

Engine updates

Virus signature updates

15
Q

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers)

Host-based firewall
Software firewall
Network-based firewall
Hardware firewall

A

Host-based firewall

software firewall

16
Q

Which of the following firewall types would provide the best protection for an ingress/egress point of a corporate network? (Select 2 answers)

Hardware firewall
Network-based firewall
Software firewall
Host-based firewall

A

Hardware firewall

Network-based firewall

17
Q

Which of the following is a set of firewall entries containing information on traffic considered safe enough to pass through?

Whitelist
Routing table
Blacklist
MAC address table

A

Whitelist

18
Q

In IT security, the term “User authentication” refers to the process of proving user identity to a system. Authentication process can be based on different categories of authentication factors, including unique physical traits of each individual, such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). Additional factors might include geolocation (“somewhere you are”), or user-specific activity patterns such as keyboard typing style (“something you do”). Multi-factor authentication systems require implementation of authentication factors from two or more different categories.

True
False

A

True

19
Q

Which of the following statements are true? (Select 2 answers)

NTFS permissions apply only to local users

NTFS permissions can be applied only on a folder level

NTFS permissions apply to both network and local users

NTFS permissions can be applied to a folder or individual file

A

NTFS permissions apply to both network and local users

NTFS permissions can be applied to a folder or individual file

20
Q

VPN connection types are divided into remote-access VPNs (used for connecting a computer to a network), and site-to-site VPNs (used for connecting networks).

True
False

A

True

21
Q

Which of the following ensures the privacy of a VPN connection?

Hashing
Tunneling
Authentication
Packet inspection

A

tunneling

22
Q

Which of the following is a dedicated device designed to manage encrypted connections established over an untrusted network such as the Internet?

VPN concentrator
Proxy server
Distributed switch
UTM appliance

A

VPN concentrator

23
Q

Examples of secure network protocols used for establishing VPN connections include: (Select 2 answers)

 IPP
 WEP
 IPsec
 HTTP
 TLS
A

IPsec

TLS

24
Q

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network?

DRP
DHE
DLP
DEP

A

DLP

25
Q

Which of the following is a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

DLP
NAT
ACL
DEP

A

ACL

26
Q

A rule-based access control mechanism implemented on routers, switches, and firewalls is known as:

ACL
CSR
DLP
AUP

A

ACL

27
Q

What is the function of a laptop’s smart card reader?

Storage expansion
Access control
Theft prevention
Data encryption

A

Access control

28
Q

Which of the following logical security controls provides a countermeasure against unsolicited electronic messages (a.k.a. spam)?

Mail relay
Host-based firewall
Email filtering
SMTP server

A

email filtering

29
Q

Which of the following can be used by system/network administrators to restrict a user’s ability to install software?

 AUP
 Group Policy
 Principle of least privilege
 MDM solutions
 All of the above
A

all of the above

30
Q

One of the ways of confirming that a software application comes from a trusted source is the verification of its digital signature. A digitally signed software proves the identity of the developer and guarantees that the application code hasn’t been tampered with since it was signed. The authenticity and integrity of the application’s code can be verified by comparing results of a cryptographic hash function (original hash published by the application developer vs. hash obtained from a downloaded app).

True
False

A

true

31
Q

A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as principle of least privilege.

True
False

A

true