Domain 3: Security Session 1 Flashcards by Dylan B 2019

Which type of malware needs a carrier, such as a Microsoft Office app, in order to propagate?
Choices:

A - Virus
B - Worm
C - Spyware
D - Trojan horse

A - Virus

How well did you know this?

Not at all

Perfectly

A user downloaded what was thought to be an antivirus program but instead turned out to be malware. Which type of malware infected the user's computer?
Choices:
A - Virus 
B - Worm 
C - Trojan 
D - Ransomware

C - Trojan

How well did you know this?

Not at all

Perfectly

Which type of malware is most likely to infect an MBR?
Choices:

A - Virus
B - Worm
C - Trojan
D - Rootkit

D - Rootkit

How well did you know this?

Not at all

Perfectly

Which is an example of a phishing attack?
Choices:

A - An email which targets a specific individual
B - A seemingly credible update which corrupts the MBR
C - A seemingly credible update which locks up the system
D - An email from a seemingly credible source asking for personal information

D - An email from a seemingly credible source asking for personal information

How well did you know this?

Not at all

Perfectly

Which type of phishing attack targets executives or individuals in high authority who have access to a lot of money?
Choices:

A - Whaling
B - Tailgating
C - Spear phishing
D - Social engineering

A - Whaling

How well did you know this?

Not at all

Perfectly

Which is an example of social engineering?
Choices:

A - A black hat individual audits a system
B - An attacker leaves a backdoor on a system using a rootkit
C - Someone under a false guise calls an individual and solicits logon information
D - Someone using false credentials creates a fake email account and uses it to send out harmful information

C - Someone under a false guise calls an individual and solicits logon information

How well did you know this?

Not at all

Perfectly

Shoulder surfing is when someone looks at a user’s screen while the user enters sensitive information.

A - True
B - False

A - True

How well did you know this?

Not at all

Perfectly

Which best defines a botnet or zombies?
Choices:

A - A command server controlling multiple computers
B - Multiple computers carrying out an attack simultaneously
C - One person controlling multiple computers simultaneously
D - One computer infects other computers using the zombie virus

B - Multiple computers carrying out an attack simultaneously

How well did you know this?

Not at all

Perfectly

Which type of password attack refers to the attacker simply guessing the password until they get it right?
Choices:

A - Botnet
B - Phishing
C - Spoofing
D - Brute force

D - Brute force

How well did you know this?

Not at all

Perfectly

Which are examples of non-compliant systems? Choose two answers.
Choices:

A - A computer with no antimalware protection
B - A computer with an outdated operating system
C - A computer which has the incorrect version of Office installed
D - A computer which has not run Windows Update in the past three days

A - A computer with no antimalware protection

B - A computer with an outdated operating system

How well did you know this?

Not at all

Perfectly

Which are ways to make users aware of security standards in the workplace? Choose two answers.
Choices:

A - End-user training
B - Acceptable use policy
C - Principle of least privilege
D - Discretionary access methods

A - End-user training

B - Acceptable use policy

How well did you know this?

Not at all

Perfectly

One example of a man-in-the-middle attack is when a __________ is invaded by a third party who intercepts data and impersonates one of the two members involved.
Choices:

A - server
B - monitor
C - two-way email
D - two-way instant messaging chat

D - two-way instant messaging chat

How well did you know this?

Not at all

Perfectly

A new hire at a company, in reading the security policy, sees that a clean desk policy is enforced. The new hire wants clarification from IT personnel as to what a clean desk policy entails. Which should the IT personnel tell the new hire?
Choices:

A - A clean desk policy involves keeping the desk dust-free
B - A clean desk policy involves keeping the desk free of food and drink
C - A clean desk policy involves keeping the desk free of network cables
D - A clean desk policy involves keeping the desk clear of any confidential documents

D - A clean desk policy involves keeping the desk clear of any confidential documents

How well did you know this?

Not at all

Perfectly

Which disposal method is best used in relation to sensitive documents that are no longer needed?
Choices:

A - Shredder
B - Dumpster
C - Trash can
D - Recycle Bin

A - Shredder

How well did you know this?

Not at all

Perfectly

A person tailgates a legitimate employee into a building and is now caught between that door and a more secure door. The person is trapped inside of which kind of area?
Choices:

A - Red
B - Blue
C - Tailgate
D - Mantrap

D - Mantrap

How well did you know this?

Not at all

Perfectly

Using facial recognition to unlock a smartphone is a form of which type of physical security?
Choices:

A - RFID
B - Token
C - Biometrics
D - Smart card

C - Biometrics

How well did you know this?

Not at all

Perfectly

Which device helps to cut off viewable angles on a monitor?
Choices:

A - Privacy filter
B - Screen cover
C - Screen dimmer
D - Brightness control

A - Privacy filter

How well did you know this?

Not at all

Perfectly

Which is an example of a digital antimalware security service?
Choices:

A - Applegate
B - Windows Update
C - Windows Firewall
D - Windows Defender

D - Windows Defender

How well did you know this?

Not at all

Perfectly

Strong passwords are made up of uppercase and lowercase letters, numbers, and __________.
Choices:

A - verbs
B - symbols
C - long phrases
D - proper nouns

B - symbols

How well did you know this?

Not at all

Perfectly

Which are Linux permission levels? Choose three answers.
Choices:

A - Edit 
B - Write 
C - Read 
D - Listen 
E - Manage 
F - Execute

B - Write
C - Read
F - Execute

How well did you know this?

Not at all

Perfectly

A user has received an email that seems like junk mail. Which action should the user take?
Choices:

A - Delete the email
B - Send a reply to the email
C - Open the email and see who sent it
D - Send the email to the junk email folder

D - Send the email to the junk email folder

How well did you know this?

Not at all

Perfectly

A __________ does not qualify as multifactor authentication.
Choices:

A - username and password
B - retinal scanner and smart card
C - password and fingerprint scanner
D - smart card, username, and password

A - username and password

How well did you know this?

Not at all

Perfectly

In Linux, which is the equivalent of a trusted or untrusted software source?
Choices:

A - Directory commands
B - Trusted and untrusted folders
C - Trusted and untrusted packages
D - Trusted and untrusted commands

C - Trusted and untrusted packages

Which four items should be taught to users to help protect sensitive information in an acceptable use policy?
Choices:

A - Take inventory
B - Look behind you
C - Lock a machine that is left on
D - Never share password information
E - Use third-party software whenever possible
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

C - Lock a machine that is left on
D - Never share password information
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

Which are the four types of users in a server or network environment? Choices: ``` A - Pro B - Guest C - Power D - Formal E - Standard F - Business G - Administrator ```

B - Guest C - Power E - Standard G - Administrator

It is easier to track permissions that are denied than permissions that are allowed on a network. A - True B - False

B - False

Which are file attributes on an NTFS volume? Choose two answers. Choices: ``` A - Edit B - Hidden C - Read-only D - Write-only E - Read/Write ```

B - Hidden | C - Read-only

System files can be found in which folders on a Windows device? Choose two answers. Choices: A - System32 B - System64 C - SysWOW32 D - SysWOW64

A - System32 | D - SysWOW64

__________ means a user only needs to log on once in order to access all of the resources on a network. Choices: A - TLS B - Single sign-on C - Being a power user D - Administrative access

B - Single sign-on

BitLocker is available in which versions of Windows? Choose two answers. Choices: A - Windows 7 Ultimate B - Windows 8 Ultimate C - Windows 7 Professional D - Windows 8 Professional

A - Windows 7 Ultimate | D - Windows 8 Professional

BitLocker To Go is used to encrypt which item? Choices: A - USB drive B - Optical disc C - Internal hard drive D - External hard drive

D - External hard drive

Which best defines a maximum password age? Choices: A - How long a password is used B - How long a password can be used before it must be changed C - The amount of time a password is used to protect an account D - The amount of time that must pass before a password can be changed

B - How long a password can be used before it must be changed

A password should always be used in order to prevent someone from easily accessing sensitive data. A - True B - False

A - True

A technician needs to disable the Guest account on a computer, but cannot remember if it was already disabled. Which symbol should the technician look for to see if the Guest account is disabled? Choices: A - Red shield B - Black shield C - Red arrow pointing down D - Black arrow pointing down

D - Black arrow pointing down

AutoPlay can be disabled from which area of a Windows machine? Choices: A - Control Panel B - Task Manager C - Active Directory D - Group Policy Editor

A - Control Panel

A technician has a hard drive which was encrypted using BitLocker. The technician needs to move the data on the hard drive to a new location. Which protocols could the technician use to transfer the data while it is encrypted? Choose three answers. Choices: ``` A - TLS B - EFS C - AES D - SSH E - BitLocker ```

A - TLS C - AES D - SSH

Which are screen locks used on mobile devices? Choose four answers. Choices: ``` A - PIN B - Slide C - Driver D - Retinal E - Certificate F - Password G - Face Unlock ```

A - PIN B - Slide F - Password G - Face Unlock

Which actions can be taken using a locator application for an iOS device? Choose three answers. Choices: ``` A - Lock the device B - Perform a backup C - Make the device ring D - Erase data on the device E - Activate monitoring hardware ```

A - Lock the device C - Make the device ring D - Erase data on the device

Which are examples of remote backup applications? Choose two answers. Choices: A - iCloud B - Google.com C - Apple Backup D - Android Device Manager

A - iCloud | B - Google.com

Although __________ devices are less prone to get viruses, it is still important to have a good antivirus or antimalware program. Choices: A - iOS B - Linux C - Android D - Windows

A - iOS

Apple mobile devices are updated and patched using which item? Choices: A - Store B - iCloud C - iTunes D - App Store

D - App Store

Which is required to decrypt a mobile device when it boots up? Choices: A - PIN B - Face C - Certificate D - Fingerprint

A - PIN

Which items make up multifactor authentication? Choose three answers. Choices: ``` A - Biometrics B - Certificates C - Passwords D - Who you are E - What you have F - What you know ```

D - Who you are E - What you have F - What you know

Which is a trusted application source for an Android device? Choices: A - OneDrive B - Play Store C - Google Store D - Apps n' Stuff

B - Play Store

Which firewall element is the main focus for mobile devices? Choices: A - Ports B - Protocols C - Programs D - Networks

C - Programs

Profile security requirements should start with __________ regulations and be shaped from there. Choices: A - market B - industry C - corporate D - industry or government

D - industry or government

Which items can a shredder destroy? Choose two answers. Choices: A - CD B - Hard drive C - Flash drive D - Credit card

A - CD | D - Credit card

Which type of recycling format is performed at the hard drive disk manufacturer? Choices: A - Standard B - High level C - Low level D - Advanced

C - Low level

``` Which are hard drive recycling and repurposing tools? Choose two answers. Choices: A - Drill B - Overwrite C - Drive wipe D - Compactor E - Recycle format ```

B - Overwrite | C - Drive wipe

Which process is used to adversely affect data on a hard drive, short of destroying the hard drive? Choices: A - Drilling B - Hammering C - Degaussing D - Demagnetizing

C - Degaussing

How should larger hardware be destroyed? Choices: A - Drill B - Hammer C - Incinerator D - Degausser

C - Incinerator

Which item proves that a device which needs to be destroyed has been destroyed? Choices: A - Inspection B - Shredded paper C - Pulled-apart equipment D - Certificate of destruction

D - Certificate of destruction

Which are wireless access point encryption protocols? Choose three answers. Choices: ``` A - TLS B - SHL C - WEP D - WPA E - WPA2 ```

C - WEP D - WPA E - WPA2

Which feature allows users to easily connect to a wireless network without entering an SSID using a button? Choices: A - AES B - WEP C - WPS D - WPA

C - WPS

Decreasing the __________ of a wireless access point will also decrease the Wi-Fi speed. Choices: A - encryption B - WPS levels C - antenna levels D - radio frequency signal

D - radio frequency signal

Which area of a Windows machine is used to assign static IP addresses? Choices: A - Control Panel B - Action Center C - Active Directory D - Network and Sharing Center

D - Network and Sharing Center

When it comes to physical security, if an item can be __________, it should be secured. Choices: A - lifted B - touched C - formatted D - downloaded

B - touched