Lesson 11

Question 1

The operating system’s role in the protection of the system from physical threats involves:

Answer 1

providing tools to enable system backups and restoration of the OS itself, files, programs and data

Question 2

The two types of OS backups are:

Answer 2

File backups and system image backups

Question 3

Computer security is:

Answer 3

the maintenance of system integrity, availability and confidentiality at all times

Question 4

The operating system uses _____ to ensure users have authorized access to the computer system.

Answer 4

The OS uses authentication to ensure that a user accessing a program is authorized or legitimate.

Question 5

A program which stands as a barrier between a computer system and external traffic is known as _____.

Answer 5

a firewall

Question 6

Which software is used to process instructions and coordinate between devices?

Answer 6

Operating system

Question 7

Which system resource is most likely to use IRQ?

Answer 7

The hardware will get the CPU’s attention using IRQ. (‘hey, there’s something new here’)
answer: hardware

Question 8

Which of the following would be the most appropriate description of how DMA is used?

Answer 8

DMA channels allow connection between hardware device and memory

Question 9

Which of the following is software that enables you to perform a specific function?

Answer 9

An application

Question 10

You have inserted the USB cable for an external hard drive. Which of the following most describes the process or tool that allows the device to be recognized and usable by the operating system?

Answer 10

PnP
PnP, or plug-and-play, ensures that devices can be plugged in and used/identified by the OS. Behind the scenes, the OS communicates with the hardware, using software to identify the device.

Question 11

An OS security policy is one that outlines the processes of ensuring that the system maintains a certain level of _____, _____ and _____.

Answer 11

integrity, confidentiality, availability

Question 12

When implementing OS security policies and procedures, how often should organizations review them?

Answer 12

Organizations should review their OS security policies and procedures quarterly or annually. When there are any minor or major changes in the organization’s assets, infrastructure or networks, all policies and procedures should be updated.

Question 13

Which policy includes both the incident response policy and the disaster recovery plan?

Answer 13

Business Continuity Plan

Question 14

Which policy informs users on how to handle an organization’s confidential or sensitive information?

Answer 14

The main objective of the information security policy is to inform users that there are guidelines that they will be held accountable for while handling sensitive data for the organization. These policies can be broken down into areas such as how employees uses IT assets, how they use the network, and rules about internet usage.

Question 15

Which statement below is not a subject that would be included in an Access Control Policy (ACP)?

Answer 15

Installing a firewall

Question 16

If you want to prevent employees from disclosing sensitive company information, which network security type would be best to implement?

Answer 16

Data loss prevention (DLP) uses pattern recognition to prevent sensitive data from leaving the corporate network.

Question 17

If you are using administrative policies to enhance your network security, which of the following would you NOT be doing?

Answer 17

Scanning emails for viruses

Question 18

Which of the following are NOT a method to deliver network security?

Answer 18

Over the telephone

Question 19

When can a network security hardware appliance stop threats on the network?

Answer 19

When it is installed in line.

Question 20

A multi-layered approach to network security is best because _____.

Answer 20

Different types of network security systems focus on different threats and vulnerabilities

Question 21

Live threat-intelligence helps the firewall to identify and stop _____.

Answer 21

Threats that the firewall may have never seen before.

Question 22

A firewall can be used to direct and control traffic _____.

Answer 22

both coming in and going out of your network

Question 23

What type of firewall can stop more advanced threats, such as tricks devised by hackers to bypass the firewall’s access policy protection?

Answer 23

The next-generation firewall is the latest type of firewall (as of 2016) that can stop the most advanced and evasive threats.

Question 24

What is the maximum number of zones that can be associated to a firewall?

Answer 24

Firewalls can potentially have many of zones associated with them. Simple networks usually have between two and four zones. More complex networks can have hundreds of zones. The more zones that are managed by the firewall, the more complex and enterprise-grade your firewall is likely to be.

Question 25

Which of the following is the purpose of a firewall access policy?

Answer 25

It provides a set of rules that determine who gets in or out of your network and who doesn’t.

Question 26

What is a VPN?

Answer 26

A network that is only accessible with the correct credentials

Question 27

What is required for a VPN to function correctly?

Answer 27

Encryption and authentication protocols

Question 28

What are two types of VPNs?

Answer 28

Site-to-site and remote access

Question 29

What are some of the tunneling protocols that VPNs use?

Answer 29

IPsec and L2TP

Question 30

What service does a VPN solution provide?

Answer 30

Remote access to private network resources

Question 31

A network security policy:

Answer 31

All of these answers are correct

A network security policy defines what needs protecting, includes rules for end users, and management’s objectives for security.

Question 32

A/An _____ specifies proper utilization of company computer resources and how to protect private information.

Answer 32

An acceptable usage policy (AUP) covers proper utilization of company computer resources and how to protect private information.

Question 33

Two of the first steps in developing a network security policy are:

Answer 33

Deciding what assets need protecting and assessing potential vulnerabilities

Question 34

An example of an internal network security threat is:

Answer 34

All of these answers are correct

Internal security threats can include accidental damage, employee theft, and employee misuse.

Question 35

The network security policy is a living document because:

Answer 35

Assets and threats change over time

Question 36

Which of these is an example of the Internet of Things?

Answer 36

A vehicle that can receive updates wirelessly.

Question 37

What is the purpose of the Internet of Things?

Answer 37

To create connections between devices, human and data.

Question 38

What is the Internet of Things?

Answer 38

The connection of everyday devices to the Internet.

The Internet of Things is the connection of everyday devices, like light bulbs and thermostats, to the Internet.

Question 39

This component of the Internet of Things concerns the networking and technology that keeps the Internet of Things functioning.

Answer 39

The infrastructure of the Internet of Things is important for developing ties between devices, humans and data, and making sure the Internet of Things operates effectively.

Question 40

Amazon Go’s grocery store experience without checkout lines is an example of what component of the Internet of Things?

Answer 40

Processes

Question 41

How has the Internet of Things prompted new concerns over security issues?

Answer 41

Devices are not compatible with traditional security measures.

The increase in IoT devices has prompted new concerns over security issues since older methods of security protocols are typically not compatible with new gadgets.

Question 42

IoT devices create more significant security challenges for networks due to all of these concerns EXCEPT which?

Answer 42

They produce an event log.

IoT devices create significant security challenges for networks because they are always on and connected and do not typically issue security alerts if a breach or hack has occurred.

Question 43

Ralph went to the home improvement store and purchased a new smart lock for his home. Which of these common challenges with IoT devices today may Ralph face with his new device?

Answer 43

Mass production concerns.

The mass production of IoT devices, like smart locks, makes it possible for hackers to breach all devices once they’ve breached a single device.

Question 44

A common security concern among organization-owned IoT devices is _____.

Answer 44

Employees accessing them outside network security.

The protection potentially offered in an organization’s network goes away when an employee utilizes an IoT device either in a public setting or at their home, causing the potential for network intrusions.

Question 45

Commonly performed on traditional devices such as computers, _____ are frequently not capable on IoT devices due to memory or unique operating systems.

Answer 45

Security Updates.

Updates, while common on more traditional internet-enabled devices such as computers, are frequently not an option on IoT devices due to memory issues or unique operating systems that won’t support them.

Question 46

A/An _____ specifies proper utilization of company computer resources and how to protect private information.

Answer 46

Acceptable Usage policy

Question 47

Besides a direct attack on a network by a hacker, which security threat below is the next most worrisome

Answer 47

Virus

A virus is the most worrisome because the code is downloaded onto your computer and eventually to your network without your knowledge. Once a virus is installed and activated it replicates itself very quickly and saturates the network. Viruses can be destructive and render a computer or network useless until it is removed.

Question 48

According to network security engineers and other experts in the security field, the likelihood of eliminating all security threats is _____.

Answer 48

Not likely

Question 49

Areas of weakness
Network security threats: types and vulnerabilities
what is a network security policy: procedures and examples