CPT-257 Midterm Part 2

\______________________________ is looking for useful information in someone's trash to help create a convincing impersonation of an individual or company to aid in a malicious attack. (two word answer)

dumpster diving

an \____[a]\_____ use policy (AUP), explains what users can and cannot do on the corporate network or with company data and explains the penalties for \_____[b]\_____.

a
Acceptable
b
violations

Scenario:

Roger's company is trying to increase the level of security for its network.
Roger is researching ways to increase the security by making passwords more complex.
What can Roger change in Windows to require more complex passwords?

Password Policy

When an individual or organization purchases the right to install one instance of software, the license is called a \_____[a]\_____ license.

By purchasing a \_____[b]\_____ license a company can obtain the right to multiple installations of software.

personal

site

When an attacker presents a program or himself as someone else to obtain private information and pretends to be a legitimate website, network, FTP site, or person in a chat session, what type of attack is occurring?

man-in-the-middle

UEFI secure boot is especially designed to catch \___________ that launch during the boot.

Rootkits

Scenario:

Currently James's company is using RADIUS for AAA services to connect wireless users to the Windows Active Directory domain.
However, the company wants to upgrade to a Cisco-based wireless network and would like to upgrade the older RADIUS. ​
What will James recommend as an upgrade to RADIUS?

TACACS+

What command can be used to take full access of a file?

icacls

Scenario:

Your company CEO is traveling on vacation (without electronics) and is worried that his laptop will be taken from his office .
Which type of device will ensure that the laptop will not be stolen while he travels?

Cable lock

Scenario:

Lana has just taken a job as an IT professional in Europe and would like to get a head start on what to expect.
What regulated data would you recommend that she research?

GDPR

What device provides a strong magnetic field used to completely erase data on a hard drive or tape drive?

degausser

Anti-malware software relies on what sort of update in order to define or detect malware as it gets into the wild?

malware signatures

A person that secretly peaks at your monitor screen while you work may be doing what?

Shoulder surfing

A root certificate is the original certificate issued by the CA.

True

Scenario:

Jackson has completed remediation of a virus-infected system.
He eliminated all the startup program issues and uninstalled several browser add-ons.
Jackson has scheduled scans to be performed daily and has run updates on Windows and the anti-malware program.
He has enabled System Restore and created a new restore point.
What should Jackson do to complete the malware removal process (as described in our reading)?

Educate the end user.

Scenario:

Gwen has discovered a program that has copied itself throughout the network.
The program does not appear to have a host program and is overloading the network as it replicates.
It has even installed a web server on the network and is allowing other computers to connect.
What type of malware has Gwen discovered?

Worm

A \_______________ attack is when a hacker discovers a security hole in software that is unknown to the developer of the software or when a hacker takes advantage of a recently reported gap in software security before users apply patches released by the developer.

Zero-day

A \______________________ system has two doors. The first door is where people enter and show their ID; the second door is the one they pass through after it is verified that they have access to the facility.

Mantrap

Documentation for evidence which includes exactly what, when, and from whom evidence was collected, the condition of this evidence, and how the evidence was secured while it was in your possession, is know by what term?

Chain of custody

Scenario:

A customer called Derek to complain that her computer was running slow, so he went to the client work area and started troubleshooting the problem.
Derek ran the Disk Defragmenter and Disk Clean-up utilities. He checked the processes running in Task Manger.
Derek found that the CPU was running several processes.
While Derek was looking at Task Manager, the computer crashed.
Derek restarted the computer and noticed a long load time for Windows.
Derek checked Task Manager and saw several processes that he did not recognize.
What should Derek perform next on the client's computer?

Run a virus scan

Scenario:

Your company has decided that security is very important and wants to add a second security check that will identify its employees while they are logging in to their computers.
What type of security do you recommend?

Biometric locks

The best defense against ransomware is to keep backups of data file versions in a location that is not accessible from File Explorer.

True

\_________________ holds your computer system hostage until you pay money.

Ransomware

Scenario:

Jerry has received an email on his company's email system.
The email is in regard to a new update the company plans to implement.
The administrators are requesting that everyone send their username and password so that the administrators can compile a list and avoid having everyone change their passwords.
What type of attack is this?

Spear phishing

Scenario:

Hector is trying to use Windows Defender to run an antivirus scan.
Windows Defender refuses to run.
When he opens the Action Center, Hector realizes that Windows Defender has been disabled and another antivirus software is running.
Hector does not recognize the other antivirus software. ​
What type attack has infected Hector's computer?

Rogue antivirus

A coworker received this email message today.
What happened to the coworker's computer?

Danny has received a fake security alert pop-up.

If your Internet home page has changed and a strange-looking search engine appears when you try to search the Internet, what type of attack are you experiencing?

A redirect virus.

What inputs would be considered to be part of a biometric device? (Choose all that apply.)

face
fingerprint
handprint
retina
voice

The \___________________________ (PCI) standards were defined to help prevent credit card fraud and are backed by all the major credit card brands. (three word answer)

Payment Card Industry

software installed on a computer that produces pop-up ads using your browser

Adware

a code used to identify and authenticate a person or organization sending data over a network

digital certificate

A program that is potentially harmful or potentially unwanted

grayware

type of spyware that tracks your keystrokes, including passwords

Keylogger

an attack that can be used to crack a long password by trying words and word combinations

Dictionary attack

the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer

Social engineering

when someone who is unauthorized follows the employee through a secured entrance to a room or building

Tailgating

A type of malware that tricks you into opening it by substituting itself for a legitimate program

Trojan

a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge

zombie

an infestation designed to copy itself repeatedly to memory, on drive space, or on a network

worm

What type of malware can hijack internal Windows components and often goes undetected because it is already loaded when the antivirus software loads?

Rootkit

Scenario:

Kevin recently discovered that unknown processes are running in the background on his company's web server.
During a performance review, he also noticed that the CPU is working at 80% during downtimes.
Kevin believes that software is running in the background and causing the CPU to run at such a high percentage.
Kevin discovers that his server along with several other computers in the company have been used to perform a DDoS on another website.
What type of attack occurred

Botnet

\__________________________ management is used to keep track of hardware devices and software installed on systems.

This documentation will help with determining where computers are located and will allow an organization to do upgrades more efficiently.

inventory

A \______________ attack happens when multiple computers attack and overwhelm a computer or network with requests or traffic until new connections can no longer be accepted.

DDoS

A \_____________________ plan that defines the activities needed to recover to the original state in the event of an aborted or failed change implementation.

back out

Turn off System Protection when attempting to get rid of malware.

True

Scenario:

Samantha is having an issue with Windows crashing and believes that malicious software is causing it to crash.
Samantha also has received application errors that have cause the applications to close.
Which event log in the Event Viewer can Samantha inspect to see if malicious software is causing the Windows system to crash and the application errors, system errors, and other types of errors?

System logs

What term best defines tricking someone into thinking an imitation of a website or email message is legitimate?

Spoofing

Scenario:

Christian has malware that is preventing him from installing anti-malware on his laptop.
What can Christian try if he does not have another computer available to run the anti-malware program?

Try to install in Safe Mode.

Scenario:

Jennifer's company currently uses Windows Active Directory to provide centralized authentication, authorization, and accounting to manage users on its network.
The company uses a wireless network and an earlier authentication service on the server to authenticate end users accessing resources on the network. ​
What type of service is Jennifer's company using?

RADIUS

CryptoLocker is an example of what type of malware?

Ransomware

If you receive this error when trying to go to a website, where can you go in Windows to verify the certificate settings for the website?

Certificate Manager

Scenario:

Recently, Jessica has been receiving reports at the help desk that clients cannot log in to their computers and need to rest their passwords.
After checking the log file, Jessica decided to ask one client who had recently changed his password, why he decided to change it.
The client reported that someone from the help desk had called him and asked him for his password two days ago.
He gave the caller the password, and now he can't log in to his system.
Jessica has discovered that the client was a victim of social engineering.
What can the company do to prevent this from happening again?

Educate users.

Scenario:

Nick works for a software development company that has just created a new application that will revolutionize the computer security industry.
Nick's company owns the patent for the software and has a copyright for the software.
The company would like to sell this new software but they are concerned about someone pirating the software.
What can Nick's company use to prevent software piracy?

DRM (digital rights management)

Scenario:

Becky has been assigned to help with a major change to her company's accounts database.
During the time of the change, Becky notices that her task will need to be modified to complete the change.
Instead of telling her supervisor, she determines that the minor detail must have been overlooked and fixes what she believes is the problem.
The minor detail that Becky did not tell her supervisor causes the change to fail.
What is Becky's mistake called?

Out of scope modification

A \___________________________________ will show how nodes are physically or logically connected to the network.

Network topology diagram

\________ is a type of identity theft in which the sender of an email hoax scams you into responding with personal data about yourself.

Phishing

You should beware of a person attempting to use your computer after you step away from it, a term referred to as which of the following?

Tailgating

Scenario:

Jerry was recently contacted by a coworker who received an email that seemed suspicious.
Jerry investigated her email account and noticed that she had been sending hundreds of emails every day for a week.
He also noticed that this problem started after the coworker sent a reply email agreeing to participate in a contest to win a free car wash. ​
What happened to the coworker's email account?

Her email was hijacked.

Scenario:

Your company has decided that security is very important and wants to add a second security check when workers are logging in to their computers.
The company issued key fobs to all the employees.
The key fob generates a code for them to enter when logging in to the computer.
What type of security is your company using?

Hardware token

Scenario:

Your company has decided to replace several hundred hard drives.
It would like to donate the old hard drives to a local school system that will use them to increase storage on systems for students.
However, the company also wants to make sure the hard drives are completely wiped before donating them.
Which disposal method will NOT allow the company to recycle the device? (Select all that apply.)

Incineration
Shredder
Degaussing

Scenario:

Joann turned on her Windows 10 computer today, and while the computer was booting up, it shut down.
She restarted the computer and it booted fine but ran slowly.
She opened Task Manager and noticed that her CPU was running at 98% capacity and her network at 75% capacity.
When she checked to see what process was using so much network connectivity, she received a message saying that access to the process was denied.
Based on these indicators, what should Joann do with her computer? (Select all that apply

Check the file permissions.
Disconnect from the network.
Run antivirus software.

A Trojan is often embedded in the files of legitimate software that is downloaded from an \____________ website, or a user is tricked into opening an email attachment. (one word answer)

untrustworthy

Scenario:

Jeff owns a health care company that sells medical supplies.
The company bills health insurance companies for their customers.
They are required by the insurance companies to complete paperwork that includes personal and health information.
What type of regulated data does Jeff's company need to secure?

PHI

Scenario:

Zach believes someone is trying to log in to a computer system in order to gain access to the company's network.
He wants to use Windows to determine if that is the case.
Where can Zach go to check the security logs?

Event Viewer

Scenario:

Alexandria works for a non-for-profit company that asks for donations to help the homeless people in her community.
Recently the database that holds all the contact information about the donners was hacked, and all the data was copied.
What type of data was taken?

PII

Scenario:

Tracy works for an insurance company that recently received so much spam that the email server became overwhelmed and shut down.
Tracy's supervisor has asked her to make sure this does not happen again.
What is the first thing Tracy should do to prevent this problem from happening again?

Email filtering

Scenario:

David would like to add extra security to his network device.
He is afraid that someone might try and connect an unauthorized device to the network via an open network drop. ​
What type of security can David deploy to prevent this type of security issue from occurring?

MAC filtering

Scenario:

James has a USB flash drive that he has used at work.
The drive needs to be thrown away, but James wants to make sure that the data is no longer on the drive before he throws it away. ​
What can James use to wipe the data clean? (Select TWO.)

a.
Smash the USB drive

c.
ATA Secure Erase

An \__________________________ determines what user, device, or program has access to a particular resource. (three word answer)

Access Control List