Network security

Which controls are looked at as technical controls?

Which controls are looked at as technical controls?

Firewall and Intrusion Detection System (IDS)

Which type of injection attack uses keywords such as SELECT and UPDATE to manipulate data through a web form?

SQL injection

An end user calls the help desk complaining about a web page not loading the most current data for the page unless the user refreshes the page.

What should the help desk agent have the user do first?

Clear out the cache

When one suspects a device has been affected by malware, what is the first step that should be taken to remediate the device?

Disconnect the device from the network

A good Audit Plan may collect both successful and failed events.

True

Audit events take up computer resources and personnel time, so you should be selective about the events to audit.

True

You should always audit log-on successes.

False

[Spoofing] redirects Internet traffic from one website to an identical-looking site in order to trick you into entering your username and password into their database.

Pharming

What must take place for someone trying to enter a physical area of a building before access control takes place?

Authentication

MAC Filtering is best suited for large wireless networks.

False, Mac Filtering is best suited for small wireless networks.

WEP is the strongest form of encryption for a wireless network.

False, its WAP

WPA/WPA2 can require an authentication server.

True, if using 802.1x mode

One of the layers of defense in the anti-phishing and malware protection strategies developed by Microsoft is ___.

SmartScreen Filter

One ways you can protect your computer from hackers and malicious software is to use ___.

Windows Firewall

What is considered the minimum length of a good password?

Eight characters

While launching a diagnostic software package, you select to RunAs Admin, this action grants the executioner the ___ permissions.

Least restrictive

If you were to launch a diagnostic software package without selecting RunAs Admin, this action grants the executioner the ___ permissions.

Most restrictive

___ allows multiple computers on an internal network to share one public IP address.

Network Address Translation (NAT)

Which type of VPN will often have a user connect through a web browser?

Secure Sockets Layer (SSL)

Which type of VPN connection usually connects two business entities?

Site-to-Site

What email filtering technique uses a list of verified DNS domains to verify that an email is coming from a trusted IP address?

Sender Policy Framework (SPF)

Applications-level firewalls can provide content filtering and virus protection.

True

Application-level firewalls support caching.

True

Application-level firewalls tend to be less resource intensive than that of a traditional firewall.

False

Which of the following are NTFS permissions?

Read, Write, Modify

Which protocols are considered unsecure and should be avoided in a server enviroment?

Password Authentication Protocol (PAP) and Telnet

Which type of DNS record contains an IP address that is then used to look up an associated host or domain name?

Pointer Record (PTR)

IPSec encrypts data packets using AH.

False

IPSec is a set of protocols that protects data transmission between hosts by providing authentication and privacy.

True

IPSec is used to create a secure tunnel between two computing devices.

False

IPSec uses digital signatures to create a chain of authority.

False

Which of the following would be considered to be the strongest password?

j0hn$m1T

Your IT department is getting a barrage of calls from users saying that their pop-up blockers are not blocking ads for huge discounts on software. Upon further research, you also determine that your current malware signature files are not sufficient for removing this nuisance from your systems.

Which type of attack is taking place?

Adware

Your IT department is getting a barrage of calls from users saying that their pop-up blockers are not blocking ads for huge discounts on software. Upon further research, you also determine that your current malware signature files are not sufficient for removing this nuisance from your systems.

Which characteristic of the attack indicates that it is not being eradicated by antimalware programs?

Zero-day

A certificate authority provides keys used in digital certificates for authentication.

True

In a Public Key Infrastructure, the public key encrypts data, and a corresponding key decrypts it.

False

In Digital Signatures, the sender uses a secret key to create a unique electronic number that can be read by anyone possessing the corresponding public key, which verifies that the message is from the sender.

True

Forging a fake sender address within a email message is an example of ___.

Spoofing

Where do most computers obtain a Media Access Control (MAC) address?

Network Interface

The tool used to view audit logs is Event Viewer.

True

You can audit logon failures to warn of hacking attacks.

True

You cannot limit the size of audit logs.

False

Encrypting a document as it travels across a network.

Confidentialilty

Verifying the sender of a document.

Integrity

Ensuring the Sales department can access a document.

Availability

Users have an FC key and wants to access a Public folder in the NTFS volume. File A needs an R key and File B needs a FC key.

Members of the Users group have ___ permission to File A.

Read Only

Users have an FC key and wants to access a Public folder in the NTFS volume. File A needs an R key and File B needs a FC key.

Members of the Users group have ___ permissions to File B.

Full Control

Backs up all files and resets the archive bit.

Full

Backs up all changed files since the last full or incremental backup.

Incremental

Backs up all changed files since the last full backup.

Differential

Which protocol should be allowed only on email servers used to send email and should be blocked on all other servers and client machines?

Simple Mail Transfer Protocol (SMTP)

How can wireless network best be set up to allow only specific devices onto the network?

MAC address filtering

A Network Sniffer can easily obtain ___.

Unencrypted passwords

Which Windows app is used to help protect a device against malware?

Windows Defender

Which of the following are advanced permissions in NTFS?

Change Permissions and Take Ownership

BitLocker, when possible, stores the encryption key on computer's ___.

Trusted Platform Module (TPM)

___ is an authentication method that identifies individuals based on physical characteristics such as fingerprints, facial recognition, retina scans, or voice patterns.

Biometrics

A junior administrator asks you what it means to harden a server.

Uninstall unnecessary features and Disable unnecessary services

To best protect servers, which of the following options is considered a best practice on how services are used on servers?

Spread out the services among servers

Malware that steals and encrypts data and demands money for the return of the data is known as what type of malware?

Ransomware

Which three characteristics describes worms?

Typically does not corrupt/modify files, Uses system resources, and is a self-replicating program that copies itself to other computers without user intervention.

Which password policy prohibits reusing the same password?

History policy

Which protocols are used to encrypt emails?

Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extension (S/MIME)

The process of eliminating a risk by choosing not to participate in an action or activity which of the following?

Risk avoidance

A junior administrator notices, when looking at a folder's permissions, gray checkboxes in the Allow column for a group's permissions.

What do the gray checkboxes represent?

The permissions are inherited.

Where are the password policies established for an Active Directory domain?

Group Policy

Where are the password policies established for an Active Directory domain?

Which control is an administrative control?

Acceptable Use Policy (AUP) and Disaster Recovery Plan (DRP)

Which control is an technical control?

Intrusion Prevention System (IPS)

Which type of backup backs up all changed files since the last full backup?

Differential

Regarding private browsing, history is not saved.

True

Regarding private browsing, if in the workplace, the workplace does not know which sites one visited while browsing in private browsing.

False

Regarding private browsing, an internet service provider will not know the sites one visited while private browsing.

False

Security Compliance Manager is an example of a ___.

Tool for desktop, datacenter, and cloud configurations

Which Windows Registry hive stores file extensions for applications?

HKEY_CLASSES_ROOT

Which Windows Registry hive stores current settings on the current user and computer, respectively.

HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE

Which Windows Registry hive stores runtime information.

HKEY_CURRENT_CONFIGURATION

A ___ is a computer used to trap hackers and distract them from real targets when the hackers are trying to attack a network.

Honeypot

BitLocker will use software-based encryption ___ a TPM on a device.

in the absence of

When you monitor the packet traffic, you notice a very high volume of packets being sent from three computers in the HR Department.

The scenario demonstrate is a ___ attack.

Denial of Service

When you monitor the packet traffic, you notice a very high volume of packets being sent from three computers in the HR Department.

You should ___ to avoid this type of attack.

Run antivirus software on all computers

Which type of malware gains administrator-level access of a system and targets items such as the BIOS, hypervisor, and kernal?

Rootkit

Asymmetric encryption uses a single key to perform encryption and decryption.

False

DES is an asymmetric encryption algorithm.

False

RSA is an asymmetric encryption algorithm.

True

___ monitors packet traffic on a network and reports the sender, destination, and type of packet.

A network sniffer

DNSSEC helps prevent pharming and man-in-the-middle attacks.

True

DNSSEC is proprietary to Microsoft Domain Name Servers.

False

DNSSEC uses a digital signature to create a chain of authority.

True

Which Internet technology poses the greatest risk to a user?

ActiveX Controls