CET_TARDE - Security Fundamentals 2017 - Part 2

Description

Security Fundamentals Quizzes
Hawerth Castro
Quiz by Hawerth Castro, updated more than 1 year ago
Hawerth Castro
Created by Hawerth Castro over 7 years ago
742
0

Resource summary

Question 1

Question
A flood of packets with invalid source-IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack occurred?
Answer
  • Trojan horse
  • Brute force
  • Ping of death
  • SYN flooding

Question 2

Question
What environment would be best suited for a two-firewall network design?
Answer
  • large corporate environment
  • A home environment with 10 or fewer hosts
  • A home environment that needs VPN access
  • A smaller, less congested business environment

Question 3

Question
While surfing the Internet, a user notices a box claiming a prize has been won. The user opens the box unaware that a program is being installed. An intruder now accesses the computer and retrieves personal information. What type of attack occurred?
Answer
  • Worm
  • Virus
  • Trojan horse
  • Denial of service

Question 4

Question
Which two statements are true concerning anti-spam software? (Choose two.)
Answer
  • Anti-spam software can be loaded on either the end-user PC or the ISP server, but not both.
  • When anti-spam software is loaded, legitimate e-mail may be classified as spam by mistake.
  • Installing anti-spam software should be a low priority on the network.
  • Even with anti-spam software installed, users should be careful when opening e-mail attachments.
  • Virus warning e-mails that are not identified as spam via antispam software should be forwarded to other users immediately.

Question 5

Question
What type of advertising is typically annoying and associated with a specific website that is being visited?
Answer
  • Adware
  • Popups
  • Spyware
  • Tracking cookies

Question 6

Question
What part of the security policy states what applications and usages are permitted or denied?
Answer
  • Dentification and authentication
  • Remote access
  • Acceptable use
  • Incident handling

Question 7

Question
To which part of the network does the wireless access point part of a Linksys integrated router connect?
Answer
  • DMZ
  • External
  • Internal
  • A network other than the wired network

Question 8

Question
Identify three techniques used in social engineering. (Choose three.)
Answer
  • Fishing
  • Vishing
  • Phishing
  • Spamming
  • Pretexting
  • Junk mailing

Question 9

Question
What is a widely distributed approach to marketing on the Internet that advertises to as many individual users as possible via IM or e-mail?
Answer
  • Brute force
  • Spam
  • Spyware
  • Tracking cookies

Question 10

Question
Which acronym refers to an area of the network that is accessible by both internal, or trusted, as well as external, or untrusted, host devices?
Answer
  • SPI
  • DMZ
  • ISR
  • ISP

Question 11

Question
During a pretexting event, how is a target typically contacted?
Answer
  • By e-mail
  • By phone
  • In person
  • Through another person

Question 12

Question
What is a major characteristic of a Worm?
Answer
  • Malicious software that copies itself into other executable programs
  • Tricks users into running the infected software
  • A set of computer instructions that lies dormant until triggered by a specific event
  • Exploits vulnerabilities with the intent of propagating itself across a network

Question 13

Question
What term is used to describe a dedicated hardware device that provides firewall services?
Answer
  • Server-based
  • Integrated
  • Personal
  • Appliance-based

Question 14

Question
What best practice relates to wireless access point security?
Answer
  • Activation of a popup stopper
  • A change of the default IP address
  • An update in the antivirus software definitions
  • Physically securing the cable between the access point and client

Question 15

Question
Which statement is true about port forwarding within a Linksys integrated router?
Answer
  • Only external traffic that is destined for specific internal ports is permitted. All other traffic is denied.
  • Only external traffic that is destined for specific internal ports is denied. All other traffic is permitted.
  • Only internal traffic that is destined for specific external ports is permitted. All other traffic is denied.
  • Only internal traffic that is destined for specific external ports is denied. All other traffic is permitted.

Question 16

Question
What statement is true about security configuration on a Linksys integrated router?
Answer
  • A DMZ is not supported.
  • The router is an example of a server-based firewall.
  • The router is an example of an application-based firewall.
  • Internet access can be denied for specific days and times.

Question 17

Question
What is one function that is provided by a vulnerability analysis tool?
Answer
  • It provides various views of possible attack paths.
  • It identifies missing security updates on a computer.
  • It identifies wireless weak points such as rogue access points.
  • It identifies all network devices on the network that do not have a firewall installed.
  • It identifies MAC and IP addresses that have not been authenticated on the network.

Question 18

Question
Which statement is true regarding anti-virus software?
Answer
  • Only e-mail programs need to be protected.
  • Only hard drives can be protected.
  • Only after a virus is known can an anti-virus update be created for it.
  • Only computers with a direct Internet connection need it.

Question 19

Question
Many best practices exist for wired and wireless network security. The list below has one item that is not a best practice. Identify the recommendation that is not a best practice for wired and wireless security.
Answer
  • Periodically update anti-virus software.
  • Be aware of normal network traffic patterns.
  • Periodically update the host operating system.
  • Activate the firewall on a Linksys integrated router.
  • Configure login permissions on the integrated router.
  • Disable the wireless network when a vulnerability analysis is being performed.

Question 20

Question
Refer to the graphic. In the Linksys Security menu, what does the SPI Firewall Protection option Enabled provide?
Answer
  • It prevents packets based on the application that makes the request.
  • It allows packets based on approved internal MAC or IP addresses.
  • It requires that packets coming into the router be responses to internal host requests.
  • It translates an internal address or group of addresses into an outside, public address.

Question 21

Question
Passwords that contain recognizable words are vulnerable to a:
Answer
  • replay attack
  • dictionary attack
  • hashing attack
  • Denial of service attack

Question 22

Question
A digitally signed e-mail message:
Answer
  • is encrypted
  • validates the sender
  • is virus-free
  • validates the recipient

Question 23

Question
Which password attack uses all possible alpha numeric combinations?
Answer
  • dictionary attack
  • social engineering
  • brute force attack
  • rainbow table attack

Question 24

Question
What is the minimum OS to configure BitLocker?
Answer
  • Windows Vista Enterprise
  • Windows 7 Enterprise
  • Windows XP Pro
  • Windows 2000

Question 25

Question
Account lockout policies are used to prevent which type of security attack?
Answer
  • passwords being reused immediately
  • users sharing passwords
  • brute force attacks
  • social engineering

Question 26

Question
A group of users has access to Folder A and all of its contents. You need to prevent some users from accessing a subfolder inside folder A. What should you do first?
Answer
  • Change the owner
  • Hide the folder
  • Block inheritance
  • Disable folder sharing

Question 27

Question
Which enables you to change the permissions on a folder?
Answer
  • Auditing
  • Take ownership
  • Extended attributes
  • Modify

Question 28

Question
You want to make your computer resistant to online hackers and malicious software. What should you do?
Answer
  • Turn on Windows Firewall
  • Configure a forward proxy
  • Enable spam filtering
  • Install anti-virus software

Question 29

Question
The primary purpose of Network Access Protection (NAP) is to prevent:
Answer
  • loss of data from client computers on a network
  • users on a network from installing software
  • unauthorized users from accessing a network
  • non-compliant systems from connection to a network

Question 30

Question
Many Internet sites that you visit require a username and password. How should you secure these passwords?
Answer
  • Enable session caching
  • Save them to a text file
  • Save them to an encrypted file
  • Reuse the same password
  • Configure the browser to save passwords

Question 31

Question
The purpose of a digital certificate is to verify that a:
Answer
  • digital document is complete
  • computer is virus-free
  • private key belongs to a sender
  • public key belongs to a sender

Question 32

Question
In IE8, InPrivate Browsing feature prevents:
Answer
  • unauthorized private data input
  • unencrypted communication between the client computer and the server
  • any session data from being stored on the computer
  • user credentials from being sent over the Internet

Question 33

Question
Physically securing servers prevents:
Answer
  • DOS attacks
  • man-in-the-middle attacks
  • compromise os the certificate chain
  • theft

Question 34

Question
The Windows Firewall protects computers from:
Answer
  • email virus
  • phishing scams
  • unencrypted network access
  • unauthorized network connections

Question 35

Question
Role separation improve server security by:
Answer
  • placing servers on separate VLAN’s
  • enforcing principle of least privilege
  • installing applications on separate hard disk
  • physically separating high security servers from others server

Question 36

Question
Which one of the following describes spam?
Answer
  • Gathering information about a person or organisation without their knowledge.
  • Performing an unauthorised, usually malicious, action such as erasing files.
  • Putting unnecessary load on the network by making copies of files.
  • Sending unwanted bulk messages.

Question 37

Question
Which one of the following can protect a computer from the risk of unwanted emails?
Answer
  • Anti-spam software.
  • Anti-virus software.
  • Anti-spyware software.
  • PC diagnostic software.

Question 38

Question
Which one of the following could lead to the spread of a malicious program?
Answer
  • Using only software that has been checked for viruses.
  • Maintaining regularly updated anti-virus software.
  • Opening only virus-checked file attachments from known sources.
  • Using a USB Flash Drive from an unknown source to exchange data.

Question 39

Question
Which one of the following describes why it is important to update antivirussoftware regularly?
Answer
  • To protect your computer from all known viruses.
  • To ensure the software identifies old viruses.
  • To protect your computer from unwanted bulk messages.
  • To prevent the spread of malicious programs on the Internet.

Question 40

Question
Which one of the following describes what you should do if you receive a chain letter email?
Answer
  • Forward the email.
  • Download it onto your system.
  • Delete the email.
  • Send a read receipt.

Question 41

Question
Which one of the following describes a computer hacker?
Answer
  • A skilled programmer who uses authorised access to exploit information available on a computer.
  • A skilled programmer who secretly invades computers without authorisation.
  • A skilled programmer who writes programs to train new employees.
  • A skilled programmer who helps in the installation of new software for an organisation.

Question 42

Question
Which one of the following describes why firewalls are used?
Answer
  • To prevent unauthorised access by incoming transmissions.
  • To prevent destruction of a computer in the event of a fire.
  • To enable easy downloading of data from web sites.
  • To detect and disable viruses already on a computer.

Question 43

Question
Which one of the following is MOST likely to be a hoax?
Answer
  • An email from a friend you have not seen recently.
  • An email with an attachment sent by a colleague using their personal email address.
  • An email asking you to go to a website for a free computer scan.
  • An email advertisement from a local shop you subscribe to.

Question 44

Question
Which one of the following is the reason that users should log on with ausername and password?
Answer
  • To be aware of who is in the building.
  • To check up on the time-keeping of users.
  • To protect computers against unauthorised use.
  • To enable a personalised greeting for each user.

Question 45

Question
Which one of the following statements about a password is TRUE?
Answer
  • It must be changed only if it is compromised.
  • It cannot contain special character symbols.
  • It must be registered with the system administrator.
  • It should be changed regularly.

Question 46

Question
Which one of the following should be used to change your password?
Answer
  • Control Panel.
  • Anti-virus software.
  • Windows Firewall.
  • Internet Explorer.

Question 47

Question
Which one of the following shows respect for confidentiality of information?
Answer
  • Discussing confidential information over the telephone.
  • Disclosing confidential information only to authorised individuals.
  • Uploading confidential information to a shared web site.
  • Emailing confidential information to a colleague.

Question 48

Question
Which one of the following would be considered the BEST way to store a PIN number?
Answer
  • Keep a written note of it with you bank cards.
  • Store it on your computer.
  • Memorise it.
  • Keep a written note of it in your office drawer.

Question 49

Question
Which one of the following describes why users should lock their computer when leaving their desk?
Answer
  • To prevent unauthorised access to data.
  • To prevent a waste of electricity.
  • To prevent data from getting corrupted.
  • To prevent the computer from malfunctioning.

Question 50

Question
Which one of the following is an example of phishing?
Answer
  • An email warning the recipient of a computer virus threat.
  • An email directing the recipient to forward the email to friends.
  • An email directing the recipient to enter personal details on a fake website.
  • An email directing the recipient to download an attachment.

Question 51

Question
Which one of the following is unsafe online activity?
Answer
  • Using a screen name or nick name that cannot identify you.
  • Meeting someone you met online face-to-face in the company of your parents.
  • Keeping your social network profile private.
  • Giving your home address to someone you met in a chat room.

Question 52

Question
Which one of the following describes a public network?
Answer
  • A network where devices outside the network cannot see or communicate directly with computers on the network.
  • A network where devices outside the network can see but cannot communicate directly with computers on the network.
  • A network where devices outside the network can see and communicate directly with computers on the network.
  • A network where devices outside the network cannot see but can communicate directly with computers on the network.

Question 53

Question
Which one of the following describes how confidential information should be sent using an unsecured network?
Answer
  • In an unsigned email.
  • In an encrypted format.
  • In a compressed format.
  • In an attachment.

Question 54

Question
Which one of the following statements about wireless networks is TRUE?
Answer
  • They cannot be intercepted by unknown users.
  • They limit accessibility to other users.
  • They limit visibility to other users.
  • They can be accessible to other users.

Question 55

Question
Which one of the following is the recommended action to prevent the risk of access to a network by other users?
Answer
  • Disconnect the computer from the network.
  • Complain to the System Administrator.
  • Change the default WEP or WPA access key to one that only you know.
  • Adjust the Internet security settings.

Question 56

Question
Which one of the following describes Bluetooth?
Answer
  • Short-range wired protocol for exchanging data.
  • Short-range wireless protocol for exchanging data.
  • Long-range wireless protocol for exchanging data.
  • Long-range wired protocol for exchanging data.

Question 57

Question
Which one of the following describes why Bluetooth device settings should be adjusted?
Answer
  • To increase the range of the device.
  • To improve the quality of reception.
  • To prevent the risk of unauthorised access.
  • To reduce interference from other devices.

Question 58

Question
Which one of the following would result in the loss of contact details if it were stolen?
Answer
  • Printer
  • Mobile Phone.
  • Modem
  • MP3

Question 59

Question
Which one of the following should you do to ensure that your USB storage device is kept safe and secure?
Answer
  • Only use it in private surroundings.
  • Do not access it using a Bluetooth device.
  • Use firewall software.
  • Never leave it unattended.

Question 60

Question
Which one of the following departments would usually hold guidelines and procedures for the secure use of IT within an organisation?
Answer
  • The IT Department.
  • The Marketing Department.
  • The Sales Department.
  • The Finance Department.

Question 61

Question
Which one of the following describes why you should follow guidelines and procedures while using IT resources in an organisation?
Answer
  • To ensure easy access to information on your computer.
  • To ensure the secure use of IT resources.
  • To ensure the IT Department is able to monitor all activity.
  • To ensure the Finance Department is able to monitor the costs of IT resources.

Question 62

Question
Which one of the following should you approach if you are unsure of the IT security procedure to follow when uninstalling an application on your computer?
Answer
  • A technically well-informed team member.
  • A senior colleague in the Finance Department.
  • The Maintenance Department.
  • The Systems Administrator.

Question 63

Question
Which one of the following describes how a breach in IT security should be reported?
Answer
  • Using the telephone.
  • By emailing to the IT Manager.
  • Using any means of communication.
  • Using the method listed in the organisation’s security policy.

Question 64

Question
Which one of the following describes how to find out about an organisation’s privacy policy?
Answer
  • By reading the office newsletter.
  • By reading the policy in the organisation’s policy manual.
  • By speaking to the Finance Department.
  • By speaking to the Sales Department.

Question 65

Question
Which one of the following would prevent the theft of a laptop?
Answer
  • Anti-virus software.
  • Spyware
  • A security cable.
  • A webcam

Question 66

Question
Bridging is a process of sending packets from source to destination on OSI layer 3. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • Routing
  • Switching
  • Repeating
  • No change is needed.

Question 67

Question
Windows Firewall is a built-in. host-based, stateless firewall. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • Stateful
  • Network layer
  • Packet filter
  • No change is needed

Question 68

Question
The primary purpose of Network Access Protection (NAP) is to prevent:
Answer
  • Loss of data from client computers on a network.
  • Non-compliant systems from connecting to a network.
  • Users on a network from installing software.
  • Unauthorized users from accessing a network.

Question 69

Question
Your company maintains a Web server that is accessible to the public. It should be placed in a/an:
Answer
  • primary DNS zone.
  • enterprise domain.
  • perimeter network.
  • Virtual Private Network (VPN).

Question 70

Question
A network sniffer is software or hardware that:
Answer
  • captures and analyzes network communication.
  • records user activity and transmits it to the server
  • protects workstations from intrusions.
  • catalogs network data to create a secure index

Question 71

Question
Which enables an employee to connect securely to a corporate network by using the Internet?
Answer
  • Virtual Private Networking (VPN)
  • Remote Desktop Protocol (RDP)
  • Network Address Translation (NAT)
  • Network Access Protection (NAP)

Question 72

Question
You are trying to establish communications between a client computer and server. The server is not responding. You confirm that both the client and the server have network connectivity. Which should you check next?
Answer
  • Data Execution Prevention
  • Microsoft Update
  • Active Directory Domains and Trusts
  • Windows Firewall

Question 73

Question
You have an application that communicates by using plain text. You want to secure communications between the application and a server at the network layer. What should you implement?
Answer
  • IPSec
  • SFTP
  • TLS
  • SSH

Question 74

Question
Which technology enables you to filter communications between a program and the Internet?
Answer
  • Antivirus software
  • BitLocker To Go
  • RADIUS Server
  • Software firewall

Question 75

Question
The primary purpose of Network Access Protection (NAP) is to prevent:
Answer
  • loss of data from client computers on a network.
  • non-compliant systems from connecting to a network.
  • unauthorized users from accessing a network.
  • users on a network from installing software.

Question 76

Question
A malicious user who intercepts and modifies communications is known as a:
Answer
  • red hat hacker
  • man-in-the-middle
  • network sniffer.
  • white hate hacker.

Question 77

Question
Which three file system objects can you specify the NTFS permissions for? (Choose three.)
Answer
  • Parents
  • Folders
  • Extensions
  • Files
  • Subfolders

Question 78

Question
You need to prevent unauthorized users from reading a specific file on a portable computer if the portable computer is stolen. What should you implement?
Answer
  • Advanced Encryption Standard (AES)
  • Folder level permissions
  • File-level permissions
  • Distributed File System (DFS)
  • BitLocker

Question 79

Question
Basic security questions used to reset a password are susceptible to:
Answer
  • social engineering.
  • hashing
  • network sniffing.
  • Trojan horses.

Question 80

Question
Which displays a user’s level of access to a particular file or folder on the server?
Answer
  • The Resultant Set of Policy
  • The object's Effective Permission
  • The client computer's registry
  • The object's Advanced Attributes

Question 81

Question
When conducting a security audit, the first step is to:
Answer
  • set up a virus quarantine area.
  • inventory the company's technology assets.
  • set up the system logs to audit security events.
  • install auditing software on your servers.

Question 82

Question
Biometrics are used to:
Answer
  • study hacking behavior.
  • perform security audits.
  • authenticate users.
  • measure the attack surface.

Question 83

Question
A group of users has access to Folder A and all of its contents. You need to prevent some of the users from accessing a sub-folder inside Folder A.
Answer
  • Disable folder sharing
  • Change the owner
  • Block inheritance
  • Hide the folder

Question 84

Question
How can you confirm whether a computer on your network is the target of a brute force attack?
Answer
  • Run the show all access command
  • Use antivirus software to scan the computer
  • Check your Windows folder for unsigned files
  • Check the security log for failed authentication attempts

Question 85

Question
The default password length for a Windows Server domain controller is:
Answer
  • 0
  • 5
  • 7
  • 14

Question 86

Question
Which is the minimum requirements to create BitLocker To Go media on a client computer?
Answer
  • Windows Vista Enterprise Edition
  • Windows 2000 Professional Service Pack 4
  • Windows 7 Enterprise Edition
  • Windows XP Professional Service Pack 3

Question 87

Question
Software designed to infiltrate or damage a computer without the user’s consent is referred to as:
Answer
  • Embedded
  • Freeware
  • Malware
  • Unsigned

Question 88

Question
You need to be able to track file access. Which type of auditing should you implement?
Answer
  • Object access
  • Process tracking
  • Directory services
  • Logon events

Question 89

Question
A solution designed to detect unauthorized user activities, attacks, and network compromises that can also take action to prevent a breach from occurring.
Answer
  • intrusion prevention systems (IPS)
  • intrusion detection systems (IDS)
  • DNS Security Extensions (DNSsec)
  • Unified Threat Management (UTM)

Question 90

Question
A conceptual model, created by the International Organization for Standardization (ISO) to describe a network architecture that allows the passage of data between computer systems. Although never fully utilized as model for a protocol, the OSI model is nonetheless the standard for discussing how networking works.
Answer
  • Secure Content Management (SCM)
  • DMZ (demilitarized zone)
  • stateful inspection
  • Open Systems Interconnect (OSI)

Question 91

Question
A system that is designed to protect a computer or a computer network from network-based attacks. A firewall does this by filtering the data packets that are traversing the network.
Answer
  • Firewall
  • host firewall
  • Honeypot
  • Honey net

Question 92

Question
An attack against the cached information on your DNS server.
Answer
  • Honeypot
  • DNS spoofing
  • DNS poisoning
  • Spoofing

Question 93

Question
The consistency, accuracy, and validity of data or information. One of the goals of a successful information security program is to ensure that data is protected against any unauthorized or accidental changes.
Answer
  • Risk
  • Availability
  • Threat
  • Integrity

Question 94

Question
Answer Area
Answer
  • Yes
  • No
  • Yes
  • No
  • Yes
  • No

Question 95

Question
Answer Area
Answer
  • Yes
  • No
  • Yes
  • No
  • Yes
  • No

Question 96

Question
You are preparing a local audit policy for your workstation. No auditing is enabled. The settings of your policy are shown in the following image:
Answer
  • Audit Account logon events
  • Audit logon events
  • Audit Object access
  • Audit system events
  • Audit process traking
  • Audit logon events

Question 97

Question
To keep third-party content providers from tracking your movements on the web, enable InPrivate Browsing. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • InPrivate Filtering
  • SmartScreen Filter
  • Compatibility Mode
  • No change is needed

Question 98

Question
Humongous Insurance needs to set up a domain controller in a branch office. Unfortunately, the server cannot be sufficiently secured from access by employees in that office, so the company is installing a Primary Domain Controller. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • Read-Only Domain Controller
  • Backup Domain Controller
  • Active Directory Server
  • No change is needed.

Question 99

Question
Dumpster diving refers to a physical threat that a hacker might use to look for information about a computer network. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • Minimum password age
  • Maximum password duration
  • Password complexity
  • No change is needed.

Question 100

Question
Which attack listens to network traffic of a computer resource?
Answer
  • Resource gathering
  • Denial of service
  • ARP poisoning
  • Eavesdropping
  • Logic bomb

Question 101

Question
To implement WPA2 Enterprise, you would need a/an:
Answer
  • RADIUS server
  • SSL server
  • WEP server
  • VPN server

Question 102

Question
The company that you work for wants to set up a secure network, but they do not have any servers. Which three security methods require the use of a server? (Choose three.)
Answer
  • 802.1x
  • WPA2 Personal
  • WPA2 Enterprise
  • RADIUS
  • 802.11ac

Question 103

Question
You suspect a user’s computer is infected by a virus. What should you do first?
Answer
  • Restart the computer in safe mode
  • Replace the computer’s hard disk drive
  • Disconnect the computer from the network
  • Install antivirus software on the computer

Question 104

Question
Malware is any kind of unwanted software that is installed without your consent. Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.
Answer
  • Viruses are
  • Worms are
  • Trojans are
  • No change is needed.

Question 105

Question
You need to be able to track file access. Which type of auditing should you implement?
Answer
  • Object access
  • Directory services
  • Logon events
  • Process tracking

Question 106

Question
Which networking protocol provides centralized authentication, authorization and accounting?
Answer
  • SMTP
  • RADIUS
  • HTTPS
  • OpenID

Question 107

Question
A Virtual Private Network (VPN) is a/an:
Answer
  • Tunnel that prevents information that passes through it from being modified or stolen
  • Perimeter network that contains secure virtual servers
  • Virtual communication method that stores data transmitted in private environment
  • Intrusion Prevention System that filters unauthorized communications in the enterprise network

Question 108

Question
Kerberos prevents (Choose two):
Answer
  • File corruption
  • Spyware distribution
  • Replay attacks
  • Eavesdropping
  • Denial of Service attacks

Question 109

Question
You are network administrator. All computers run the Microsoft Internet Explorer browser. You need to prevent web cookies from being saved. What you should you enforce?
Answer
  • SmartScreen Filter (ajuda a identificar sites de phishing e de software maligno)
  • InPrivate Browsing
  • Antivirus protection
  • Cross-Site Scripting Filter (ficheiros HTML)

Question 110

Question
What are three ways you can reduce the number of opportunities that attackers have to exploit potential weaknesses or vulnerabilities? (Choose three)
Answer
  • Employ content filtering for web browsers
  • Restrict access to system services
  • Employ layered defenses
  • Apply the principle of least privilege
  • Elevate all accounts to administrator accounts

Question 111

Question
8. For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point. -A wireless MAC filter list allows only specified devices to receive packets sent from an access point [blank_start]NO[blank_end] -A wireless MAC filter list can be used to either allow or deny access to the wireless network [blank_start]YES[blank_end] -A wireless MAC filter list automatically applies encryption to a connection [blank_start]NO[blank_end]
Answer
  • YES
  • NO
  • YES
  • NO
  • YES
  • NO

Question 112

Question
Encrypting a hard disk is an example of ensuring:
Answer
  • Least privilege
  • Confidentiality
  • Integrity
  • Security by default

Question 113

Question
Installing uninterruptible power sources to your servers is an example of ensuring:
Answer
  • Integrity
  • Availability
  • Accessibility
  • A backup strategy

Question 114

Question
Media Access Control (MAC) filtering enables you to:
Answer
  • Set access permission to a shared folder
  • Limit access to a network based on the client computer’s network adapter
  • Prevent communications between specific IP addresses
  • Restrict communications to specific website

Question 115

Question
Settings a database to run on a cluster of servers is an example of applying:
Answer
  • Accessibility
  • Confidentiality
  • Availability
  • Integrity

Question 116

Question
You have a new computer and want to restrict other people from replacing the operating system. Which action prevents a user from installing an alternate operating system by using physical media if the user has physical access to the computer.
Answer
  • Password protecting the computer BIOS
  • Removing the user from the administrators group
  • Installing drive-level encryption
  • Disabling removable devices and drives

Question 117

Question
You need to give a standard user permission to run a program as an administrator. How should you set up the program shortcut to accomplish this?
Answer
  • In a different Compatibility Mode
  • By using a smart card
  • In a separate memory space
  • By utilizing RunAs

Question 118

Question
Your anti-spam program is blocking emails from a particular sender. your company needs to receive emails from this sender. What should you do?
Answer
  • Add the email address to the whitelist
  • Accept RSS feeds from their domain
  • List the sender’s email address in DNS
  • Reconfigure the SMS Gateway

Question 119

Question
You want to prevent external users from acquiring information about your network. You should implement a:
Answer
  • Proxy server
  • Firewall
  • Layer-3 switch
  • Router

Question 120

Question
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point. Securing network communication through IPSec packet signing ensures data integrity while in transit [blank_start]YES[blank_end] IPSec packet ensures that the data is invulnerable to eavesdropping attacks [blank_start]YES[blank_end] Most websites use IPSec to secure communications between their web servers and client web browsers. [blank_start]NO[blank_end]
Answer
  • YES
  • NO
  • YES
  • NO
  • YES
  • NO

Question 121

Question
You have an application that communicates by using plain text. You want to secure communications between the application and server at the network layer. What should you implement?
Answer
  • SFTP
  • SSH
  • IPSec
  • TLS

Question 122

Question
The process of creating a barrier between domain members and non-domain members by using IPSec policies is referred to as:
Answer
  • Server isolation
  • Domain isolation
  • Server filtering
  • Domain filtering

Question 123

Question
An authentication protocol used by Windows stand-alone systems is:
Answer
  • SMB
  • NTLM
  • NetBIOS
  • EAP
  • Kerberos

Question 124

Question
An authentication protocol widely used in 802.11 environments is:
Answer
  • SMB
  • NTLM
  • NetBIOS
  • EAP
  • Kerberos

Question 125

Question
A strong authentication protocol preferred by Windows Server 2012 R2 is:
Answer
  • SMB
  • NTLM
  • NetBIOS
  • EAP
  • Kerberos
Show full summary Hide full summary

Similar

CET_TARDE - Security Fundamentals 2017 - Part 1
Hawerth Castro
CET_TARDE - Security Fundamentals 2017 - Preparing for the certified
Hawerth Castro
Introdução ao Microsoft Word
Roberto Becker
CET_TARDE - Security Fundamentals 2017 - Part 1
Filipe Lopes
SALESFORCE ADM-201 Certification Exam 1
Hawerth Castro
SALESFORCE ADM-201 Certification Exam 2
Hawerth Castro
Microsoft Word 2010 - Aulas 05 e 06
Jaqueline Oliveira
SALESFORCE ADM-201 Certification Exam 7
Hawerth Castro
CET_TARDE - MTA HTML5 Application Development Fundamentals 2
Hawerth Castro
SALESFORCE DEV-401 Certification Evaluation 1
Hawerth Castro
Microsoft Word 2010 Aula 01 e 02
Jaqueline Oliveira