CET_TARDE - Security Fundamentals 2017 - Part 1

Which type of malware can copy itself and infect a computer without the user’s consent or knowledge?

What type of self-replicating program copies itself to other computers on a network without any user intervention and consumes bandwidth and computer resources?

What malware looks like a useful or desired executable program but is in reality program that is supposed to cause harm to your computer or steal information from your computer?

What malware collects a user’s personal information or details about your browsing habits without your knowledge?

What malware gives administrator-level control over a computer system?

What software component comes with Windows Vista and Windows 7 to defend against spyware?

What do you call a message warning you to delete an essential Windows file?

What server can be used to install Windows updates for your organization?

What do you call multiple Windows updates that have been packaged together as one installation and are well tested?

What Windows feature notifies you when something tries to make changes to your computer without your knowledge?

What host firewall is included with Windows 7?

What do you call unsolicited junk email?

What email validation system is designed to stop spam that uses source address spoofing?

What do spammers and hackers look for when they want to send email through your network?

Which tab in Internet Explorer settings would you use to delete history and cookies?

Which Internet Explorer zone is the least secure?

What technique is used to send you to a fake, but realistic-looking, website to verify your account information?

Which of the following terms indicates that information is to be read only by those people for whom it is intended?

What technology is not used to implement confidentiality?

Which of the following makes sure that data is not changed when it not supposed to be?

Which of the following is not a response when dealing with a risk?

What do you call the security discipline that requires that a user is given no more privilege necessary to perform his or her job?

What do you call the scope that hacker can use to break into a system?

What method used by a hacker relies on the trusting nature of the person being attacked?

What is the best way to protect against social engineering?

What is needed to highly secure a system?

What is the first line of defense when setting up a network?

Which concept determines what resources users can access after they log on?

What is used to provide protection when one line of defense is breached?

What is used to identify a person before giving access?

What is used to verify that an administrator is not accessing data that he should not be accessing?

What type of device can be easily lost or stolen or can be used for espionage?

What is a physical or logical device used to capture keystrokes?

In dealing with risks, which response is done by buying insurance to protect your bottom line if such a disaster or threat is realized?

What type of device isolates a network by filtering the packets that can enter it?

What seven-layer model is often used to describe networking technologies and services?

On which OSI layer do routers function?

On which OSI layer do TCP and UDP function?

What OSI layer do switches and bridges use?

What port does SMTP use?

What port does LDAP use?

What type of firewall filters packets based on IP address and ports?

What type of firewall is also known as a proxy server?

What type of firewall looks at the previous conversations to determine if a packet should enter a network?

What Microsoft technology can verify that a client has the newest Windows updates and has an updated antivirus software package before being allowed access to the network?

What technology can you use to isolate a network of servers so that they cannot interact with other servers?

What type of device looks at a packet and forwards it based on its destination IP address?

Which type of routing protocol sends the entire routing table to its neighbors?

Which type of system detects unauthorized intruders and then takes action to stop them from proceeding?

What type of server would you install that would be used to trap a hacker?

What special area serves as a buffer area between the Internet and the internal network and can be used to hold web servers that are accessed from the Internet?

How many firewalls would you use to create a sandwich DMZ?

You have several Internet web servers that need to communicate with a SQL server. Where would you place the SQL server?

Which of the following servers would you not place on the DMZ?

What technology allows a user at home to connect to the corporate network?

Which IPsec protocol provides integrity protection for packet headers, data, and user authentication but does not encrypt the data load?

What is the process of identifying an individual?

What do you call the process in which a user is identified via a username and password?

What is the process of giving individual access to a system or resource?

What is the process of keeping track of a user’s activity?

What process prevents someone from denying that she accessed a resource?

Which of the following is a secret numeric password used for authentication?

What type of electronic document contains a public key?

What item, about the size of a credit card, allows access to a network and its resources?

What type of authentication method identifies and recognizes people based on physical traits such as fingerprints?

What authentication type is the default for Active Directory?

What directory service is used with Windows domains?

What type of server runs Active Directory?

When you access permissions to a folder, you should first grant permissions to __________ rather than users.

When you create a local user on a computer running in Windows 7, where is the user account stored?

Which type of group can be granted rights and permissions?

What authorizes a user to perform certain actions in Windows such as logging on or performing a backup?

When you grant access to print to a printer, what are you granting?

Where are users and permissions stored for an NTFS folder?

What type of permissions are assigned directly to a file or folder?

What is the process of converting data into a format that cannot be read by another user?

Which authentication sends the username and password in plain text?

In Windows, what do you use to enable auditing?

A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

Which physical security technology can hold user authentication information, include software license protection, provide encryption, and provide hardware and software authentication that is specific to the host system?

In which situation would a computer technician use the fixmbr command at the command prompt of a Windows XP computer to resolve a security issue?

All users working with a particular Windows 7 computer are able to install unauthorized software. In addition to educating the users about correct security behavior, which action should also be performed to solve this issue?

You want to dispose of a 2.5 terabyte hard drive that contains confidential financial information. What is the recommended procedure to achieve this?

What is the most effective way of securing wireless traffic?

Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?

What does a malware detection program look for when running a scan?

Port triggering has been configured on a wireless router. Port 25 has been defined as the trigger port and port 113 as an open port. What effect does this have on network traffic?

What is the primary goal of a DoS attack?

Which question would be an example of an open-ended question that a technician might ask when troubleshooting a security issue?

Which action would help a technician to determine if a denial of service attack is being caused by malware on a host?

A technician is troubleshooting a computer security issue. The computer was compromised by an attacker as a result of the user having a weak password. Which action should the technician take as a preventive measure against this type of attack happening in the future?

A user has reported that a computer web browser will not display the correct home page even if the default page is reset. What is the likely cause of this problem?