1.A fingerprint reader is an example of which security technology?
authorization
*biometric
keylogging
secureware
smartcard
2.Which wireless security technology is a good choice when using Cisco equipment in conjunction with operating systems such as Windows and Linux?
*LEAP
WEP
WPA
WTLS
3.Which type of program causes banners and ads to appear on the desktop without any user intervention?
*adware
spyware
stealth virus
trojan horse
4.Which three suggestions are good security password policies that a company or individual should follow? (Choose three.)
Only letter characters should be used in the password.
Password length should be limited to five characters.
*Passwords should have an expiration period.
*Password lockout should be enabled.
*A mix of letters, numbers, and other characters should be used.
Users should keep a log of their different passwords.
5.What are two examples of malware? (Choose two.)
registry cleaner
pop-up blocker
*spyware
e-mail
*grayware
6.Which two characteristics describe a worm? (Choose two.)
Executes when software is run on a computer.
*Is self-replicating.
Hides in a dormant state until needed by an attacker.
Infects computers by attaching to software code.
*Travels to new computers without any intervention or knowledge of the user.
7.An employee for a small company inadvertently allows a visitor to see their username and password. At home, the visitor then uses this information to gain access to the company network. This is an example of what type of threat?
man-in-the-middle
phishing
physical
*social engineering
spoofing
8.Which is the best procedure to secure a laptop left at the office while the user is away for an extended period of time?
Secure by a security cable wrapped around the leg of the user's desk.
Put the laptop in a desk drawer in the locked office of the user.
*Place the laptop in a locked security cage designed to store computer equipment.
Place the laptop in the office of the supervisor.
9.Where is the safest place to store backups?
portable lock box
locked telecommunications room
locked server room
*offsite secure facility
10.What is the best method for a company to secure data being transmitted across the Internet between remote sites?
Use plain text in an e-mail.
Use a shared server with an encrypted password on the file.
Use computers secured with smartcard authentication.
*Use a VPN connection.
11.Which threat to security uses traffic from zombie computers to overwhelm servers?
DoS
*DDoS
phishing
spoofing
SYN flood
12.Which two statements are true about username and password standards? (Choose two.)
*The username naming convention should be kept simple.
Usernames should expire periodically.
The passwords should be kept simple and easy to remember.
*Rules about password expiration and lockout should be defined.
BIOS passwords should be given to users to enable them to configure their computer.
13.When setting up a new wireless access point, which basic security measure should be taken?
*Disable SSID broadcast.
Enable SSID broadcast.
Broadcast the default SSID.
Broadcast a unique SSID.
14.What must be done to ensure that the anti-virus software on a computer is able to detect and eradicate the most recent viruses?
*Download the latest signature files on a regular basis.
Schedule a scan once a week.
Schedule anti-virus updates using Windows Task Manager.
Follow the firewall configuration guidelines on the anti-virus manufacturer website.
15.Which two items can be downloaded from the Microsoft website to help protect Windows XP? (Choose two.)
ROM upgrades
*service packs
*security patches
BIOS upgrades
DirectX updates
16.A bank is upgrading the hard drives in a server. What should be done to the old hard drives to permanently remove any confidential data?
Delete the files containing the confidential data.
Reformat the hard drives.
Expose the hard drives to ultraviolet light.
*Destroy the hard drives with a hammer.
17.A technician has downloaded the latest Windows XP updates from the Microsoft website. What should the technician do before installing the updates?
*Create a restore point.
Manually update the Last Known Good Configuration.
Reinstall the anti-virus software.
Change the firewall rules to enable the installer to access port 8900 of the Microsoft server.
18.Which best practice should be included in a password protection policy?
Encourage users to document passwords in a personal file.
Enforce password protection at the BIOS level.
*Implement lockout rules upon consecutive unsuccessful attempts at accessing the system.
Restrict passwords to text-based strings.
19.An attacker claiming to be a bank representative contacts a potential victim via e-mail and requests disclosure of vital account information. Which security attack is being implemented?
adware
*phishing
spyware
trojan
20.Which type of software is downloaded onto the computer of a user without the knowledge of the user and causes information about various products to be displayed on the user's monitor?
*adware
free software
grayware
spyware
21.A financial organization is donating computers to a local charity. What is the best method to remove all data from the hard drives in the computers?
Delete the hard drive partitions and reformat the hard drive.
Reformat the hard drive and then reload an operating system on the reformatted drive.
Delete the hard drive partition and let the new owner reformat and reload the operating system software.
*Use data wiping software and delete any hard drive partitions.
22.Which three security storage features are supported by the TPM hardware module? (Choose three.)
*encryption keys
physical access alarm settings
biometric sensor settings
*digital certificates
virus definitions
*passwords
23.An attacker has managed to decode the encrypted messages of a wireless network. The network uses Windows XP and Cisco equipment. The security protocol that is used is WEP with 64-bit encryption. Which action can be recommended to the technician for securing the network?
Advise users to store their network authentication data, such as their passwords, in a secure manner.
Configure Windows update to run automatically, at a convenient time and on a regular basis.
Recover all sensitive data from the computers of the network, destroy their hard drives, and recycle the computers.
*Upgrade to the LEAP wireless security protocol.
24.Which statement accurately describes the WEP standard?
*WEP is a first generation security standard for wireless communication.
WEP is implemented using 16-bit encryption.
WEP provides better encryption and authentication than WPA provides.
WEP was created as a temporary solution until the implementation of 802.11i.
25.A network administrator is looking for a technology that includes both hardware and software authentication. Which technology could the administrator use?
Key Card Module (KCM)
Remote Frequency Module (RFM)
Triggered Frequency Identification Module (TFIM)
*Trusted Platform Module (TPM)
26.What is the preferred wireless encryption technique if the wireless clients support it?
WEP
*WPA
disabling SSID
MAC address filtering
27.Which type of authentication is evidenced by the use of a small chip on a card that contains user identification data such as bank account numbers and digital signatures?
radio frequency identification
*smart card
biometric implant
trusted platform module
Tidak ada komentar:
Posting Komentar