Question 1

When an attacker presents a program or himself as someone else to obtain private information and pretends to be a legitimate website, network, FTP site, or person in a chat session, what type of attack is occurring?

A) rootkit
B) zombie
C) brute-force
D) man-in-the-middle

D

Accepted Answer

This is a man-in-the-middle attack, where the attacker intercepts communication between two parties and presents themselves as a trusted entity.

Question 2

What type of malware can hijack internal Windows components and often goes undetected because it is already loaded when the antivirus software loads?&#10;A) Trojan horse&#10;B) rootkit&#10;C) adware&#10;D) worm

Accepted Answer

A rootkit is a type of malware that can hijack internal Windows components and often goes undetected because it is already loaded when the antivirus software loads. Rootkits are designed to hide themselves and other malicious programs from detection and removal, and can be difficult to detect and remove manually.

Question 3

If you don't want to use BitLocker to protect your computer, you can still configure a power-on password using which of the following?&#10;A) Windows POP technology&#10;B) the BIOS&#10;C) a feature available on some DVD drives&#10;D) your USB keyboard

Accepted Answer

The BIOS (basic input/output system) allows you to configure a power-on password that must be entered before the computer will fully boot up. This provides an added layer of security for your device. Other options listed are not appropriate for configuring a power-on password.

Question 4

What command can be used to take full access of a file?&#10;A) takeown&#10;B) attrib&#10;C) perms&#10;D) icacls

Accepted Answer

The command "icacls" (abbreviated for "inherited access control lists") can be used to take full ownership and change permissions of a file or directory. The other commands (takeown, attrib, and perms) do not provide complete access to a file.

Question 5

What statement is true regarding the Guest account in Windows 7?&#10;A) it is disabled by default&#10;B) it automatically has a complex password&#10;C) you cannot rename it&#10;D) it has administrative access

Accepted Answer

The Guest account is disabled by default in Windows 7, and must be enabled by an administrator in order to be used.

Question 6

What does the presence of the Cydia app on an iOS device indicate?&#10;A) A rootkit has been installed on the device&#10;B) The device is infected with a worm&#10;C) The device has been jailbroken&#10;D) There is spyware software installed on the device

Accepted Answer

The presence of the Cydia app on an iOS device indicates that the device has been jailbroken. Cydia is a package manager app for jailbroken devices that allows users to download and install apps and tweaks that are not available through the official Apple App Store. Jailbreaking can potentially compromise the security of the device, as it bypasses built-in restrictions and allows third-party software to access protected areas of the operating system. However, it can also enable users to customize their devices and use software that would otherwise be unavailable.

Question 7

What statement regarding passwords on Windows is accurate?&#10;A) it's best to write your password down so you don't get locked out of your computer&#10;B) passwords cannot be longer than 14 characters&#10;C) by default, accounts with a blank password cannot logon remotely&#10;D) letters and numbers are allowed, but no symbols such as '@' or '!'

Accepted Answer

By default, Windows does not allow accounts with blank passwords to logon remotely. This is a security measure to prevent unauthorized access to the system. A strong password should be used instead of a blank password. It is not recommended to write down passwords, and passwords can be longer than 14 characters, and letters, numbers, and symbols are all allowed in passwords.

Question 8

When using the Windows Encrypted File System, what statement is accurate?&#10;A) files can be marked for encryption, but not folders&#10;B) an encrypted file moved to an unencrypted folder remains encrypted&#10;C) EFS only works on NTFS and FAT32&#10;D) you need to download special software to use EFS

Accepted Answer

When a file is encrypted using EFS, it remains encrypted even if it is moved to an unencrypted folder. Option A is inaccurate because folders can also be marked for encryption. Option C is inaccurate because EFS only works on NTFS. Option D is inaccurate because EFS is a built-in feature of Windows and does not require any additional software.

Question 9

What device provides a strong magnetic field used to completely erase data on a hard drive or tape drive?&#10;A) ATA Secure Erase&#10;B) low-level format&#10;C) degausser&#10;D) magnetic data filter

Accepted Answer

A degausser provides a strong magnetic field that can completely erase data on a hard drive or tape drive. ATA Secure Erase is a built-in feature in some hard drives that erases data securely, but it requires the user to authenticate with a password. Low-level format is a process of formatting a hard drive that creates the physical structure of the drive, but it does not necessarily erase data. Magnetic data filter is not a device that is used to erase data, but rather used to prevent electromagnetic interference on data transmission.

Question 10

Requiring users to press Ctrl+Alt+Delete to get a logon window is more secure than the welcome screen.

Accepted Answer

Requiring the use of Ctrl+Alt+Delete is a Microsoft security feature designed to prevent malware from intercepting the logon process. This is a more secure method than the welcome screen which could potentially be intercepted by malware or other malicious programs.

Question 11

You should beware of a person attempting to use your computer after you step away from it, a term referred to as which of the following?&#10;A) shoulder surfing&#10;B) tailgating&#10;C) social engineering&#10;D) session hijacking

Accepted Answer

The answer of You should beware of a person attempting...

Question 12

One way to authenticate users on a computer is to use a small device that contains authentication information. What is this device called?&#10;A) retinal scanner&#10;B) LoJack token&#10;C) smart card&#10;D) TPM

Accepted Answer

The answer of One way to authenticate users on a...

Question 13

After initially installing Windows 7, you need to disable the Guest account so nobody can use it.

Accepted Answer

The answer of After initially installing Windows 7, you need...

Question 14

What keystroke should you press to get a logon window if you don't use the welcome screen?&#10;A) Alt+F1&#10;B) Ctrl+Ins+Home&#10;C) Alt+F5+End&#10;D) Ctrl+Alt+Delete

Accepted Answer

The answer of What keystroke should you press to get...

Question 15

Using Group Policy, you can set security policies to help secure a workstation.

Accepted Answer

The answer of Using Group Policy, you can set security...

Question 16

A root certificate is the original certificate issued by the CA.

Accepted Answer

The answer of A root certificate is the original certificate...

Question 17

If you want your computer to be protected by BitLocker Encryption using computer authentication, what feature must your computer have?&#10;A) a USB port&#10;B) an authentication key on the hard drive&#10;C) a TPM chip on the motherboard&#10;D) a PIN on the BIOS

Accepted Answer

The answer of If you want your computer to be...

Question 18

Anti-malware software relies on what sort of update in order to define or detect malware as it gets into the wild?&#10;A) rootkits&#10;B) malware signatures&#10;C) static updates&#10;D) Windows updates

Accepted Answer

The answer of Anti-malware software relies on what sort of...

Question 19

What technology can be used to locate a device such as a laptop after it has been stolen?&#10;A) Management software&#10;B) LoJack&#10;C) Trojan&#10;D) Multifactor Trace software

Accepted Answer

The answer of What technology can be used to locate...

Question 20

On a peer-to-peer network, authentication is the responsibility of the domain.

Accepted Answer

The answer of On a peer-to-peer network, authentication is the...

Question 21

Documentation for evidence which includes exactly what, when, and from whom evidence was collected, the condition of this evidence, and how the evidence was secured while it was in your possession, is know by what term?

A) evidence security roster
B) chain of custody
C) item inventory
D) evidence tracking list

Accepted Answer

The answer of Documentation for evidence which includes exactly what,...

Question 22

Match between columns&#10;                        Premises: a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;a code used to identify and authenticate a person or organization sending data over a network&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;A type of malware that tricks you into opening it by substituting itself for a legitimate program&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;when someone who is unauthorized follows the employee through a secured entrance to a room or building&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;A program that is potentially harmful or potentially unwanted&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;the practice of tricking people into giving out private information or allowing unsafe programs into the network or computer&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;an attack that can be used to crack a long password by trying words and word combinations&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;a computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the user's knowledge&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;an infestation designed to copy itself repeatedly to memory, on drive space, or on a network&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;type of spyware that tracks your keystrokes, including passwords&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser&#10;software installed on a computer that produces pop-up ads using your browser

Accepted Answer

The Answer of adware and digital certificate and grayware and is...

Question 23

What are the risks in using BitLocker to secure your system and how can you mitigate these risks?

Accepted Answer

The answer of What are the risks in using BitLocker...

Question 24

What is a Trojan, and how is it installed?

Accepted Answer

The answer of What is a Trojan, and how is...

Question 25

If you wish to monitor logon failures, what should you do?

Accepted Answer

The answer of If you wish to monitor logon failures,...

Question 26

A person that secretly peaks at your monitor screen while you work may be doing what?&#10;A) tailgating&#10;B) screen capping&#10;C) shoulder surfing&#10;D) social engineering

Accepted Answer

The answer of A person that secretly peaks at your...

Question 27

Describe Windows Firewall.

Accepted Answer

The answer of Describe Windows Firewall....

Question 28

What is intended to legally protect the intellectual property rights of organizations or individuals to creative works, which include books, images, and software?&#10;A) copyright&#10;B) license&#10;C) user agreement&#10;D) cease and desist order

Accepted Answer

The answer of What is intended to legally protect the...

Question 29

Using a PIN or password in addition to TPM is an example of what type of authentication?&#10;A) multifactor&#10;B) biometric&#10;C) asymmetric&#10;D) symmetric

Accepted Answer

The answer of Using a PIN or password in addition...

Question 30

What is a rootkit and why is it so difficult to detect?

Accepted Answer

The answer of What is a rootkit and why is...

Question 31

With respect to the default users and password settings, how can you use Group Policy to make your system more secure?

Accepted Answer

The answer of With respect to the default users and...

Question 32

Under what circumstances can a blank password be more secure than a non-blank password?

Accepted Answer

The answer of Under what circumstances can a blank password...

Question 33

Describe file and folder encryption in Windows (not how you encrypt a file).

Accepted Answer

The answer of Describe file and folder encryption in Windows...

Question 34

CryptoLocker is an example of what type of malware?&#10;A) zero-day attack&#10;B) worm&#10;C) ransomware&#10;D) man-in-the-middle

Accepted Answer

The answer of CryptoLocker is an example of what type...

Question 35

Describe how you can control how a user logs on to a Windows system and how doing so can make a system more secure.

Accepted Answer

The answer of Describe how you can control how a...

Question 36

List five of the different criteria that make up a secure password?

Accepted Answer

The answer of List five of the different criteria that...

Deck 10: Security Strategies