Domain 3: Security Session 1 Flashcards Preview

A+ 220-902 Nina WM Day > Domain 3: Security Session 1 > Flashcards

Flashcards in Domain 3: Security Session 1 Deck (57)
Loading flashcards...
1

Which type of malware needs a carrier, such as a Microsoft Office app, in order to propagate?
Choices:

A - Virus
B - Worm
C - Spyware
D - Trojan horse

A - Virus

2

A user downloaded what was thought to be an antivirus program but instead turned out to be malware. Which type of malware infected the user's computer?
Choices:
A - Virus
B - Worm
C - Trojan
D - Ransomware

C - Trojan

3

Which type of malware is most likely to infect an MBR?
Choices:

A - Virus
B - Worm
C - Trojan
D - Rootkit

D - Rootkit

4

Which is an example of a phishing attack?
Choices:

A - An email which targets a specific individual
B - A seemingly credible update which corrupts the MBR
C - A seemingly credible update which locks up the system
D - An email from a seemingly credible source asking for personal information

D - An email from a seemingly credible source asking for personal information

5

Which type of phishing attack targets executives or individuals in high authority who have access to a lot of money?
Choices:

A - Whaling
B - Tailgating
C - Spear phishing
D - Social engineering

A - Whaling

6

Which is an example of social engineering?
Choices:

A - A black hat individual audits a system
B - An attacker leaves a backdoor on a system using a rootkit
C - Someone under a false guise calls an individual and solicits logon information
D - Someone using false credentials creates a fake email account and uses it to send out harmful information

C - Someone under a false guise calls an individual and solicits logon information

7

Shoulder surfing is when someone looks at a user's screen while the user enters sensitive information.

A - True
B - False

A - True

8

Which best defines a botnet or zombies?
Choices:

A - A command server controlling multiple computers
B - Multiple computers carrying out an attack simultaneously
C - One person controlling multiple computers simultaneously
D - One computer infects other computers using the zombie virus

B - Multiple computers carrying out an attack simultaneously

9

Which type of password attack refers to the attacker simply guessing the password until they get it right?
Choices:

A - Botnet
B - Phishing
C - Spoofing
D - Brute force

D - Brute force

10

Which are examples of non-compliant systems? Choose two answers.
Choices:

A - A computer with no antimalware protection
B - A computer with an outdated operating system
C - A computer which has the incorrect version of Office installed
D - A computer which has not run Windows Update in the past three days

A - A computer with no antimalware protection
B - A computer with an outdated operating system

11

Which are ways to make users aware of security standards in the workplace? Choose two answers.
Choices:

A - End-user training
B - Acceptable use policy
C - Principle of least privilege
D - Discretionary access methods

A - End-user training
B - Acceptable use policy

12

One example of a man-in-the-middle attack is when a __________ is invaded by a third party who intercepts data and impersonates one of the two members involved.
Choices:

A - server
B - monitor
C - two-way email
D - two-way instant messaging chat

D - two-way instant messaging chat

13

A new hire at a company, in reading the security policy, sees that a clean desk policy is enforced. The new hire wants clarification from IT personnel as to what a clean desk policy entails. Which should the IT personnel tell the new hire?
Choices:

A - A clean desk policy involves keeping the desk dust-free
B - A clean desk policy involves keeping the desk free of food and drink
C - A clean desk policy involves keeping the desk free of network cables
D - A clean desk policy involves keeping the desk clear of any confidential documents

D - A clean desk policy involves keeping the desk clear of any confidential documents

14

Which disposal method is best used in relation to sensitive documents that are no longer needed?
Choices:

A - Shredder
B - Dumpster
C - Trash can
D - Recycle Bin

A - Shredder

15

A person tailgates a legitimate employee into a building and is now caught between that door and a more secure door. The person is trapped inside of which kind of area?
Choices:

A - Red
B - Blue
C - Tailgate
D - Mantrap

D - Mantrap

16

Using facial recognition to unlock a smartphone is a form of which type of physical security?
Choices:

A - RFID
B - Token
C - Biometrics
D - Smart card

C - Biometrics

17

Which device helps to cut off viewable angles on a monitor?
Choices:

A - Privacy filter
B - Screen cover
C - Screen dimmer
D - Brightness control

A - Privacy filter

18

Which is an example of a digital antimalware security service?
Choices:

A - Applegate
B - Windows Update
C - Windows Firewall
D - Windows Defender

D - Windows Defender

19

Strong passwords are made up of uppercase and lowercase letters, numbers, and __________.
Choices:

A - verbs
B - symbols
C - long phrases
D - proper nouns

B - symbols

20

Which are Linux permission levels? Choose three answers.
Choices:

A - Edit
B - Write
C - Read
D - Listen
E - Manage
F - Execute

B - Write
C - Read
F - Execute

21

A user has received an email that seems like junk mail. Which action should the user take?
Choices:

A - Delete the email
B - Send a reply to the email
C - Open the email and see who sent it
D - Send the email to the junk email folder

D - Send the email to the junk email folder

22

A __________ does not qualify as multifactor authentication.
Choices:

A - username and password
B - retinal scanner and smart card
C - password and fingerprint scanner
D - smart card, username, and password

A - username and password

23

In Linux, which is the equivalent of a trusted or untrusted software source?
Choices:

A - Directory commands
B - Trusted and untrusted folders
C - Trusted and untrusted packages
D - Trusted and untrusted commands

C - Trusted and untrusted packages

24

Which four items should be taught to users to help protect sensitive information in an acceptable use policy?
Choices:

A - Take inventory
B - Look behind you
C - Lock a machine that is left on
D - Never share password information
E - Use third-party software whenever possible
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

C - Lock a machine that is left on
D - Never share password information
F - Do not go anywhere suspicious on the Internet
G - Have a good antimalware/antivirus program and keep its definitions up-to-date

25

Which are the four types of users in a server or network environment?
Choices:

A - Pro
B - Guest
C - Power
D - Formal
E - Standard
F - Business
G - Administrator

B - Guest
C - Power
E - Standard
G - Administrator

26

It is easier to track permissions that are denied than permissions that are allowed on a network.

A - True
B - False

B - False

27

Which are file attributes on an NTFS volume? Choose two answers.
Choices:

A - Edit
B - Hidden
C - Read-only
D - Write-only
E - Read/Write

B - Hidden
C - Read-only

28

System files can be found in which folders on a Windows device? Choose two answers.
Choices:

A - System32
B - System64
C - SysWOW32
D - SysWOW64

A - System32
D - SysWOW64

29

__________ means a user only needs to log on once in order to access all of the resources on a network.
Choices:

A - TLS
B - Single sign-on
C - Being a power user
D - Administrative access

B - Single sign-on

30

BitLocker is available in which versions of Windows? Choose two answers.
Choices:

A - Windows 7 Ultimate
B - Windows 8 Ultimate
C - Windows 7 Professional
D - Windows 8 Professional

A - Windows 7 Ultimate
D - Windows 8 Professional