IT Essentials 8 Module 13 Quiz Answers: Security

IT Essentials 8.0 Module 13.6.1.2 Security-Quiz Answers

1. Which is an example of social engineering?

  • a computer displaying unauthorized pop-ups and adware
  • the infection of a computer by a virus carried by a Trojan
  • an anonymous programmer directing a DDoS attack on a data center
  • an unidentified person claiming to be a technician collecting user information from employees

Explanation: A social engineer attempts to gain the confidence of an employee and convince that person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks, pop-ups, and viruses are all examples of software based security threats, not social engineering.

2. Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?

  • adware
  • phishing
  • stealth virus
  • worm

Explanation: Phishing attacks use social engineering to obtain user personal information. Viruses carry malicious executable code that runs on target machines. Worms propagate through the network consuming bandwidth resources. Adware, on the other hand, results in pop-up windows directing users to malicious sites.

3. Which action could be used to determine if a host is compromised and flooding traffic onto the network?

  • Unseat and then reconnect the hard drive connectors on the host.
  • Disconnect the host from the network.
  • Check the host hard drive for errors and file system issues.
  • Examine the Device Manager on the host for device conflicts.

Explanation: If a network is experiencing an extremely high volume of traffic, disconnecting a host from the network may confirm that the host is compromised and is flooding traffic onto the network. The other issues are hardware issues, and not typically security-related.

4. When a support technician is troubleshooting a security issue on a system, which action should the technician take just before documenting the findings and closing the ticket?

  • Boot the system in Safe Mode.
  • Disconnect the system from the network.
  • Ensure that all applications are working.
  • Ask what the problem is that the customer is experiencing.

Explanation: The last step before documenting findings is to verify full system functionality. Ensuring that all of the applications are working would be an example of verifying functionality. Asking what problem is that the user is experiencing is part of the first step: identifying the problem. Disconnecting from the network and rebooting in Safe Mode are both examples of the third step: determining an exact cause.

5. A technician discovers that an employee has attached an unauthorized wireless router to the company network so that the employee can get Wi-Fi coverage while outside taking a break. The technician immediately reports this to a supervisor. What are two actions that the company should take in response to this situation? (Choose two.)

  • Create a guest account for the employee to use when outside the building.
  • Add an authorized wireless access point to the network to extend coverage for the employee.
  • Make sure that the wireless router is not broadcasting an SSID.
  • Immediately remove the device from the network.
  • Consult the company security policy to decide on actions to take against the employee.

Explanation: Adding an unauthorized wireless router or access point to a company network is a serious potential security threat. The device should be removed from the network immediately in order to mitigate the threat. In addition, the employee should be disciplined. The company security policy, which employees agree to, should describe penalties for behavior that threatens the security of the company.

6. When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user files have been locked. In order to get the files unencrypted, the user is supposed to send an email and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins as payment for the file decryption. After inspecting the message, the technician suspects a security breach occurred. What type of malware could be responsible?

  • adware
  • ransomware
  • spyware
  • Trojan

Explanation: Ransomware requires payment for access to the computer or files. Bitcoin is a type of digital currency that does not go through a particular bank.

7. A technician has recently joined an organization and during the first week on the job, discovers a security breach. What policy should the technician implement after the security breach has occurred?

  • acceptable use policy
  • remote access policy
  • incident handling policy
  • identification and authentication policy

Explanation: A company security policy commonly contains incident handling procedures used when a security breach occurs.

8. A corporate executive has asked the IT department to provide a solution to ensure data security of removable drives that are being taken off the premises. Which security solution should be recommended?

  • BitLocker
  • BitLocker To Go
  • TPM
  • VPN

Explanation: BitLocker To Go supports encrypting removable drives, but does not require a TPM chip. However, it does require a password.

9. As data is being stored on a local hard disk, which method would secure the data from unauthorized access?

  • data encryption
  • a duplicate hard drive copy
  • deletion of sensitive files
  • two factor authentication

Explanation: Data encryption is the process of converting data into a form where only a trusted, authorized person with a secret key or password can decrypt the data and access the original form.

10. Which type of hard drive format is commonly performed at the factory where the drive is assembled?

  • EFS
  • low-level
  • multifactor
  • standard

Explanation: The two types of formatting that can be performed on a mechanical hard drive are low-level and standard. The low-level format is commonly performed at the factory. The standard format only recreates the boot sector and file allocation table.

11. A technician has recently changed jobs from supporting a small company to a large company in the security group. What are two types of passwords the larger company could use to secure a workstation? (Choose two.)

  • BIOS
  • cryptic
  • login
  • multifactor
  • synchronous

Explanation: Three types of password protection that can be used to secure a workstation are the BIOS password configured through the BIOS Setup program; a login password such as a PIN, Windows, or picture password; and a network password that is kept on a server.

12. A corporate employee has recently taken the mandated security awareness training and is wanting to use the correct security term. Which issue can occur when browsing the internet and is often initiated by the destination website?

  • autorun
  • phishing
  • pop-up
  • privacy screen

Explanation: Most web browsers offer a pop-up blocker. In Internet Explorer, use the Tools icon to enable.

13. A technician in a small business is configuring the local security policy for a computer. Which configuration setting would the technician use to require the user to change the password after 90 days?

  • Enforce password history
  • Maximum password age
  • Minimum password length
  • Password must meet complexity requirements

Explanation: The maximum password age setting defines the maximum number of days that can pass before the password must be changed.

14. When configuring Windows security, which term is used to mean a rule assocated with an object such as a folder or printer?

  • ActiveX
  • firewall
  • permission
  • right

Explanation: A right authorizes a user to perform an action on a computer like performing backups. A permission is a rule that is associated with a particular object like a file, folder, or printer.

15. Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)

  • packet speed
  • MAC addresses
  • packet size
  • ports
  • protocols

Explanation: Hardware firewalls can be configured as packet filters, application layer firewalls, or proxies. Application layer firewalls read all of the traffic data and look for unwanted traffic. Proxies act as relays, scanning traffic and allowing or denying traffic based on established rules. Packet filters only concern themselves with port data, IP address data, and destination services.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments