1. When a support technician is troubleshooting a security issue on a system, which action should the technician take just before documenting the findings and closing the ticket?
- Ensure that all applications are working.
- Ask what the problem is that the customer is experiencing.
- Boot the system in Safe Mode.
- Disconnect the system from the network.
2. A technician has recently changed jobs from supporting a small company to a large company in the security group. What are two types of passwords the larger company could use to secure a workstation? (Choose two.)
- login
- synchronous
- multifactor
- cryptic
- BIOS
3. Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)
- ports
- protocols
- packet speed
- MAC addresses
- packet size
4. When configuring Windows security, which term is used to mean a rule assocated with an object such as a folder or printer?
- ActiveX
- permission
- right
- firewall
5. When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user files have been locked. In order to get the files unencrypted, the user is supposed to send an email and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins as payment for the file decryption. After inspecting the message, the technician suspects a security breach occurred. What type of malware could be responsible?
- adware
- ransomware
- spyware
- Trojan
6. Which type of hard drive format is commonly performed at the factory where the drive is assembled?
- multifactor
- low-level
- standard
- EFS
7. As data is being stored on a local hard disk, which method would secure the data from unauthorized access?
- a duplicate hard drive copy
- two factor authentication
- deletion of sensitive files
- data encryption
8. A technician discovers that an employee has attached an unauthorized wireless router to the company network so that the employee can get Wi-Fi coverage while outside taking a break. The technician immediately reports this to a supervisor. What are two actions that the company should take in response to this situation? (Choose two.)
- Immediately remove the device from the network.
- Add an authorized wireless access point to the network to extend coverage for the employee.
- Make sure that the wireless router is not broadcasting an SSID.
- Consult the company security policy to decide on actions to take against the employee.
- Create a guest account for the employee to use when outside the building.
9. Which is an example of social engineering?
- an unidentified person claiming to be a technician collecting user information from employees
- a computer displaying unauthorized pop-ups and adware
- the infection of a computer by a virus carried by a Trojan
- an anonymous programmer directing a DDoS attack on a data center
10. A technician has recently joined an organization and during the first week on the job, discovers a security breach. What policy should the technician implement after the security breach has occurred?
- identification and authentication policy
- remote access policy
- acceptable use policy
- incident handling policy
11. Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?
- worm
- stealth virus
- phishing
- adware
12. A technician in a small business is configuring the local security policy for a computer. Which configuration setting would the technician use to require the user to change the password after 90 days?
- Enforce password history
- Maximum password age
- Password must meet complexity requirements
- Minimum password length
13. A corporate employee has recently taken the mandated security awareness training and is wanting to use the correct security term. Which issue can occur when browsing the internet and is often initiated by the destination website?
- autorun
- phishing
- privacy screen
- pop-up
14. A corporate executive has asked the IT department to provide a solution to ensure data security of removable drives that are being taken off the premises. Which security solution should be recommended?
- TPM
- BitLocker
- BitLocker To Go
- VPN
15. Which action could be used to determine if a host is compromised and flooding traffic onto the network?
- Unseat and then reconnect the hard drive connectors on the host.
- Disconnect the host from the network.
- Examine the Device Manager on the host for device conflicts.
- Check the host hard drive for errors and file system issues.