ITE v7.0 Certification Checkpoint Exam #5 Chapters 12-13 Exam Answers

1. Which two security precautions will help protect a workplace against social engineering? (Choose two.)

  • performing daily data backups
  • encrypting all sensitive data stored on the servers
  • registering and escorting all visitors to the premises
  • ensuring that all operating system and antivirus software is up to date
  • ensuring that each use of an access card allows access to only one user at the time

Explanation:Encrypting data, keeping software up to date, and backing up data are all security precautions, but will not protect against unauthorized physical access to premises by people trying to gather information for malicious purposes.

2. It has been noted that the computers of employees who use removable flash drives are being infected with viruses and other malware. Which two actions can help prevent this problem in the future? (Choose two.)

  • Set virus protection software to scan removable media when data is accessed.
  • Configure the Windows Firewall to block the ports that are used by viruses.
  • Disable the autorun feature in the operating system.
  • Repair, delete, or quarantine the infected files.
  • Enable the TPM in the CMOS settings.

Explanation: Windows Firewall filters data from the network not from removable flash drives. The TPM is used for hardware authentication of users and devices, not malware protection. Repairing, deleting, or quarantining infected files will remove a current virus infection but not prevent future infections.

3. What are two potential user benefits of rooting or jailbreaking a mobile device? (Choose two.)

  • The user interface can be extensively customized.
  • The operating system can be fine-tuned to improve the speed of the device.
  • The root directory of the device is blocked.
  • The operation of the carrier cellular network may be affected.
  • A custom OS may reduce sandboxing features.​

Explanation: Rooting or jailbreaking a mobile device usually enables extensive customization of the user interface and can enable performance enhancement. The three incorrect options are all considered potential risks to the user, the device, and the network that may result from rooting or jailbreaking a mobile device.

4. Which two conditions must be met for mobile device security measures such as remote lock and remote wipe to function? (Choose two.)

  • The device must be powered on.
  • The device must be connected to a network.
  • The passcode must be disabled.
  • The GPS locator must be enabled.
  • Sandboxing must be enabled.

Explanation: Successful mobile device remote security measures require the device to be powered on and connected to a network. The device passcode and GPS status do not affect the operation of remote security measures. Mobile devices run apps within a sandbox by default.

5. What is the most effective way of securing wireless traffic?

  • WPA2
  • SSID hiding
  • WEP
  • wireless MAC filtering

Explanation: SSID and wireless MAC filtering are not encryption methods. WPA2 is more secure than WEP or WPA for encrypting traffic.

6. Which action would help a technician to determine if a denial of service attack is being caused by malware on a host?

  • Disconnect the host from the network.
  • Log on to the host as a different user.
  • Disable ActiveX and Silverlight on the host.
  • Install rogue antivirus software on the host.

Explanation: If a host infected with malware is causing a denial of service attack by flooding the network with traffic, disconnecting the host from the network can stop the attack. ActiveX and Silverlight are both examples of web software designed to provide interactive experiences on web pages. A rogue antivirus is a type of attack where the malware appears to be an antivirus telling the users that their system is infected. If a system is infected with malware, it is unlikely that logging on as a different user would prevent the malware from continuing the denial of service attack.

7. The corporate security policy states that all remote connections use only secure tunnels for data communications. Which encryption technique secures data traveling across the public Internet as if it were traveling across the corporate LAN?

  • MD5
  • VPN
  • WEP
  • WPA

Explanation: A VPN (virtual private network) provides an encrypted tunnel for data communications across the Internet. WEP and WPA are wireless encryption protocols. MD5 is a data hashing algorithm.

8. A user has reported SMART messages displayed on the computer screen several times over the past few weeks. Which computer part should the technician check first?

  • CPU
  • hard drive
  • motherboard
  • power supply
  • RAM

Explanation: Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T or SMART) is a feature built into hard drives to detect and report drive issues.

9. A user complains about not being able to modify a shared remote file. The technician investigates the issue and notices that both NTFS and share permissions have been assigned to the shared folder and file. What is the effective permission when this security technique has been applied?

  • All remote access is blocked.
  • The share and NTFS permissions will be added.
  • The most restrictive share or NTFS permission will be applied.
  • Only the original owner can modify the file either locally or from a remote location.

Explanation: If a shared folder has been given the full control NTFS permission and the read share permission, the effective permission will be the most restrictive one which is read in this case.

10. A hard drive used by an administrative assistant in a Federal Reserve Bank is replaced with a new larger capacity drive. The technician brings the old drive into the technical office and is asked for the drive so it can be used in a different computer. How should the technician handle this situation?

  • Deny the request and require a certificate of destruction.
  • Use a degausser before turning the drive over to the second technician.
  • Perform a drive wipe before turning the drive over to the second technician.
  • Turn the drive over to the second technician with a request to format the drive first as exFAT and then as NTFS.

Explanation: Drives can be recycled or repurposed as long as best practices are adhered to. Drive wiping software can be used to overwrite existing data multiple times so that the original data cannot be read.

11. What are two benefits of using an ext4 partition instead of ext3? (Choose two.)

  • compatibility with CDFS
  • compatibility with NTFS
  • decreased load time
  • improved performance
  • an increase in the number of supported devices
  • increase in the size of supported files

Explanation: Based on the ex3 file system, an ext4 partition includes extensions that improve performance and an increase in the of supported files. An ext4 partition also supports journaling, a file system feature that minimizes the risk of file system corruption if power is suddenly lost to the system.

12. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker was using a specific technique that affected the TCP three-way handshake. What is the type of network attack?

  • SYN flood
  • zero-day
  • DNS poisoning
  • dictionary

13. Users in a company have complained about network performance. After investigation, the IT staff has determined that the DNS server was sent with an enormous amount of false requests, thus overwhelming the server. What is the type of network attack?

  • DoS
  • zero-day
  • SYN flood
  • dictionary

14. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker is using a vulnerability that is known to the software vendor, but not patched yet. What is the type of network attack?

  • zero-day
  • SYN flood
  • DDoS
  • DNS poisoning

15. Users in a company have complained about network performance. After investigation, the IT staff has determined that the DNS server was sent with an enormous amount of false requests, thus overwhelming the server. What is the type of network attack?

  • DoS
  • SYN flood
  • DNS poisoning
  • zero-day

16. Users in a company have complained about network performance. After investigation, the IT staff has determined that zombies were used to attack the firewall. What is the type of network attack?

  • DDoS
  • SYN flood
  • DNS poisoning
  • zero-day

17. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker is using a table of words that potentially could be used as passwords. What is the type of network attack?

  • dictionary
  • DNS poisoning
  • DDoS
  • SYN flood

18. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker injected false records on the server that translates IP addresses to domain names. What is the type of network attack?

  • DNS poisoning
  • SYN flood
  • DDoS
  • zero-day

19. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker injected false records on the server that translates IP addresses to domain names. What is the type of network attack?

  • DNS poisoning
  • dictionary
  • zero-day
  • SYN flood

20. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker is using a technique that compares hashed passwords to potential hashes the hacker has. What is the type of network attack?

  • rainbow table
  • zero-day
  • SYN flood
  • DNS poisoning

21. Users in a company have complained about network performance. After investigation, the IT staff has determined that the attacker is using a vulnerability that is known to the software vendor, but not patched yet. What is the type of network attack?

  • zero-day
  • SYN flood
  • DNS poisoning
  • dictionary

22. A PC technician has been asked by a supervisor to recommend a security solution for phishing. Which security technique should the technician recommend?

  • Provide security awareness training.
  • Use a mantrap.
  • Use Windows Safe Mode.
  • Implement dual authentication.

23. A PC technician has been asked by a supervisor to recommend a security solution for phishing. Which security technique should the technician recommend?

  • Provide security awareness training.
  • Use a mantrap.
  • Use Windows Safe Mode.
  • Employ ping sweeps.

24. A PC technician has been asked by a supervisor to recommend a security solution for protecting a computer used to log in at a dental clinic from someone using a bootable disk containing hacking tools. Which security technique should the technician recommend?

  • Disable ports.
  • Use a mantrap.
  • Use Windows Safe Mode.
  • Employ ping sweeps.

25. A PC technician has been asked by a supervisor to recommend a security solution for protecting a computer used to log in at a dental clinic from someone using a bootable disk containing hacking tools. Which security technique should the technician recommend?

  • Disable ports.
  • Use Windows Safe Mode.
  • Buy an IPS.
  • Run vulnerability scanners.

26. A PC technician has been asked by a supervisor to recommend a security solution for a manager traveling who needs access to internal corporate resources. Which security technique should the technician recommend?

  • Use a VPN.
  • Use Windows Safe Mode.
  • Buy an IPS.
  • Run vulnerability scanners.

27. A PC technician has been asked by a supervisor to recommend a security solution for a company that wants a device to monitor incoming and outgoing traffic and stop any malicious activity. Which security technique should the technician recommend?

  • Buy an IPS.
  • Use Windows Safe Mode.
  • Buy an ASA.
  • Use SSL.

28. A PC technician has been asked by a supervisor to recommend a security solution for a machine where the antimalware software cannot remove all of the malware. Which security technique should the technician recommend?

  • Use Windows Safe Mode.
  • Buy an IPS.
  • Buy an ASA.
  • Use SSL.

29. A PC technician has been asked by a supervisor to recommend a security solution for a machine where the antimalware software cannot remove all of the malware. Which security technique should the technician recommend?

  • Use Windows Safe Mode.
  • Buy an IPS.
  • Buy an ASA.
  • Use encryption.

30. A PC technician has been asked by a supervisor to recommend a security solution for preventing tailgating. Which security technique should the technician recommend?

  • Use a mantrap.
  • Buy an IPS.
  • Buy an ASA.
  • Use encryption.

31. A PC technician has been asked by a supervisor to recommend a security solution for preventing tailgating. Which security technique should the technician recommend?

  • Use a mantrap.
  • Buy an IPS.
  • Buy an ASA.
  • Implement dual authentication.

Related Articles

1
Leave a Reply

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Cray Recent comment authors
newest oldest most voted
Cray
Guest
Cray

Thanks so much!