TestOut Security Pro (2018) Chapter 7 - COMPLETE

What is the main difference between a worm and a virus?

A worm requires an execution mechanism to start, while a virus can start itself. A worm tries to gather information, while a virus tries to destroy data. A worm can replicate itself, while a virus requires a host for distribution. A worm is restricted to one system, while a virus can spread from system to system.

A collection of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent?

Botnet Logic bomb Spyware Trojan horse

Which is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously?

ActiveX control Worm Outlook Express Trojan horse

Which of the following is undetectable software that allows administrator-level access?

Spyware Rootkit Trojan horse Worm Logic bomb

Which of the following are characteristics of a rootkit? (Select two.)

Monitors user actions and opens popups based on user preferences Uses cookies saved on the hard drive to track user preferences Hides itself from detection Requires administrator-level privileges for installation

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer.
Which of the following terms best describes this software?

Rootkit Spyware Trojan horse Botnet Privilege escalation

Which of the following best describes spyware?

It monitors user actions that denote personal preferences, then sends popups and ads to the user that match their tastes. *It monitors the actions you take on your machine and sends the information back to its originating source.* It is a malicious program disguised as legitimate software. It is a program that attempts to damage a computer system and replicate itself to other computer systems.

What is the primary distinguishing characteristic between a worm and a logic bomb?

Masquerades as a useful program Self-replication Incidental damage to resources Spreads via email

What is another name for a logic bomb?

Asynchronous attack DNS poisoning Pseudo flaw Trojan horse

You have installed antimalware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems.
You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the antimalware software.
What has happened to the file?

It has been deleted from your system. It has been moved to a secure folder on your computer. The infection has been removed, and the file has been saved to a different location. The file extension has been changed to prevent it from running.

Which of the following statements about the use of antivirus software is correct?

If servers on a network have antivirus software installed, workstations do not need antivirus software installed. If you install antivirus software, you no longer need a firewall on your network. Anti-virus software should be configured to download updated virus definition files as soon as they become available. Once installed, antivirus software needs to be updated on a monthly basis.

If your antivirus software does not detect and remove a virus, what should you try first?

Set the readonly attribute of the file you believe to be infected. Search for and delete the file you believe to be infected. Scan the computer using another virus detection program. Update your virus detection software.

You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day.
What else should you do to protect your systems from malware? (Select two.)

Enable chassis intrusion detection Disable UAC Schedule regular full system scans Enable account lockout Educate users about malware

To tightly control the antimalware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware.
Which of the following actions would best prevent this scenario from occurring again?

Switch to a more reliable antivirus software Carefully review open firewall ports and close any unnecessary ports Create a scheduled task to run sfc.exe daily Configure the software to automatically download the virus definition files as soon as they become available

Which type of virus conceals its presence by intercepting system requests and altering service outputs?

Retro Slow Polymorphic Stealth

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of common user names and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?

A strong password policy VLANs 3DES encryption AES encryption

Which of the following password attacks uses preconfigured matrices of hashed dictionary words?

Dictionary Hybrid Brute force Rainbow table

Which of the following is most vulnerable to a brute force attack?

Challenge-response token authentication Password authentication Two-factor authentication Biometric authentication

A user named Bob Smith has been assigned a new desktop workstation to complete his dayto day work.
When provisioning Bob's user account in your organization's domain, you assigned an account name of BSmith with an initial password of bw2Fs3d.

On first login, Bob is prompted to change his password, so he changes it to the name of his dog (Fido).
What should you do to increase the security of Bob's account? (Select two.)

Use a stronger initial password when creating user accounts. Train users not to use passwords that are easy to guess. Use Group Policy to require strong passwords on user accounts. Require him to use the initial password, which meets the complexity requirements. Do no allow users to change their own passwords. Configure user account names that are not easy to guess.

Which of the following strategies can protect against a rainbow table password attack?

Encrypt the password file with oneway encryption Add random bits to the password before hashing takes place Educate users to resist social engineering attacks Enforce strict password restrictions

Which of the following actions should you take to reduce the attack surface of a server?

Install antimalware software Disable unused services Install the latest patches and hotfixes Install a hostbased IDS

Which of the following describes a configuration baseline?

A set of performance statistics that identifies normal operating performance A list of common security settings that a group or all devices share The minimum services required for a server to function A collection of security settings that can be automatically applied to a device

You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server.

Which of the following recommendations should you follow when applying the hotfix?

Apply the hotfix immediately to the server; apply the hotfix to other devices only as the security threat manifests itself. Apply the hotfix immediately to all servers. Test the hotfix and then apply it to the server that had the problem. Test the hotfix and then apply it to all servers.

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Select two.)

Implement separation of duties Conduct privilege escalation Change default account passwords Apply all patches and updates Remove any backdoors

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a shortterm, periodic basis (typically monthly)?

Kernel fix kit Hotfix Targeted software patch Service pack

Which of the following is the best recommendation for applying hotfixes to your servers?

Apply all hotfixes before applying the corresponding service pack Apply hotfixes immediately as they are released Wait until a hotfix becomes a patch, then apply it Apply only the hotfixes that affect to software running on your systems

By definition, what is the process of reducing security exposure and tightening security controls?

Social engineering Passive reconnaissance Active scanning Hardening

When securing a newly deployed server, which of the following rules of thumb should be followed?

Disable all unused services Disable each service in turn and then test the system for negative effects Determine unneeded services and their dependencies before altering the system Disable all services not associated with supporting shared network services

Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? (Select two.)

WSUS Group Policy Security Templates Security Configuration and Analysis

You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automatically apply them to multiple computers.
Which tool is your best choice for accomplishing this task?

WSUS Security Templates Group Policy Security Configuration and Analysis

Which of the following solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers?

Account policies Account restrictions NTFS permissions Group Policy

For users who are members of the sales team, you want to force computers to use a specific desktop background and remove access to administrative tools from the Start menu.
Which solution should you use?

Account policies Group Policy File screens Account restrictions

Arrange the Group Policy objects (GPOs) in the order in which they are applied.

The Local Group Policy on the computer. GPOs linked to the domain that contains the user or computer object. GPOs linked to the organizational unit that contains the object.

Match the Group Policy type on the left with the function that it can perform on the right. (Each item can be used more than once.)

Computer configuration
User configuration

Which of the following is a snapin that allows you to apply a template or compare a template to
the existing security settings on your computer?

The NSA Template snapin The Microsoft Management Console snapin The Active Directory Security Template snapin The Security Configuration and Analysis snapin

You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks
directed against NetBIOS. Which ports should you close?

67, 68 135, 137-139 161, 162 389, 636

Which of the following ports does FTP use to establish sessions and manage traffic?

25, 110 20, 21 135 - 139 80, 443

To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible.

Now you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.)

23 80 443 21 20

To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?

80 21 443 69 23

Which of the following network services or protocols uses TCP/IP port 22?

TFTP NNTP IMAP4 SSH

FTPS uses which mechanism to provide security for authentication and data transfer?

Multi-factor authentication IPsec Token devices SSL

You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change.

What is the best way to accomplish this?

Add one manager to the DACL that grants all permissions. Have this user add other managers as required. Create a distribution group for the managers. Add all users as members of the group. Add the group to the file's DACL. Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL. Add each user account to the file's DACL.

• The Development group has been given the Write permission to the Design folder.

• The Sales group has been given the Write permission to the Products folder.

No other permissions have been given to either group.
User Mark Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder.

You want to use groups as much as possible.
What should you do?

Make Mark a member of the Development group; add Mark's user account directly to the ACL for the Products folder. Add Mark's user account directly to the ACL for both the Design and Products folders. Make Mark a member of the Development and Sales groups. Make Mark a member of the Sales group; add Mark's user account directly to the ACL for the Design folder.

You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers.

Add the group to the SACL. Grant the group the necessary user rights. Create a security group for the administrators and add all user accounts to the group. Add the group to the DACL. Create a distribution group for the administrators and add all user accounts to the group.

You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network and control access to files accessed through the network or a local logon.

Which solution should you implement?

NTFS and share permissions NTFS permissions and file screens Share permissions and quotas Share permissions and file screens

You have a shared folder named Reports. Members of the Managers group have been given
write access to the shared folder.
Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file.

What should you do?

Remove Mark Mangum from the Managers group. Add Mark Mangum to the ACL for the Reports directory with Deny permissions. Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions. Configure NTFS permissions for Confidential.xls to allow Read only.

You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server.
What should you do to enable access?

Define user accounts for all external visitors Open ports 20 and 21 for inbound and outbound connections Install a VPN Move the FTP outside of the firewall

Many popular operating systems allow quick and easy file and printer sharing with other network
members. Which of the following is not a means by which file and printer sharing is hardened?

Logging all activity Hosting all shared resources on a single centralized and secured server Imposing granular access control via ACLs Allowing NetBIOS traffic outside of your secured network

Which command should you use to scan for open TCP ports on your Linux system? (Tip: Enter
the command as if at the command prompt.)

nmap -sT

You need to increase the security of your Linux system by finding and closing open ports. Which
of the following commands should you use to locate open ports?

nmap nslookup netstat traceroute

Which command should you use to display both listening and non-listening sockets on your Linux
system? (Tip: Enter the command as if at the command prompt.)

netstat -a

What does the netstat -a command show?

All listening sockets All network users All listening and non-listening sockets All connected hosts

You want to make sure no unneeded software packages are running on your Linux server. Select the command from the drop-down list that you can use to see all installed RPM packages.

yum list packages

You manage the information systems for a large manufacturing firm.

Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Install anti-malware software on each device. Install the latest firmware updates from the device manufacturer. Install a network monitoring agent on each device. Enroll each device in a mobile device management system. Verify that your network's existing security infrastructure is working properly.

You manage information systems for a large co-location data center.
Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Install the latest firmware updates from the device manufacturer. Install anti-malware software on each device. Rely on the device manufacturer to maintain device security with automated firmware updates. Verify that your network's existing security infrastructure is working properly. Enroll each device in a mobile device management system.

Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.)

Devices tend to employ much weaker security than traditional network devices. It is difficult to update the virus definitions used to protect these devices. Smart device vendors tend to proactively protect their products against security threats. Devices are, typically, more difficult to monitor than traditional network devices. These devices are typically installed in the DMZ outside an organization's perimeter firewall.

You notice a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections.

Which of the following labels applies to this growing ecosystem of smart devices?

The smartnet Internet of smart devices Internet of things Dynamic environment

Smart devices are attractive targets for cyber criminals because they typically have minimal security and are not protected with anti-malware software. This makes it easier to exploit these types of devices and perpetrate attacks. Many smart devices can be utilized to conduct a single coordinated attack.

What is this type of attack usually called?

A highly centralized attack A brute force attack A highly distributed attack A smartnet attack

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Encrypt the logs. Store the logs in an offsite facility. Make two copies of each log and store each copy in a different location. Create a hash of each log.

What does hashing of log files provide?

Preventing the system from running when the log files are full Preventing log files from being altered or overwritten Confidentiality to prevent unauthorized reading of the files Proof that the files have not been altered Sequencing of files and log entries to recreate a timeline of events

Over the past few days, a server has gone offline and rebooted automatically several times. You
would like to see a record of when each of these restarts has occurred. Which log type should you check?

Performance System Firewall Security

You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker.
Which log would you monitor?

Application *Firewall8 System Security

Which of the following is a standard for sending log messages to a central logging server?

OVAL Nmap Syslog LC4

You suspect that some of your computers have been hijacked and are being used to perform
denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?

Application System Firewall Security

You suspect that your Web server has been the target of a denial of service attack. You would
like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance Security Firewall System

You are concerned that an attacker can gain access to your Web server, make modifications to the system, and alter the log files to hide his actions. Which of the following actions would best protect the log files?

Encrypt the log files Use syslog to send log entries to another server Configure permissions on the log files to prevent access Take a hash of the log files

You decide to use syslog to send log entries from multiple servers to a central logging server. Which of the following are the most important considerations for your implementation? (Select two.)

Retention policies on the syslog client A fast network connection Disk space on the syslog server Clock synchronization between all devices

Which of the following best describes an audit daemon?

The trusted utility that runs a background process whenever auditing is enabled. The interface that allows the administrator to handle, set up, initialize, and modify subsystem parameters. The component that examines audit trails from current or previous audit sessions and reduces or compresses them for archival. The driver responsible for accepting audit records from the audit kernel.

Which of the following is <b>not</b> included in a system level audit event? (Select two.)

Any actions performed by the user. The user name logging in. Beginning and ending times of access. Names of accessed files. Activities performed on the system. Successful and unsuccessful logon attempts.

The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored?

Detective Corrective Directive Preventative

What is the purpose of audit trails?

Detect security-violating events Problem correction Restore systems to normal operations Prevent security breaches

Which of the following is a collection of recorded data that may include details about logons, object access, and other activities deemed important by your security policy that is often used to detect unwanted and unauthorized user activity?

Audit trail Syslog CPS (certificate practice statement) Chain of custody

A recreation of historical events is made possible through?

Audits Audit trails Incident reports Penetration testing

Which of the following is not an advantage when using an internal auditor to examine security systems and relevant documentation?

An internal auditor has knowledge of the inner workings of the organization. Findings in the audit and subsequent summations are viewed objectively. Orientation time is minimized. An internal auditor is familiar with organizational goals.

Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. Which step must be taken to ensure that the information is useful in maintaining a secure environment?

All files must be verified with the IDS checksum. Periodic reviews must be conducted to detect malicious activity or policy violations. All logs should be deleted and refreshed monthly. The accounting department must compress the logs on a quarterly basis.

Which of the following describes Privilege auditing?

Users' and groups' rights and privileges are checked to guard against creeping privileges. No single user is granted sufficient privileges to compromise the security of an entire environment. An employee is granted the minimum privileges required to perform the duties of her position. Users' activities are logged to document incidents for security investigations and incident response.

Which of the following terms identifies the process of reviewing log files for suspicious activity and threshold compliance?

CompSec Scanning Auditing Phishing

Match the IT audit activity on the left with the appropriate description on the right.

If an SMTP server is not properly and securely configured, it can be hijacked and used maliciously as a SMTP relay agent. Which activity could result if this happens?

Data diddling Spamming Virus hoax Salami attack

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Impersonation Replay attack Sniffing Spam

You have been receiving a lot of phishing emails sent from the domain <b>kenyan.msn.pl</b>. Links within these emails open new browser windows at <b>youneedit.com.pl.</b>
You want to make sure that these emails never reach your inbox, but you want to make sure that emails from other senders are not affected.

What should you do?

Add kenyan.msn.pl to the email blacklist Add youneedit.com.pl to the email blacklist Add pl to the email blacklist Add msn.pl to the email blacklist

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?

Hijacking Trojan horse Spamming Brute force

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware.
What kind of attack has occurred in this scenario?

Spam Repudiation attack Phishing Open SMTP relay

What is the most common means of virus distribution?

Commercial software CDs Music downloaded from the internet Email Floppy disks

You install a new Linux distribution on a server in your network. The distribution includes an SMTP daemon that is enabled by default when the system boots. The SMTP daemon does not require authentication to send email messages.
Which type of email attack is this server susceptible to?

Sniffing Viruses Open SMTP relay Phishing

Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking user name and password. The URL in the link is in the .ru top-level DNS domain.
What kind of attack has occurred?

Phishing Buffer overflow Open SMTP relay Virus

Which of the following mechanisms can you use to add encryption to email? (Select two.)

S/MIME PGP Reverse DNS HTTPS Secure Shell

You want to use a protocol for encrypting emails that uses a PKI with X.509 certificates. Which method should you choose?

AES SSH IPsec S/MIME

Match each bring your own device (BYOD) security issue on the right with a possible remedy on
the left. Each remedy may be used once, more than once, or not at all.

Match each bring your own device (BYOD) security concern on the right with a possible remedy
on the left. Each remedy may be used once, more than once, or not at all.

If a user's BYOD device, such as a tablet or phone, is infected with malware, that malware can be spread if that user connects to your organization's network. One way to prevent this event is to use a network access control (NAC) system.

How does an NAC protect your network from being infected by a BYOD device?

The NAC notifies users that personally-owned devices are subject to random searches if brought on site. The NAC specifies which apps can be used while the BYOD device is connected to the organization's network. The NAC remediates devices before allowing them to connect to your network. The NAC forces BYOD devices to connect to a guest network that is isolated from your production network.

Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands.

The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen.
Which of the following should you implement?

A guest wireless network that is isolated from your organization's production network An acceptable use policy A mobile device management infrastructure A network access control solution

Users in the Sales department perform many of their daily tasks, such as emailing and creating
sales presentations, on personal tablets.

The chief information officer worries that one of these users might also use their tablet to steal sensitive information on the organization's network. Your job is to implement a solution that can insiders from accessing sensitive
information on personal devices.

Which of the following should you implement?

A network access control solution A guest wireless network that is isolated from your organization's production network A mobile device management infrastructure An acceptable use policy

Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them.

To increase the security of these devices, you want to apply a default set of securityrelated configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)

Join the tablets to your domain. Configure security settings in a Group Policy object. Configure and apply security policy settings in a mobile device management system. Link the Group Policy object to the container where the tablets' computer objects reside. Manually configure security settings using Local Group Policy Editor. Enroll the devices in a mobile device management system.

Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS preinstalled on them.

To increase the security of these devices, you want to apply a default set of security-related configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is a part of a
complete solution.)

Require uses to install the configuration profile Join the tablets to a Windows domain Enroll the devices in a mobile device management system Configure security settings in a Group Policy object Configure and distribute security settings in a configuration profile Configure and apply security policy settings in a mobile device management system

Match each mobile device application control term on the right with the appropriate description on the left. Each description may be used once, more than once, or not at all.

Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization.

For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president's home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network.

You've reviewed the vice president's social media pages.

You found pictures of her home posted, but you didn't notice anything in the photos that would give away her home address. She assured you that her smart phone was never misplaced prior to the attack.

Which security weakness is the most likely cause of the security breach?

Sideloaded apps were installed on her smart phone. Geotagging was enabled on her smart phone. An Xmas Tree attack was executed on her smart phone. Weak passwords were used on her smart phone.

Your organization is formulating a bring your own device (BYOD) security policy for mobile devices.

Which of the following statements should be considered as you formulate your policy?

Antimalware software isn't available for most mobile device operating systems. It is difficult for users to connect personal mobile devices to your organization's corporate network. Mobile devices are immune to malware threats. You can't use domainbased group policies to enforce security settings on mobile devices.

Your organization's security policy specifies that any mobile device that connects to your internal network must have Remote Wipe enabled, regardless of ownership. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it.

Your organization recently purchased several Windows RT tablets. Which should you do?

Go to Settings Charm > Change PC settings > Privacy and enable the Remote Wipe setting. Implement Remote Wipe group policies in your domain. Sign up for a Windows Intune account to manage the tablets. Enable Remote Wipe local group policies on each device.

Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Windows Intune account.

One of your sales representatives left her tablet at an airport. The device contains sensitive information, and you need to remove it in case the device is compromised.

Which Intune portal should you use to perform a remote wipe?

Security portal Company portal Account portal Admin portal

Your organization provides its sales force with Windows 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in a cloudbased Windows Intune account.

One of your sales representatives left his notebook at a customer's site. The device contains sensitive information, and you want to change the password to prevent the data from being compromised.

Which Intune portal should you use to remotely change the password?

Security portal Account portal Company portal Admin portal

Which of the following are disadvantages to server virtualization?

Increased hardware costs A compromised host system might affect multiple servers Systems are isolated from each other and cannot interact with other systems A compromised guest system might affect multiple servers

Which of the following are disadvantages of server virtualization?

Increased hardware costs. Systems are isolated from each other and cannot interact with other systems. A compromise of a guest system might affect multiple servers. A failure in one hardware component could affect multiple servers.

You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk.

Which of the following actions would best protect your system?

Run the browser within a virtual environment Change the security level for the internet zone to High Configure the browser to block all cookies and popups Run the browser in protected mode

Which of the following is an advantage of a virtual browser?

Prevents adware and spyware that monitors your internet activity Filters internet content based on ratings Prevents phishing and driveby downloads Protects the host operating system from malicious downloads

Which of the following are advantages of virtualization? (Select two.)

Easy migration of systems to different hardware Redundancy of hardware components for fault tolerance Improved hostbased attack detection Reduced utilization of hardware resources Centralized administration

Match the virtualization feature on the right with the appropriate description on the left.

TestOut Security Pro (2018) Chapter 7 - COMPLETE - Subjecto.com

TestOut Security Pro (2018) Chapter 7 – COMPLETE

Your page rank:

Total word count: 5840
Pages: 21

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

What is the main difference between a worm and a virus?

A worm requires an execution mechanism to start, while a virus can start itself. A worm tries to gather information, while a virus tries to destroy data. A worm can replicate itself, while a virus requires a host for distribution. A worm is restricted to one system, while a virus can spread from system to system.

A collection of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent?

Botnet Logic bomb Spyware Trojan horse

Which is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously?

ActiveX control Worm Outlook Express Trojan horse

Which of the following is undetectable software that allows administrator-level access?

Spyware Rootkit Trojan horse Worm Logic bomb

Which of the following are characteristics of a rootkit? (Select two.)

Monitors user actions and opens popups based on user preferences Uses cookies saved on the hard drive to track user preferences Hides itself from detection Requires administrator-level privileges for installation

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer.
Which of the following terms best describes this software?

Rootkit Spyware Trojan horse Botnet Privilege escalation

Which of the following best describes spyware?

It monitors user actions that denote personal preferences, then sends popups and ads to the user that match their tastes. *It monitors the actions you take on your machine and sends the information back to its originating source.* It is a malicious program disguised as legitimate software. It is a program that attempts to damage a computer system and replicate itself to other computer systems.

What is the primary distinguishing characteristic between a worm and a logic bomb?

Masquerades as a useful program Self-replication Incidental damage to resources Spreads via email

What is another name for a logic bomb?

Asynchronous attack DNS poisoning Pseudo flaw Trojan horse

You have installed antimalware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems.
You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the antimalware software.
What has happened to the file?

It has been deleted from your system. It has been moved to a secure folder on your computer. The infection has been removed, and the file has been saved to a different location. The file extension has been changed to prevent it from running.

Which of the following statements about the use of antivirus software is correct?

If servers on a network have antivirus software installed, workstations do not need antivirus software installed. If you install antivirus software, you no longer need a firewall on your network. Anti-virus software should be configured to download updated virus definition files as soon as they become available. Once installed, antivirus software needs to be updated on a monthly basis.

If your antivirus software does not detect and remove a virus, what should you try first?

Set the readonly attribute of the file you believe to be infected. Search for and delete the file you believe to be infected. Scan the computer using another virus detection program. Update your virus detection software.

You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day.
What else should you do to protect your systems from malware? (Select two.)

Enable chassis intrusion detection Disable UAC Schedule regular full system scans Enable account lockout Educate users about malware

To tightly control the antimalware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware.
Which of the following actions would best prevent this scenario from occurring again?

Switch to a more reliable antivirus software Carefully review open firewall ports and close any unnecessary ports Create a scheduled task to run sfc.exe daily Configure the software to automatically download the virus definition files as soon as they become available

Which type of virus conceals its presence by intercepting system requests and altering service outputs?

Retro Slow Polymorphic Stealth

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of common user names and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?

A strong password policy VLANs 3DES encryption AES encryption

Which of the following password attacks uses preconfigured matrices of hashed dictionary words?

Dictionary Hybrid Brute force Rainbow table

Which of the following is most vulnerable to a brute force attack?

Challenge-response token authentication Password authentication Two-factor authentication Biometric authentication

A user named Bob Smith has been assigned a new desktop workstation to complete his dayto day work.
When provisioning Bob’s user account in your organization’s domain, you assigned an account name of BSmith with an initial password of bw2Fs3d.

On first login, Bob is prompted to change his password, so he changes it to the name of his dog (Fido).
What should you do to increase the security of Bob’s account? (Select two.)

Use a stronger initial password when creating user accounts. Train users not to use passwords that are easy to guess. Use Group Policy to require strong passwords on user accounts. Require him to use the initial password, which meets the complexity requirements. Do no allow users to change their own passwords. Configure user account names that are not easy to guess.

Which of the following strategies can protect against a rainbow table password attack?

Encrypt the password file with oneway encryption Add random bits to the password before hashing takes place Educate users to resist social engineering attacks Enforce strict password restrictions

Which of the following actions should you take to reduce the attack surface of a server?

Install antimalware software Disable unused services Install the latest patches and hotfixes Install a hostbased IDS

Which of the following describes a configuration baseline?

A set of performance statistics that identifies normal operating performance A list of common security settings that a group or all devices share The minimum services required for a server to function A collection of security settings that can be automatically applied to a device

You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server.

Which of the following recommendations should you follow when applying the hotfix?

Apply the hotfix immediately to the server; apply the hotfix to other devices only as the security threat manifests itself. Apply the hotfix immediately to all servers. Test the hotfix and then apply it to the server that had the problem. Test the hotfix and then apply it to all servers.

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Select two.)

Implement separation of duties Conduct privilege escalation Change default account passwords Apply all patches and updates Remove any backdoors

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a shortterm, periodic basis (typically monthly)?

Kernel fix kit Hotfix Targeted software patch Service pack

Which of the following is the best recommendation for applying hotfixes to your servers?

Apply all hotfixes before applying the corresponding service pack Apply hotfixes immediately as they are released Wait until a hotfix becomes a patch, then apply it Apply only the hotfixes that affect to software running on your systems

By definition, what is the process of reducing security exposure and tightening security controls?

Social engineering Passive reconnaissance Active scanning Hardening

When securing a newly deployed server, which of the following rules of thumb should be followed?

Disable all unused services Disable each service in turn and then test the system for negative effects Determine unneeded services and their dependencies before altering the system Disable all services not associated with supporting shared network services

Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? (Select two.)

WSUS Group Policy Security Templates Security Configuration and Analysis

You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automatically apply them to multiple computers.
Which tool is your best choice for accomplishing this task?

WSUS Security Templates Group Policy Security Configuration and Analysis

Which of the following solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers?

Account policies Account restrictions NTFS permissions Group Policy

For users who are members of the sales team, you want to force computers to use a specific desktop background and remove access to administrative tools from the Start menu.
Which solution should you use?

Account policies Group Policy File screens Account restrictions

Arrange the Group Policy objects (GPOs) in the order in which they are applied.

The Local Group Policy on the computer. GPOs linked to the domain that contains the user or computer object. GPOs linked to the organizational unit that contains the object.

Match the Group Policy type on the left with the function that it can perform on the right. (Each item can be used more than once.)

Computer configuration
User configuration

Which of the following is a snapin that allows you to apply a template or compare a template to
the existing security settings on your computer?

The NSA Template snapin The Microsoft Management Console snapin The Active Directory Security Template snapin The Security Configuration and Analysis snapin

You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks
directed against NetBIOS. Which ports should you close?

67, 68 135, 137-139 161, 162 389, 636

Which of the following ports does FTP use to establish sessions and manage traffic?

25, 110 20, 21 135 – 139 80, 443

To transfer files to your company’s internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible.

Now you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.)

23 80 443 21 20

To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?

80 21 443 69 23

Which of the following network services or protocols uses TCP/IP port 22?

TFTP NNTP IMAP4 SSH

FTPS uses which mechanism to provide security for authentication and data transfer?

Multi-factor authentication IPsec Token devices SSL

You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change.

What is the best way to accomplish this?

Add one manager to the DACL that grants all permissions. Have this user add other managers as required. Create a distribution group for the managers. Add all users as members of the group. Add the group to the file’s DACL. Create a security group for the managers. Add all users as members of the group. Add the group to the file’s DACL. Add each user account to the file’s DACL.

• The Development group has been given the Write permission to the Design folder.

• The Sales group has been given the Write permission to the Products folder.

No other permissions have been given to either group.
User Mark Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder.

You want to use groups as much as possible.
What should you do?

Make Mark a member of the Development group; add Mark’s user account directly to the ACL for the Products folder. Add Mark’s user account directly to the ACL for both the Design and Products folders. Make Mark a member of the Development and Sales groups. Make Mark a member of the Sales group; add Mark’s user account directly to the ACL for the Design folder.

You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers.

Add the group to the SACL. Grant the group the necessary user rights. Create a security group for the administrators and add all user accounts to the group. Add the group to the DACL. Create a distribution group for the administrators and add all user accounts to the group.

You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network and control access to files accessed through the network or a local logon.

Which solution should you implement?

NTFS and share permissions NTFS permissions and file screens Share permissions and quotas Share permissions and file screens

You have a shared folder named Reports. Members of the Managers group have been given
write access to the shared folder.
Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file.

What should you do?

Remove Mark Mangum from the Managers group. Add Mark Mangum to the ACL for the Reports directory with Deny permissions. Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions. Configure NTFS permissions for Confidential.xls to allow Read only.

You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server.
What should you do to enable access?

Define user accounts for all external visitors Open ports 20 and 21 for inbound and outbound connections Install a VPN Move the FTP outside of the firewall

Many popular operating systems allow quick and easy file and printer sharing with other network
members. Which of the following is not a means by which file and printer sharing is hardened?

Logging all activity Hosting all shared resources on a single centralized and secured server Imposing granular access control via ACLs Allowing NetBIOS traffic outside of your secured network

Which command should you use to scan for open TCP ports on your Linux system? (Tip: Enter
the command as if at the command prompt.)

nmap -sT

You need to increase the security of your Linux system by finding and closing open ports. Which
of the following commands should you use to locate open ports?

nmap nslookup netstat traceroute

Which command should you use to display both listening and non-listening sockets on your Linux
system? (Tip: Enter the command as if at the command prompt.)

netstat -a

What does the netstat -a command show?

All listening sockets All network users All listening and non-listening sockets All connected hosts

You want to make sure no unneeded software packages are running on your Linux server. Select the command from the drop-down list that you can use to see all installed RPM packages.

yum list packages

You manage the information systems for a large manufacturing firm.

Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Install anti-malware software on each device. Install the latest firmware updates from the device manufacturer. Install a network monitoring agent on each device. Enroll each device in a mobile device management system. Verify that your network’s existing security infrastructure is working properly.

You manage information systems for a large co-location data center.
Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app.

You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Install the latest firmware updates from the device manufacturer. Install anti-malware software on each device. Rely on the device manufacturer to maintain device security with automated firmware updates. Verify that your network’s existing security infrastructure is working properly. Enroll each device in a mobile device management system.

Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.)

Devices tend to employ much weaker security than traditional network devices. It is difficult to update the virus definitions used to protect these devices. Smart device vendors tend to proactively protect their products against security threats. Devices are, typically, more difficult to monitor than traditional network devices. These devices are typically installed in the DMZ outside an organization’s perimeter firewall.

You notice a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections.

Which of the following labels applies to this growing ecosystem of smart devices?

The smartnet Internet of smart devices Internet of things Dynamic environment

Smart devices are attractive targets for cyber criminals because they typically have minimal security and are not protected with anti-malware software. This makes it easier to exploit these types of devices and perpetrate attacks. Many smart devices can be utilized to conduct a single coordinated attack.

What is this type of attack usually called?

A highly centralized attack A brute force attack A highly distributed attack A smartnet attack

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Encrypt the logs. Store the logs in an offsite facility. Make two copies of each log and store each copy in a different location. Create a hash of each log.

What does hashing of log files provide?

Preventing the system from running when the log files are full Preventing log files from being altered or overwritten Confidentiality to prevent unauthorized reading of the files Proof that the files have not been altered Sequencing of files and log entries to recreate a timeline of events

Over the past few days, a server has gone offline and rebooted automatically several times. You
would like to see a record of when each of these restarts has occurred. Which log type should you check?

Performance System Firewall Security

You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker.
Which log would you monitor?

Application *Firewall8 System Security

Which of the following is a standard for sending log messages to a central logging server?

OVAL Nmap Syslog LC4

You suspect that some of your computers have been hijacked and are being used to perform
denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?

Application System Firewall Security

You suspect that your Web server has been the target of a denial of service attack. You would
like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance Security Firewall System

You are concerned that an attacker can gain access to your Web server, make modifications to the system, and alter the log files to hide his actions. Which of the following actions would best protect the log files?

Encrypt the log files Use syslog to send log entries to another server Configure permissions on the log files to prevent access Take a hash of the log files

You decide to use syslog to send log entries from multiple servers to a central logging server. Which of the following are the most important considerations for your implementation? (Select two.)

Retention policies on the syslog client A fast network connection Disk space on the syslog server Clock synchronization between all devices

Which of the following best describes an audit daemon?

The trusted utility that runs a background process whenever auditing is enabled. The interface that allows the administrator to handle, set up, initialize, and modify subsystem parameters. The component that examines audit trails from current or previous audit sessions and reduces or compresses them for archival. The driver responsible for accepting audit records from the audit kernel.

Which of the following is <b>not</b> included in a system level audit event? (Select two.)

Any actions performed by the user. The user name logging in. Beginning and ending times of access. Names of accessed files. Activities performed on the system. Successful and unsuccessful logon attempts.

The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored?

Detective Corrective Directive Preventative

What is the purpose of audit trails?

Detect security-violating events Problem correction Restore systems to normal operations Prevent security breaches

Which of the following is a collection of recorded data that may include details about logons, object access, and other activities deemed important by your security policy that is often used to detect unwanted and unauthorized user activity?

Audit trail Syslog CPS (certificate practice statement) Chain of custody

A recreation of historical events is made possible through?

Audits Audit trails Incident reports Penetration testing

Which of the following is not an advantage when using an internal auditor to examine security systems and relevant documentation?

An internal auditor has knowledge of the inner workings of the organization. Findings in the audit and subsequent summations are viewed objectively. Orientation time is minimized. An internal auditor is familiar with organizational goals.

Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. Which step must be taken to ensure that the information is useful in maintaining a secure environment?

All files must be verified with the IDS checksum. Periodic reviews must be conducted to detect malicious activity or policy violations. All logs should be deleted and refreshed monthly. The accounting department must compress the logs on a quarterly basis.

Which of the following describes Privilege auditing?

Users’ and groups’ rights and privileges are checked to guard against creeping privileges. No single user is granted sufficient privileges to compromise the security of an entire environment. An employee is granted the minimum privileges required to perform the duties of her position. Users’ activities are logged to document incidents for security investigations and incident response.

Which of the following terms identifies the process of reviewing log files for suspicious activity and threshold compliance?

CompSec Scanning Auditing Phishing

Match the IT audit activity on the left with the appropriate description on the right.

If an SMTP server is not properly and securely configured, it can be hijacked and used maliciously as a SMTP relay agent. Which activity could result if this happens?

Data diddling Spamming Virus hoax Salami attack

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Impersonation Replay attack Sniffing Spam

You have been receiving a lot of phishing emails sent from the domain <b>kenyan.msn.pl</b>. Links within these emails open new browser windows at <b>youneedit.com.pl.</b>
You want to make sure that these emails never reach your inbox, but you want to make sure that emails from other senders are not affected.

What should you do?

Add kenyan.msn.pl to the email blacklist Add youneedit.com.pl to the email blacklist Add pl to the email blacklist Add msn.pl to the email blacklist

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?

Hijacking Trojan horse Spamming Brute force

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware.
What kind of attack has occurred in this scenario?

Spam Repudiation attack Phishing Open SMTP relay

What is the most common means of virus distribution?

Commercial software CDs Music downloaded from the internet Email Floppy disks

You install a new Linux distribution on a server in your network. The distribution includes an SMTP daemon that is enabled by default when the system boots. The SMTP daemon does not require authentication to send email messages.
Which type of email attack is this server susceptible to?

Sniffing Viruses Open SMTP relay Phishing

Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking user name and password. The URL in the link is in the .ru top-level DNS domain.
What kind of attack has occurred?

Phishing Buffer overflow Open SMTP relay Virus

Which of the following mechanisms can you use to add encryption to email? (Select two.)

S/MIME PGP Reverse DNS HTTPS Secure Shell

You want to use a protocol for encrypting emails that uses a PKI with X.509 certificates. Which method should you choose?

AES SSH IPsec S/MIME

Match each bring your own device (BYOD) security issue on the right with a possible remedy on
the left. Each remedy may be used once, more than once, or not at all.

Match each bring your own device (BYOD) security concern on the right with a possible remedy
on the left. Each remedy may be used once, more than once, or not at all.

If a user’s BYOD device, such as a tablet or phone, is infected with malware, that malware can be spread if that user connects to your organization’s network. One way to prevent this event is to use a network access control (NAC) system.

How does an NAC protect your network from being infected by a BYOD device?

The NAC notifies users that personally-owned devices are subject to random searches if brought on site. The NAC specifies which apps can be used while the BYOD device is connected to the organization’s network. The NAC remediates devices before allowing them to connect to your network. The NAC forces BYOD devices to connect to a guest network that is isolated from your production network.

Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands.

The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen.
Which of the following should you implement?

A guest wireless network that is isolated from your organization’s production network An acceptable use policy A mobile device management infrastructure A network access control solution

Users in the Sales department perform many of their daily tasks, such as emailing and creating
sales presentations, on personal tablets.

The chief information officer worries that one of these users might also use their tablet to steal sensitive information on the organization’s network. Your job is to implement a solution that can insiders from accessing sensitive
information on personal devices.

Which of the following should you implement?

A network access control solution A guest wireless network that is isolated from your organization’s production network A mobile device management infrastructure An acceptable use policy

Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them.

To increase the security of these devices, you want to apply a default set of securityrelated configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)

Join the tablets to your domain. Configure security settings in a Group Policy object. Configure and apply security policy settings in a mobile device management system. Link the Group Policy object to the container where the tablets’ computer objects reside. Manually configure security settings using Local Group Policy Editor. Enroll the devices in a mobile device management system.

Your organization recently purchased 18 iPad tablets for use by the organization’s management team. These devices have iOS preinstalled on them.

To increase the security of these devices, you want to apply a default set of security-related configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is a part of a
complete solution.)

Require uses to install the configuration profile Join the tablets to a Windows domain Enroll the devices in a mobile device management system Configure security settings in a Group Policy object Configure and distribute security settings in a configuration profile Configure and apply security policy settings in a mobile device management system

Match each mobile device application control term on the right with the appropriate description on the left. Each description may be used once, more than once, or not at all.

Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization.

For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president’s home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network.

You’ve reviewed the vice president’s social media pages.

You found pictures of her home posted, but you didn’t notice anything in the photos that would give away her home address. She assured you that her smart phone was never misplaced prior to the attack.

Which security weakness is the most likely cause of the security breach?

Sideloaded apps were installed on her smart phone. Geotagging was enabled on her smart phone. An Xmas Tree attack was executed on her smart phone. Weak passwords were used on her smart phone.

Your organization is formulating a bring your own device (BYOD) security policy for mobile devices.

Which of the following statements should be considered as you formulate your policy?

Antimalware software isn’t available for most mobile device operating systems. It is difficult for users to connect personal mobile devices to your organization’s corporate network. Mobile devices are immune to malware threats. You can’t use domainbased group policies to enforce security settings on mobile devices.

Your organization’s security policy specifies that any mobile device that connects to your internal network must have Remote Wipe enabled, regardless of ownership. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it.

Your organization recently purchased several Windows RT tablets. Which should you do?

Go to Settings Charm > Change PC settings > Privacy and enable the Remote Wipe setting. Implement Remote Wipe group policies in your domain. Sign up for a Windows Intune account to manage the tablets. Enable Remote Wipe local group policies on each device.

Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Windows Intune account.

One of your sales representatives left her tablet at an airport. The device contains sensitive information, and you need to remove it in case the device is compromised.

Which Intune portal should you use to perform a remote wipe?

Security portal Company portal Account portal Admin portal

Your organization provides its sales force with Windows 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in a cloudbased Windows Intune account.

One of your sales representatives left his notebook at a customer’s site. The device contains sensitive information, and you want to change the password to prevent the data from being compromised.

Which Intune portal should you use to remotely change the password?

Security portal Account portal Company portal Admin portal

Which of the following are disadvantages to server virtualization?

Increased hardware costs A compromised host system might affect multiple servers Systems are isolated from each other and cannot interact with other systems A compromised guest system might affect multiple servers

Which of the following are disadvantages of server virtualization?

Increased hardware costs. Systems are isolated from each other and cannot interact with other systems. A compromise of a guest system might affect multiple servers. A failure in one hardware component could affect multiple servers.

You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk.

Which of the following actions would best protect your system?

Run the browser within a virtual environment Change the security level for the internet zone to High Configure the browser to block all cookies and popups Run the browser in protected mode

Which of the following is an advantage of a virtual browser?

Prevents adware and spyware that monitors your internet activity Filters internet content based on ratings Prevents phishing and driveby downloads Protects the host operating system from malicious downloads

Which of the following are advantages of virtualization? (Select two.)

Easy migration of systems to different hardware Redundancy of hardware components for fault tolerance Improved hostbased attack detection Reduced utilization of hardware resources Centralized administration

Match the virtualization feature on the right with the appropriate description on the left.

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending