Show:
Security Threats
Authentication
Authentication2
Data Encryption
Security Threats2/Data Encryption
100

What is the best countermeasure against social engineering? 


a. User awareness training

b. Access auditing


User awareness training

100

Which of the following security measures is a form of biometrics? 

a. BIOS password 

b. Fingerprint scanner

Fingerprint scanner

100

A technician assists Joe, an employee in the Sales department, who needs access to the client database by granting Joe administrator privileges. Later, Joe discovers he has access to the salaries in the payroll database. Which of the following security practices was violated?

a. Multifactor authentication 

b. Principle of least privilege

Principle of least privilege

100

Which Internet protocol is used to transmit encrypted data? 

a. HTTP 

b. HTTPS

HTTPS

100

A large number of compromised computers are infected with malware that allows an attacker (herder) to control them to spread email spam and launch denial-of-service attacks. Which of the following does this security threat describe?

a. Zombie/botnet

b. Man-in-the-middle  

Zombie/botnet

200

Which of the following is a common form of social engineering attack? 

a. Hoax virus information emails.

b.  Stealing the key card of an employee and using that to enter a secured building.


Hoax virus information emails.

200

What do biometrics use to perform authentication of identity? 

a. Knowledge of passwords 

b. Biological attributes 

Biological attributes

200

 

Ted, an employee in the Sales department has asked a coworker, Ann, in the Production department to update the product descriptions contained in a Sales document. Ann can open the file but, after making changes, can't save the file. Which of the following digital security methods is MOST likely preventing this?

a. Directory permission 

b. Data loss prevention

Directory permission

200

Which of the following protocols can be enabled so email is encrypted on a mobile device? 

a. SSL

b. IMAP

SSL

200

An attacker intercepts communications between two network hosts by impersonating each host. 

a. Wiretapping

b. Power outage 

Power outage

300

Which of the following describes a Man-in-the-Middle attack? 

a. An attacker intercepts communications between two network hosts by impersonating each host.

b. An IP packet is constructed which is larger than the valid size.


An attacker intercepts communications between two network hosts by impersonating each host. 

300

Which of the following is not a form of biometrics? 

a. Retina scan

b. Smart card  

Smart card

300

Which of the following access controls gives only backup administrators access to all servers on the network? 

a. Discretionary 

b. Role-based

Role-based

300

A technician is tasked to add a valid certificate to a mobile device so that encrypted emails can be opened.
Which of the following email protocols is being used? 

a. S/MIME 

b. IMEI 

S/MIME

300

A user has opened a web browser and accessed a website where they are creating an account. The registration page is asking the user for their username (email address) and a password. The user looks at the URL and the protocol being used is HTTP. Which of the following describes how the data will be transmitted from the webpage to the webserver? 

a. Plain text 

b. Cipher text 

Plain text

400

In which of the following situations should you expect total privacy? 

a. Financial transactions

b. Social networking 

Financial transactions

400

After entering a user ID and password, an online banking user must enter a PIN that was sent as a text message to the user's mobile phone. Which of the following digital security methods is being used?

a. 

b. DLP

Multifactor authentication

400

If a malicious user gains access to the system, which component of the framework lets administrators know how they gained access and what exactly they did? 

a. Accounting 

b. Access control 

 Accounting

400

While configuring a wireless access point device, a technician is presented with several security mode options. Which of the following options will provide the most secure access?

a. WPA and AES 

b. WPA2 and AES 

WPA2 and AES

400

An accountant needs to send an email with sensitive information to a client and wants to prevent someone from reading the email if it is intercepted in transit. The client's email system does not allow them to receive attachments due to their company security policies. Which of the following should the accountant use to send the email? 

a. Plain text 

b. Cipher text 

Cipher text

500

In which of the following should you expect some privacy? 

a. Personally identifiable information entered into a human resource database

b. Sharing a photo through a mobile phone app  

Personally identifiable information entered into a human resource database

500

Your company wants to use multifactor authentication. Which of the following would you most likely suggest? 

a.  Token and smartphone 

b.  PIN and smart card

PIN and smart card

500

Your company has surveillance cameras in your office, uses strong authentication protocols, and requires biometric factors for access control. These are all examples of what principle? 

a. Authentication

b. Non-repudiation

Non-repudiation

500

A technician is tasked to configure a mobile device to connect securely to the company network when the device is used at offsite locations where only internet connectivity is available. Which of the following should the technician configure?

a. Bluetooth 

b. VPN 

VPN

500

A small business wants to make sure their wireless network is using the strongest encryption to prevent unauthorized access. Which of the following wireless encryption standards should be used? 

a. WEP 

b. WPA2 

WPA2