Chapter 7 & 8 Security +

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ernestleeburns
E
Ernestleeburns
Community Contributor
Quizzes Created: 6 | Total Attempts: 608
| Attempts: 133
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/53 Questions

    Which of the following logical access control methods would a security administrator need to modify in order to control network traffic passing through a router to a different network?

    • Configuring VLAN 1
    • ACL
    • Logical tokens
    • Role-based access control changes
Please wait...
About This Quiz

This quiz assesses knowledge in network and information security, focusing on logical access control, best practices for resource access, and authentication methods. It is designed for learners preparing for Security+ certification, enhancing skills in securing databases and networks.

Chapter 7 & 8 Security + - Quiz

Quiz Preview

  • 2. 

    After installing database software the administrator must manually change the default administrative password, remove a default database, and adjust permissions on specific files. These actions are BEST described as:

    • Vulnerability assessment

    • Mandatory access control

    • Application hardening

    • Least priviledge

    Correct Answer
    A. Mandatory access control
    Explanation
    The actions of changing the default administrative password, removing a default database, and adjusting permissions on specific files are considered as mandatory access control. This term refers to the practice of enforcing strict access control policies and procedures to ensure that only authorized individuals have access to sensitive resources. By implementing these measures, the administrator is ensuring that the database software is secure and protected from unauthorized access.

    Rate this question:

  • 3. 

    Which of the following methods is a best practice for granting access to resources?

    • Add ACLs to computers, add computers to groups

    • Add ACLs to user; add users to groups

    • Add users to ACLs; add computers to groups

    • Add groups to ACLs; add users and computers to groups

    Correct Answer
    A. Add groups to ACLs; add users and computers to groups
    Explanation
    The best practice for granting access to resources is to add groups to ACLs and then add users and computers to those groups. By doing so, access can be easily managed and controlled at the group level, rather than individually assigning permissions to each user or computer. This approach allows for efficient administration and simplifies the process of granting or revoking access to resources.

    Rate this question:

  • 4. 

    Which of the following may cause a user, connected to NAC-enabled network, to not be prompted for credentials

    • The user's PC is missing the authentication agent

    • The user's PC is not fully patched

    • The user's PC is not at the latest service pack

    • The user's PC has out-of-date antivirus software

    Correct Answer
    A. The user's PC is missing the authentication agent
    Explanation
    If the user's PC is missing the authentication agent, it means that the necessary software or component that facilitates the authentication process is not installed or functioning properly on the user's PC. This could cause the user to not be prompted for credentials because the authentication agent is responsible for initiating the authentication process and requesting the user to provide their credentials. Without the authentication agent, the network may not recognize the user's PC as a valid and trusted device, leading to the lack of prompt for credentials.

    Rate this question:

  • 5. 

    Which of the following is an example of two-factor authentication?

    • PIN and password

    • Smartcard and token

    • Smartcard and PIN

    • Fingerprint and retina scan

    Correct Answer
    A. Smartcard and PIN
    Explanation
    Smartcard and PIN is an example of two-factor authentication because it requires the use of two different factors to verify the user's identity. The smartcard serves as the first factor, which is something the user possesses, and the PIN serves as the second factor, which is something the user knows. By combining these two factors, it adds an extra layer of security to the authentication process, making it more difficult for unauthorized individuals to gain access.

    Rate this question:

  • 6. 

    Which of the following uses a three-way handshake for authentication and is commonly used in PPP connections?

    • MD5

    • CHAP

    • Kerberos

    • SLIP

    Correct Answer
    A. CHAP
    Explanation
    CHAP (Challenge Handshake Authentication Protocol) uses a three-way handshake for authentication and is commonly used in PPP (Point-to-Point Protocol) connections. During the handshake process, the server sends a challenge to the client, which responds with a hashed value of the challenge using a shared secret. The server then compares the received response with its own calculation to verify the client's identity. This authentication method provides a higher level of security compared to other options listed, such as MD5 (Message Digest Algorithm 5), Kerberos, and SLIP (Serial Line Internet Protocol).

    Rate this question:

  • 7. 

    To ensure users are logging into their systems using a least priviledge method, which of the following should be done?

    • Create a user account without administrator priviledges

    • Employ a BIOS password that differs from the domain password

    • Enforce a group policy with the least amount of account restrictions

    • Allow users to determine their needs and access to resources

    Correct Answer
    A. Create a user account without administrator priviledges
    Explanation
    To ensure users are logging into their systems using a least privilege method, creating a user account without administrator privileges is the correct approach. This means that the user will have limited access and permissions, reducing the risk of unauthorized actions or system changes. By not granting administrator privileges, users will only have access to the resources and functionalities necessary for their tasks, promoting security and minimizing the potential for accidental or intentional misuse of system resources.

    Rate this question:

  • 8. 

    A user wants to edit a file that they currently have read-only rights to; however, they are unable to provide a business justification, so the request is denied.  This is the principle of:

    • Seperation of duties

    • Job-based access control

    • Least priviledge

    • Remote access policy

    Correct Answer
    A. Least priviledge
    Explanation
    The principle of least privilege states that a user should only be given the minimum level of access necessary to perform their job duties. In this scenario, the user wants to edit a file but does not have the necessary permissions. This is an example of applying the principle of least privilege because the user's access rights are restricted to read-only, which is the minimum level of access required for their job role.

    Rate this question:

  • 9. 

    Which of the following is a BEST practice for organizing users when impementing a least priviledge model?

    • By function

    • By department

    • By geographic location

    • By management level

    Correct Answer
    A. By function
    Explanation
    Organizing users by function is considered a best practice when implementing a least privilege model. This approach groups users based on their specific job roles or responsibilities, allowing for more granular control over access permissions. By organizing users in this way, administrators can easily assign and revoke privileges based on the functions or tasks that users need to perform, reducing the risk of granting unnecessary access rights. This helps to minimize the potential for privilege abuse or unauthorized access, enhancing overall security and compliance in the organization.

    Rate this question:

  • 10. 

    The process of validating a user's claimed identity is called:

    • Identification

    • Authorization

    • Validation

    • Repudiation

    Correct Answer
    A. Identification
    Explanation
    Identification is the process of validating a user's claimed identity. It involves verifying the user's credentials, such as username and password, to ensure that they are who they claim to be. This process is essential for ensuring the security and integrity of a system or application, as it helps prevent unauthorized access and protects sensitive information.

    Rate this question:

  • 11. 

    Which of the following is a detective security control?

    • CCTV

    • Firewall

    • Design reviews

    • Bollards

    Correct Answer
    A. CCTV
    Explanation
    CCTV (Closed Circuit Television) is a detective security control as it is used to monitor and record activities in a specific area. It allows for the identification and investigation of security incidents after they have occurred. CCTV can provide valuable evidence in the event of theft, vandalism, or other criminal activities. It acts as a deterrent and helps in maintaining a secure environment by constantly monitoring and recording activities.

    Rate this question:

  • 12. 

    Which of the following is a reason to implement Kerberos over local system authentication?

    • Authentication to multiple devices

    • Centralized file integrity protection

    • Non-repudiation

    • Greater password complexity

    Correct Answer
    A. Centralized file integrity protection
    Explanation
    Implementing Kerberos over local system authentication provides centralized file integrity protection. Kerberos is a network authentication protocol that uses a centralized authentication server to verify the identities of users and devices. By implementing Kerberos, organizations can ensure that all file access and modifications are tracked and protected centrally, preventing unauthorized changes or tampering. This centralized approach enhances the security and integrity of the files across multiple devices and provides a more robust protection mechanism compared to local system authentication.

    Rate this question:

  • 13. 

    Which of the following faciliates computing for heavily utilized systems and networks?

    • Remote access

    • Provider cloud

    • VPN concentrator

    • Telephony

    Correct Answer
    A. VPN concentrator
    Explanation
    A VPN concentrator is a device that allows multiple VPN connections to be established and managed simultaneously. It is specifically designed to handle large volumes of traffic and provide secure communication between multiple networks or systems. Therefore, a VPN concentrator is the most suitable option for facilitating computing for heavily utilized systems and networks.

    Rate this question:

  • 14. 

    Which of the following is a reason to use TACACS+ over RADIUS?

    • Combines authentication and authorization

    • Encryption of all data between client and server

    • TACACS+ uses the UDP protocol

    • TACACS+ has less attribute-value pairs

    Correct Answer
    A. Encryption of all data between client and server
    Explanation
    TACACS+ is preferred over RADIUS because it provides encryption for all data transmitted between the client and server. This ensures that the data is secure and cannot be intercepted or tampered with by unauthorized users.

    Rate this question:

  • 15. 

    Which of the following describes an attack technique by which an intruder gains physical access by following an authorized user into a fcility before the door is closed?

    • Shoulder surfing

    • Tailgating

    • Escalation

    • Impersonation

    Correct Answer
    A. Tailgating
    Explanation
    Tailgating is an attack technique where an intruder gains physical access to a facility by following an authorized user through a door before it is closed. This technique relies on the intruder blending in with legitimate users and taking advantage of their access privileges. The intruder may use various tactics, such as acting confident or carrying items that make them appear like an employee or visitor. Once inside, the intruder can carry out malicious activities without raising suspicion.

    Rate this question:

  • 16. 

    Which of the following access control methods provides the BEST protection against attackers logging on as authorized user?

    • Require a PIV card

    • Utilize time of day restrictions

    • Implement deny

    • Utilize seperation of duties

    Correct Answer
    A. Utilize seperation of duties
    Explanation
    Utilizing separation of duties provides the best protection against attackers logging on as authorized users. This method ensures that multiple individuals are involved in critical tasks and responsibilities, reducing the risk of unauthorized access. By dividing roles and assigning different responsibilities to different individuals, it becomes more difficult for attackers to gain full access and control. This method also helps in detecting and preventing insider threats, as it requires collusion between multiple individuals to carry out unauthorized actions.

    Rate this question:

  • 17. 

    Centrally authenticating multiple systems and applications against a federated user database is an example of:

    • Smart card

    • Common access card

    • Single sign-on

    • Access control list

    Correct Answer
    A. Single sign-on
    Explanation
    Centrally authenticating multiple systems and applications against a federated user database refers to the concept of single sign-on. Single sign-on allows users to log in once and gain access to multiple systems without the need for separate authentication. This enhances user convenience and improves security by reducing the need for multiple passwords and credentials.

    Rate this question:

  • 18. 

    Which of the following uses tickets to identify users to the network?

    • RADIUS

    • LDAP

    • TACACS+

    • Kerberos

    Correct Answer
    A. Kerberos
    Explanation
    Kerberos is the correct answer because it uses tickets to authenticate and identify users to the network. Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret key cryptography. When a user requests access to a network resource, Kerberos issues a ticket to the user, which is then presented to the network server for authentication. This ticket-based authentication system ensures secure and trusted communication between users and network services.

    Rate this question:

  • 19. 

    Which of the following is an example of implementing security using the least priviledge principle?

    • Confidentiality

    • Availability

    • Integrity

    • Non-repudiation

    Correct Answer
    A. Availability
    Explanation
    Implementing security using the least privilege principle means that individuals or processes are only given the minimum level of access necessary to perform their tasks. Availability, in this context, does not align with the least privilege principle as it focuses on ensuring that resources are accessible and usable when needed, rather than restricting access to only what is necessary. Therefore, availability is not an example of implementing security using the least privilege principle.

    Rate this question:

  • 20. 

    Which of the following is an authentication method that uses symmetric key encryption and a key distribution center?

    • MS-CHAP

    • Kerberos

    • 802.1x

    • EAP

    Correct Answer
    A. Kerberos
    Explanation
    Kerberos is an authentication method that uses symmetric key encryption and a key distribution center. It is widely used in computer networks to provide secure authentication for users and services. Kerberos uses a trusted third-party server called the Key Distribution Center (KDC) to distribute and manage encryption keys. This allows users and services to securely authenticate and communicate with each other.

    Rate this question:

  • 21. 

    Which of the following is a preventative physical security measure?

    • Video surveillance

    • External lighting

    • Physical access log

    • Access control system

    Correct Answer
    A. Access control system
    Explanation
    An access control system is a preventative physical security measure because it allows organizations to control and restrict access to certain areas or resources. By using mechanisms such as key cards, biometric authentication, or passwords, the access control system ensures that only authorized individuals can enter specific areas. This helps to prevent unauthorized access, theft, or damage to valuable assets, providing an additional layer of security to the physical environment.

    Rate this question:

  • 22. 

    Mandatory Acess Control (MAC) allows:

    • Access rights indicated by the role of the individual

    • Access associated with the classification of data

    • A system administrator to centralized policy

    • Rights to be assigned by the data owner

    Correct Answer
    A. Access associated with the classification of data
    Explanation
    Mandatory Access Control (MAC) is a security mechanism that determines access rights based on the classification of data. It ensures that access to data is granted or denied based on the sensitivity or classification level of the data. This means that only individuals with the appropriate clearance level can access certain classified data. MAC is different from role-based access control (RBAC), which assigns access rights based on the role of the individual. In MAC, access rights are determined by the classification of the data itself, not the role of the user.

    Rate this question:

  • 23. 

    The administrator needs to require all users to use complex passwords.  Which of the following would be the BEST way to do this?

    • Set a local password policy on each workstation and server

    • Set a domain password policy

    • Set a group policy to enforce password changes

    • Post a memo detailing the requirement of the new password complexity requirements

    Correct Answer
    A. Set a domain password policy
    Explanation
    Setting a domain password policy would be the best way to require all users to use complex passwords. A domain password policy allows the administrator to enforce password complexity requirements across the entire network, ensuring that all users are required to create strong passwords. This centralized approach is more efficient and effective than setting a local password policy on each workstation and server, as it allows for consistent password management and reduces the risk of weak passwords being used. Setting a group policy to enforce password changes can be part of the domain password policy, but it alone does not address the requirement for complex passwords. Posting a memo detailing the requirement of the new password complexity requirements is not as effective as implementing a domain password policy, as it relies on users to voluntarily comply with the new requirements.

    Rate this question:

  • 24. 

    Which of the following would be used to eliminate the need for an administrator to manually configure passwords on each network device in a larg LAN?

    • RADIUS

    • OVAL

    • RAS

    • IPSec VPN

    Correct Answer
    A. RADIUS
    Explanation
    RADIUS (Remote Authentication Dial-In User Service) would be used to eliminate the need for an administrator to manually configure passwords on each network device in a large LAN. RADIUS is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. It allows for a single set of credentials to be used for authentication across multiple network devices, reducing the need for manual configuration of passwords on each device.

    Rate this question:

  • 25. 

    The security administrato needs to determine whether common words and phrases are being used as passwords on the company server.  Which of the following attacks would MOST easily accomplish this task?

    • NTLM hashing

    • Dictionary

    • Brute Force

    • Encyclopedia

    Correct Answer
    A. Dictionary
    Explanation
    A dictionary attack would be the most effective method to determine whether common words and phrases are being used as passwords on the company server. In a dictionary attack, a hacker uses a pre-generated list of commonly used passwords or words from a dictionary to try and gain unauthorized access. This method is relatively quick and efficient as it eliminates the need to try every possible combination of characters, like in a brute force attack. Therefore, a dictionary attack would be the best choice for the security administrator to identify weak passwords on the server.

    Rate this question:

  • 26. 

    The company president wants to replace usernames and passwords with USB security tokens for company system.  Which of the following authentication models would be in use?

    • Two factor

    • Form factor

    • Physical factor

    • Single factor

    Correct Answer
    A. Single factor
    Explanation
    The given correct answer is "Single factor." In this authentication model, only one factor (in this case, the USB security token) is used to verify the identity of the user. The use of USB security tokens replaces the traditional username and password combination, providing a more secure method of authentication.

    Rate this question:

  • 27. 

    Which of the following presents the GREATEST security risk to confidentiality of proprietary corporate data when attackers have physical access to the data center?

    • Solid state drives

    • Cell phone cameras

    • USB drives

    • NAS

    Correct Answer
    A. USB drives
    Explanation
    USB drives present the greatest security risk to the confidentiality of proprietary corporate data when attackers have physical access to the data center. USB drives can easily be used to copy or transfer sensitive data, allowing attackers to steal or compromise confidential information. Unlike solid state drives or NAS, USB drives are portable and can be easily concealed or smuggled out of the data center, making them a significant threat to the security of proprietary corporate data. Cell phone cameras, while potentially a risk, are less likely to be able to copy large amounts of data compared to USB drives.

    Rate this question:

  • 28. 

    An administrator is providing management with a mobile device that allows email access.  The mobile device will be password protecte in case of loss.  Which of the following additional security measures should the administrator ensure is in place?

    • The mobile device should erase itself after a set number of invalid attempts

    • The password should be alphanumeric only, due to keypad limitations

    • The password should be common so that the mobile device can be re-assigned

    • The mobile device should use and be equipped with removal storage for sensitive data retrieval

    Correct Answer
    A. The mobile device should erase itself after a set number of invalid attempts
    Explanation
    The administrator should ensure that the mobile device erases itself after a set number of invalid attempts to enhance security. This measure will protect sensitive data in case the device is lost or stolen and someone tries to gain unauthorized access. By erasing itself, the device prevents any potential data breaches and ensures that the information remains secure.

    Rate this question:

  • 29. 

    An administrator is concerned that users are not utilizing strong passwords.  Which of the following can be done to enforce user compliance?

    • Implement a strict domain level group policy

    • Supply the users with suggested password guidelines

    • Offer user training regarding proper policy

    • Supply the users with a third-party application to hash their passwords

    Correct Answer
    A. Implement a strict domain level group policy
    Explanation
    Implementing a strict domain level group policy is an effective way to enforce user compliance with strong password usage. With a group policy, the administrator can set specific password requirements such as minimum length, complexity, and expiration period. These requirements will be enforced across the entire domain, ensuring that all users are using strong passwords. By implementing this policy, the administrator can mitigate the risk of weak passwords and enhance the overall security of the system.

    Rate this question:

  • 30. 

    Which of the following is an example of a smart card?

    • PIV

    • MAC

    • One-time password

    • Tokens

    Correct Answer
    A. MAC
  • 31. 

    Which of the following is seen as non-secure based on its ability to only store seven upper case characters of data making it susceptible to brute force attacks?

    • PAP

    • NTLMv2

    • LANMAN

    • CHAP

    Correct Answer
    A. LANMAN
    Explanation
    LANMAN is seen as non-secure because it can only store seven upper case characters of data. This limitation makes it susceptible to brute force attacks, where an attacker systematically tries all possible combinations of characters until the correct password is found. With only seven characters to try, it becomes easier for an attacker to guess the password and gain unauthorized access.

    Rate this question:

  • 32. 

    Which of the following is a way to control system access by department function?

    • Role-Based Access Control

    • Rule- Based Access Control

    • Mandatory Access Control

    • Discretionary Access Control

    Correct Answer
    A. Role-Based Access Control
    Explanation
    Role-Based Access Control (RBAC) is a way to control system access by department function. RBAC assigns roles to users based on their job responsibilities and grants permissions accordingly. This ensures that users only have access to the resources and information necessary for their specific role or function within the organization. RBAC simplifies access management by grouping users into roles and defining their access privileges based on those roles, making it easier to manage and enforce access control policies.

    Rate this question:

  • 33. 

    In which of the following locations can password complexity be enforced via group policy?

    • Domain controller

    • Local SAM databases

    • ACLs

    • NAC servers

    Correct Answer
    A. Domain controller
    Explanation
    Password complexity can be enforced via group policy on a domain controller. Group policies are used to manage and configure settings for multiple computers within a network domain. By configuring the password complexity settings in the group policy on the domain controller, administrators can ensure that users are required to create strong and complex passwords that meet specific criteria, such as minimum length, use of uppercase and lowercase letters, numbers, and special characters. This helps enhance the security of the network and prevents users from using weak or easily guessable passwords.

    Rate this question:

  • 34. 

    Which of the following access control methods requires significant background investigations?

    • Discretionary Access Control

    • Rule-Based Access Control

    • Role-Based Access Control

    • Mandatory Access Control

    Correct Answer
    A. Role-Based Access Control
    Explanation
    Role-Based Access Control (RBAC) requires significant background investigations because it assigns permissions based on an individual's role within an organization. This means that individuals are granted access to certain resources based on their job responsibilities and requirements. To ensure that the right individuals are assigned the appropriate roles and access privileges, thorough background investigations are necessary to verify their qualifications, trustworthiness, and suitability for the assigned roles. This helps to mitigate potential security risks and ensure that sensitive information is protected from unauthorized access.

    Rate this question:

  • 35. 

    Which of the following access control methods prevents a user from accessing network resources after the end of the user's typical shift?

    • Group policy

    • Time of day restrictions

    • Password policy

    • Acceptable use policy

    Correct Answer
    A. Time of day restrictions
    Explanation
    Time of day restrictions is the correct answer because this access control method allows administrators to define specific time periods during which users are allowed or denied access to network resources. By setting restrictions based on the user's typical shift, access can be automatically revoked after the end of the shift, preventing unauthorized access outside of the designated work hours. This helps to enhance security and ensure that network resources are only accessible during authorized times.

    Rate this question:

  • 36. 

    Which of the following is a required component for deploying Kerberos?

    • Extensible authentication protocol

    • Ticket granting server

    • Remote access server

    • Certificate authority

    Correct Answer
    A. Ticket granting server
    Explanation
    A ticket granting server is a required component for deploying Kerberos because it is responsible for issuing tickets to clients after they have been authenticated by the authentication server. These tickets are then used by clients to request access to various resources within the Kerberos realm. Without a ticket granting server, clients would not be able to obtain the necessary tickets to access resources and the Kerberos authentication process would not function properly.

    Rate this question:

  • 37. 

    Which of the following would protect an employee network traffic on a non-company owned network?

    • 802.1x

    • VPN

    • RADIUS

    • Antivirus

    Correct Answer
    A. VPN
    Explanation
    A VPN (Virtual Private Network) would protect an employee's network traffic on a non-company owned network. A VPN creates a secure and encrypted connection between the employee's device and the company's network, ensuring that their data cannot be intercepted or accessed by unauthorized individuals. This is particularly important when using public Wi-Fi networks or other untrusted networks outside of the company's control.

    Rate this question:

  • 38. 

    Assigning access on a need-to-know basis is a best practice in which of the following controls?

    • Account management

    • Risk assessment

    • Vulnerability assessment

    • Patch management

    Correct Answer
    A. Account management
    Explanation
    Assigning access on a need-to-know basis is a best practice in account management. This practice ensures that individuals are only granted access to information and resources that are necessary for them to perform their job duties. By limiting access to only what is needed, the risk of unauthorized access or misuse of sensitive information is reduced. This control helps to maintain the confidentiality, integrity, and availability of data and resources within an organization.

    Rate this question:

  • 39. 

    Which of the following groups should be able to view the results of the risk assessment for an organization?

    • HR employees

    • All employees

    • Executive management and Information security employees

    • Vendors

    Correct Answer
    A. Executive management and Information security employees
    Explanation
    Executive management and Information security employees should be able to view the results of the risk assessment for an organization because they are responsible for making strategic decisions and ensuring the security of the organization's information. The risk assessment results provide valuable insights into potential vulnerabilities and threats, which are crucial for these groups to effectively manage risks and make informed decisions. HR employees and vendors may not require access to this information unless it is relevant to their specific roles and responsibilities. All employees may not necessarily need access to the risk assessment results as it may not be relevant to their day-to-day work.

    Rate this question:

  • 40. 

    Which of the following is the primary location where global policies are implemented in an organization?

    • Domain

    • Physical memory

    • User documentation

    • Security group

    Correct Answer
    A. Domain
    Explanation
    In an organization, the primary location where global policies are implemented is the domain. A domain is a logical group of network resources, such as computers, users, and devices, that are managed by a centralized authority. It allows for centralized management and control of security policies, user accounts, and other network resources. By implementing global policies at the domain level, organizations can ensure consistent and standardized security measures and settings across their entire network.

    Rate this question:

  • 41. 

    Which of the following BEST secures ingrees and egrees points in a data center?

    • ID badges

    • Proximity cards

    • Escorts

    • Log book

    Correct Answer
    A. Proximity cards
    Explanation
    Proximity cards are the best option for securing ingress and egress points in a data center. These cards use radio frequency identification (RFID) technology to grant access to authorized individuals. They are more secure than ID badges, as they cannot be easily duplicated or forged. Escorts may provide temporary security, but they are not a long-term solution. Log books are also not as secure, as they can be tampered with or lost. Proximity cards offer a reliable and efficient way to control access to the data center.

    Rate this question:

  • 42. 

    A secure company protal, accessible publicly but only to company employees, frequently fails to renew certificates, resulting in expired certificate warnings for users.  These failures:

    • Permit man-in-middle attacks to steal users credentials

    • Are irratating to the user but the traffic remains encrypted; breed complacency among users for all certification warnings

    • Expose traffic sent between the server and the user's computer

    • Increase resources used by the company's web-servers

    Correct Answer
    A. Are irratating to the user but the traffic remains encrypted; breed complacency among users for all certification warnings
    Explanation
    The correct answer is that the failures to renew certificates are irritating to the user but the traffic remains encrypted, and they breed complacency among users for all certification warnings. This means that while the expired certificate warnings may annoy users, the actual traffic between the server and the user's computer is still encrypted and secure. However, the frequent occurrence of these warnings may cause users to become complacent and ignore other certification warnings, which can be a security risk.

    Rate this question:

  • 43. 

    Which of the following best practices should be applied to print resources to enforce existing information assurance controls?

    • Remove unnecessary users from groups with permissions to the resources

    • Restrict group membership to users who do not print often

    • Set the printer to standby mode after hours

    • Ensure that all user groups have permission to all printers

    Correct Answer
    A. Remove unnecessary users from groups with permissions to the resources
    Explanation
    To enforce existing information assurance controls, it is important to remove unnecessary users from groups with permissions to the resources. By doing so, access to the print resources is limited only to those who actually need it, reducing the risk of unauthorized access or misuse. This practice helps to enhance the overall security and integrity of the print resources, ensuring that only authorized individuals have the necessary permissions and reducing the potential for data breaches or unauthorized printing.

    Rate this question:

  • 44. 

    Limiting access to a file resource to only the creator by default, is an example of applyng which of the following security concepts?

    • Behavior-based security

    • Logical tokens

    • Least priviledge

    • Role-based access control

    Correct Answer
    A. Least priviledge
    Explanation
    Limiting access to a file resource to only the creator by default is an example of applying the security concept of least privilege. This concept ensures that users are granted only the minimum level of access necessary to perform their tasks, reducing the risk of unauthorized access or misuse of resources. By default, only the creator of the file has access, preventing unnecessary access by other users and reducing the potential for security breaches.

    Rate this question:

  • 45. 

    Which of the following represents two factor authentication?

    • A password and a PKI certificate

    • A retina and fingerprint scan

    • A security badge and a physical token

    • A passphrase and PIN

    Correct Answer
    A. A password and a PKI certificate
    Explanation
    Two factor authentication is a security measure that requires two different forms of identification before granting access. In this case, the correct answer is "A password and a PKI certificate." A password is something the user knows, while a PKI certificate is something the user possesses. By combining these two factors, it adds an extra layer of security to verify the user's identity.

    Rate this question:

  • 46. 

    The administrator needs to set permissions for the new print server for a company comprised of 320 people in 18 departments.  Each department has its own set of printers.  Which of the following options is the BEST way to do this?

    • Place all the people into distribution groups. Assign printer access by access group

    • Place all the people into department groups. Assign printer access by matching individuals to printer groups

    • Place all the people into departmental groups. Assign access to all printers for each group

    • Place all the people into departmental groups. Assign printer access by matching group to department

    Correct Answer
    A. Place all the people into departmental groups. Assign printer access by matching group to department
    Explanation
    The best way to set permissions for the new print server is to place all the people into departmental groups and assign printer access by matching the group to the department. This ensures that each department has access to their own set of printers, which is the most efficient and organized way to manage printer access for a company with multiple departments.

    Rate this question:

  • 47. 

    WPA2-Enterprise can use which of the following to authenticate a user?

    • RRAS

    • TKIP

    • RADIUS

    • RSA

    Correct Answer
    A. RADIUS
    Explanation
    WPA2-Enterprise can use RADIUS to authenticate a user. RADIUS (Remote Authentication Dial-In User Service) is a networking protocol that provides centralized authentication, authorization, and accounting management for users connecting to a network. It allows the network access server to communicate with a RADIUS server to verify the user's credentials and grant or deny access accordingly.

    Rate this question:

  • 48. 

    Which of the following authentication models often requires different systems to function together and is complicated to implement in non-homgeneousn environment?

    • Three factor authentication

    • Single sign-on

    • On factor authentication

    • Two factor authentication

    Correct Answer
    A. Single sign-on
    Explanation
    Single sign-on is an authentication model that often requires different systems to function together and is complicated to implement in non-homogeneous environments. This is because single sign-on allows users to access multiple systems and applications with just one set of credentials, which requires integration and coordination between these systems. In non-homogeneous environments, where different systems may have different authentication mechanisms and protocols, implementing single sign-on can be challenging and complex.

    Rate this question:

  • 49. 

    Which of the following can be implemented to ensure an employee cannot use the system outside of normal business hours?

    • Time of day restrictions

    • Implicit deny

    • Account expiration

    • Two factor authentication

    Correct Answer
    A. Time of day restrictions
    Explanation
    Time of day restrictions can be implemented to ensure that an employee cannot use the system outside of normal business hours. This means that the system will only allow access during specific time periods designated as normal business hours, and any attempts to access the system outside of these hours will be denied. This helps to enforce security policies and prevent unauthorized access to the system during non-working hours.

    Rate this question:

Quiz Review Timeline (Updated): May 1, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • May 01, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 06, 2011
    Quiz Created by
    Ernestleeburns

Related Topics

Recent Quizzes

Quiz on CompTIA Security+ Certification! Trivia Questions Quiz on CompTIA Security+ Certification! Trivia Questions
Comptia Security+ Practice Exam Comptia Security+ Practice Exam
Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
CompTIA Security+ (SY0-301) Practice Exam CompTIA Security+ (SY0-301) Practice Exam
Comptia Security+ Practice Exam: Quiz! Comptia Security+ Practice Exam: Quiz!
Securty + Ch. 2-6 test Securty + Ch. 2-6 test
SECURITY + Systems Security SECURITY + Systems Security
SECURITY + Network Infrastructure SECURITY + Network Infrastructure
SECURITY + Access Control SECURITY + Access Control

Featured Quizzes

Best Friend Quiz: Are You Really Best Friends? Best Friend Quiz: Are You Really Best Friends?
Articles Quiz With Answers Articles Quiz With Answers
Are You Ready For IQ Quiz: Test Your Intelligence Now Are You Ready For IQ Quiz: Test Your Intelligence Now
What Is My Talent? What Is My Talent?
Do I Have a Crush on Him? Quiz Do I Have a Crush on Him? Quiz
Can You Guess These Asian's Nationality? Can You Guess These Asian's Nationality?
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.