IT Security & Ethical Hacking

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ashwaniwetech
A
Ashwaniwetech
Community Contributor
Quizzes Created: 1 | Total Attempts: 420
| Attempts: 420 | Questions: 132
Please wait...
Question 1 / 132
0 %
0/100
Score 0/100
1. Which file extension is used to indicate a JPEG file?

Explanation

The extension for a JPEG file is .jpg. The extension for a Java applet is .jar. The extension on Java source code is .java. The extension for a JavaScript file is .js.

Submit
Please wait...
About This Quiz
IT SecurITy & Ethical Hacking - Quiz

This exam is meant for the final module for WCSE

2. Which type of virus avoids detection by making itself indistinguishable from other applications?

Explanation

A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection.

Submit
3. What is the term used when an application receives more data than it is programmed to accept?

Explanation

When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. Open Relay is a type of SMTP Relay that is being exploited.

Submit
4. Which of the below options would you consider as a program that constantly observes data traveling over a network?

Explanation

A sniffer is a program that constantly observes data traveling over a network. It captures network packets and analyzes their content, allowing users to monitor and analyze network traffic. Sniffers are commonly used for network troubleshooting, security analysis, and performance monitoring. They can help identify network issues, detect malicious activities, and analyze network protocols.

Submit
5. Which type of policy identifies the various actions that must occur in the normal course of employee activities?

Explanation

A user management policy identifies the various actions that must occur in the normal course of employee activities. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

Submit
6. In the "grandfather, father, son" backup plan, which refers to the most recent backup?

Explanation

The most recent backup is the son. After another backup is done, the son becomes the father and then the grandfather.

Submit
7. During which general type of attack does someone want to modify information in your system?

Explanation

During a modification and repudiation attack, someone wants to modify information in your system(s). A denial-of-service (DoS) attack tries to disrupt your network and services. In an access attack, someone who should not be able to have access wants access to your resources. Interception is a type of access attack but not a general attack category.

Submit
8. Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept?

Explanation

Buffer Overflows is the correct answer because it refers to a web vulnerability where a program or application receives more data than it is designed to handle, causing the excess data to overflow into adjacent memory locations. This can lead to the execution of arbitrary code or a crash in the system.

Submit
9. According to a good disaster recovery plan, which of the following must happen during a power outage before an uninterruptible power supply (UPS) drains its battery?

Explanation

During a power outage, an uninterruptible power supply (UPS) is designed to provide temporary power until a backup generator activates. This ensures that there is continuous power supply to critical systems and prevents any disruption or loss of data. Therefore, the correct answer is B. The backup generator activates.

Submit
10. Which of the following would BEST ensure that users have complex passwords?

Explanation

A domain password policy is a set of rules and requirements that dictate the complexity of passwords that users must create. By implementing a domain password policy, organizations can enforce the use of complex passwords that include a combination of uppercase and lowercase letters, numbers, and special characters. This helps to ensure that users have strong passwords that are less susceptible to being guessed or cracked by attackers.

Submit
11. Which of the following logs shows when the workstation was last shutdown?  

Explanation

The System log shows when the workstation was last shutdown. This log contains information about system events, including shutdown and startup events. By checking the System log, one can find the specific entry that indicates the time and date of the last shutdown.

Submit
12. Which of the following goals of information security refers to identifying events when they occur?

Explanation

The three primary goals of information security are prevention, detection, and response. Detection refers to identifying events when they occur. Prevention refers to preventing computer or information violations from occurring. Response refers to developing strategies and techniques to deal with an attack or loss.

Submit
13. What is the term used for a text file that a browser maintains on a user's hard disk in order to store information about the user?

Explanation

A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. Open Relay is a type of SMTP Relay that is being exploited.

Submit
14. Which of the following is a device that looks for open ports on a server?

Explanation

A scanner is a device that looks for open ports. A sniffer is a device that captures and displays network traffic. Neither a freezer nor a watchdog is a valid network device used for this purpose.

Submit
15. Which type of virus attacks a system in multiple ways?

Explanation

A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection. A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer.

Submit
16. Which type of policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits?

Explanation

An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A user management policy identifies the various actions that must occur in the normal course of employee activities. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

Submit
17. Choose the option that details one of the primary benefits of using S/MIME (Secure Multipurpose Internet Mail Extension)?

Explanation

S/MIME (Secure Multipurpose Internet Mail Extension) allows users to send both encrypted and digitally signed e-mail messages. Encryption ensures that the content of the email is protected and can only be accessed by the intended recipient. Digital signatures provide authentication and verify the integrity of the message, ensuring that it has not been tampered with during transmission. This helps to maintain confidentiality, privacy, and trust in email communication.

Submit
18. Which language is seen as a successor to HTML and offers many capabilities that HTML does not?

Explanation

eXtensible Markup Language (XML) is seen as a successor to HTML and offers many capabilities that HTML does not. The other choices are all languages that predate HTML or are not seen as successors to HTML.

Submit
19. What is the term used for an email feature intended to allow the server to forward email to other servers?

Explanation

SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. Open Relay is a type of SMTP Relay that is being exploited.

Submit
20. Which of the following definitions BEST suit Buffer Overflow?

Explanation

Buffer Overflow refers to a situation where a program or system receives more data than it is programmed to accept. This can lead to the excess data being written into adjacent memory locations, potentially causing the program to crash or allowing an attacker to execute malicious code.

Submit
21. Which access control system allows the system administrator to establish access permissions to network resources?

Explanation

MAC stands for Mandatory Access Control. It is an access control system that allows the system administrator to establish access permissions to network resources. In MAC, access permissions are determined by the system based on predefined rules and policies. The system administrator sets the access permissions for each user or group based on their security clearance level or other factors. This ensures that only authorized users can access specific network resources, providing a higher level of security and control. DAC (Discretionary Access Control) and RBAC (Role-Based Access Control) are also access control systems, but they do not specifically mention the ability for the system administrator to establish access permissions to network resources.

Submit
22. What type of software acts on behalf of a third party and collects information?

Explanation

Spyware is software that acts on behalf of a third party and collects information. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. SCR viruses are those that are disguised as or within screen savers.

Submit
23. One type of port scan can determine which ports are in a listening state on the network, and can then perform a three way handshake. Which type of port scan can perform this set of actions?

Explanation

A TCP SYN scan is able to determine which ports are in a listening state on the network and can perform a three-way handshake. This type of scan sends a SYN packet to the target host and waits for a response. If the port is open and in a listening state, the host will respond with a SYN-ACK packet. The scanner then sends an RST packet to close the connection. If the port is closed, the host will respond with a RST packet. This scan is stealthy as it does not complete the handshake, making it harder to detect.

Submit
24. Which of the following is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack?

Explanation

Back Orifice is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack. Brute-force attacks and dictionary attacks are password-guessing attacks, while man-in-the-middle is its own type of attack and not a type of remote administration attack.

Submit
25. Which of the following is another name for active sniffing?

Explanation

Active sniffing is more commonly known as TCP/IP hijacking. The other choices given are not valid names for active sniffing.

Submit
26. Which of the following goals of information security refers to preventing computer or information violations from occurring?

Explanation

The three primary goals of information security are prevention, detection, and response. Prevention refers to preventing computer or information violations from occurring. Detection refers to identifying events when they occur. Response refers to developing strategies and techniques to deal with an attack or loss.

Submit
27. The purpose of a DNS server is to enable people and applications to lookup records in DNS tables. Why implement security logging on a DNS server?

Explanation

Implementing security logging on a DNS server allows for the monitoring of unauthorized zone transfers. This means that any attempts to transfer DNS records without proper authorization can be detected and investigated. By keeping track of these activities, organizations can ensure the integrity and security of their DNS infrastructure.

Submit
28. PKI to encrypt sensitive emails sent to an assistant. In addition to encrypting the body of the email, the executive wants to encrypt the signature so that the assistant can verify that the email actually came from the executive. Which asymmetric key should be used by the executive to encrypt the signature?

Explanation

The executive should use their private key to encrypt the signature. In a Public Key Infrastructure (PKI), asymmetric encryption is used, where a pair of keys is generated - a public key and a private key. The private key is kept confidential and is used for encryption, while the public key is shared with others for decryption. By encrypting the signature with their private key, the assistant can verify that the email actually came from the executive by decrypting the signature using the executive's public key.

Submit
29. Human resource department personnel should be trained about security policy:

Explanation

The human resource department personnel should be trained about security policy guidelines and enforcement to ensure that they understand the rules and regulations regarding security within the organization. By being trained on these guidelines, they will be able to effectively enforce them and ensure that all employees are following the necessary security protocols. This training will also help them understand the importance of security and the potential risks that can arise if these guidelines are not followed.

Submit
30. Most current encryption schemes are based on

Explanation

Most current encryption schemes are based on algorithms. Encryption is the process of converting plaintext into ciphertext to protect data from unauthorized access. Algorithms are a set of rules or procedures that determine how the encryption and decryption process is performed. They provide a systematic way of transforming data using mathematical operations, making it difficult for attackers to decipher the encrypted information without the proper key. Therefore, algorithms play a crucial role in ensuring the security and confidentiality of data in encryption schemes.

Submit
31. Which of the following are common ways to provide secure connections between a web client and a web server? (Choose two.)

Explanation

Both Secure Socket Layer/Transport Layer Security (SSL/TLS) and HTTP Secure (HTTPS) are common ways to provide secure connections between a web client and a web server. Regardless of which is used, port 443 is utilized. The other two choices are not valid protocols for providing secure connections between a web client and a web server.

Submit
32. Which of the following is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements?

Explanation

Spyware is software that acts on behalf of a third party and collects information. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. SCR viruses are those that are disguised as or within screen savers.

Submit
33. An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should be used?

Explanation

A carbon dioxide fire suppression system should be used in the server room to ensure that no equipment is damaged during a fire or false alarm. Carbon dioxide is an effective fire suppression agent as it displaces oxygen, thereby suffocating the fire. Unlike water-based systems like deluge sprinklers or wet pipe sprinklers, carbon dioxide does not cause water damage to the equipment. Hydrogen peroxide is not commonly used as a fire suppression agent in server rooms.

Submit
34. Which of the following access attacks amounts to listening in on or overhearing parts of a conversation?

Explanation

All of the choices listed are various types of access attacks. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In a snooping attack, someone looks through your files in hopes of finding something interesting. In a passive interception attack, someone routinely monitors network traffic. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

Submit
35. Which of the following are popular examples of denial-of-service attacks? (Choose all that apply.)

Explanation

Both the ping of death and buffer overflow attacks are popular examples of denial-of-service (DoS) attacks. The other options given are fictitious and not popular examples of DoS attacks.

Submit
36. Which type of backup storage is stored in the same location as the computer center?

Explanation

Onsite storage refers to backup information stored locally; this is often the most recent set of backups.

Submit
37. Which of the following logs shows when the workstation was last shutdown?  

Explanation

The System log shows when the workstation was last shutdown. This log contains information about the operating system, including events related to system startup and shutdown. By checking the System log, one can find the timestamp of the last shutdown event, providing the information about when the workstation was last shutdown.

Submit
38. Which file extension is used to indicate a JavaScript file?

Explanation

The extension for a JavaScript file is .js. The extension for a JPEG file is .jpg. The extension for a Java applet is .jar. The extension on Java source code is .java.

Submit
39. You want to block all web traffic on the firewall, with and without SSL. Which port(s) should you block? (Choose all that apply.)

Explanation

Standard web traffic uses port 80. When SSL is used (HTTPS), traffic is conducted on port 443. You don't need to block the other ports.

Submit
40. Which of the following is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack?

Explanation

NetBus is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack. Brute-force attacks and dictionary attacks are password-guessing attacks, while man-in-the-middle is its own type of attack and not a type of remote administration attack.

Submit
41. During which general type of attack does someone try to disrupt your network and services?

Explanation

A denial-of-service (DoS) attack tries to disrupt your network and services. In an access attack, someone who should not be able to have access wants access to your resources. During a modification and repudiation attack, someone wants to modify information in your system(s). Interception is a type of access attack but not a general attack category type.

Submit
42. What does the DAC access control model use to identify the users who have permissions to a resource?

Explanation

The DAC access control model uses Access Control Lists (ACLs) to identify the users who have permissions to a resource. ACLs are a list of permissions associated with an object, such as a file or folder, that determine which users or groups can access the resource and what actions they can perform on it. With ACLs, the system can easily identify and enforce the access privileges of different users, allowing or denying access based on their permissions.

Submit
43. Which of the following types of removable media is write-once and appropriate for archiving security logs?

Explanation

CD-R, or Compact Disc-Recordable, is a type of removable media that can be written on once and is suitable for archiving security logs. Once data is written onto a CD-R, it cannot be erased or modified, making it a secure option for storing important information. CD-Rs are also durable and have a long lifespan, making them a reliable choice for long-term storage and archival purposes.

Submit
44. Which type of policy covers how information and resources are used?

Explanation

A usage policy covers how information and resources are used. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A user management policy identifies the various actions that must occur in the normal course of employee activities. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

Submit
45. If a file system contains a log file of all changes and transactions that have occurred within a set period of time, what type of file system is it said to be?

Explanation

A journaling file system contains a log file of all changes and transactions that have occurred within a set period of time.

Submit
46. Choose the scheme or system used by PGP (Pretty Good Privacy) to encrypt data.

Explanation

not-available-via-ai

Submit
47. Which type of virus often attacks the antivirus software installed on a computer?

Explanation

A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A stealth virus avoids detection by making itself indistinguishable from other applications. A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection.

Submit
48. What is the minimum number of disks necessary to implement RAID 1?

Explanation

RAID 1, mirroring, requires a minimum of two disks. RAID 0, disk striping, requires a minimum of two disks. RAID 3, disk striping with a dedicated parity disk, requires a minimum of three disks. RAID 5, disk striping with parity, requires a minimum of three disks.

Submit
49. Which of the below options would you consider as a program that constantly observes data traveling over a network?

Explanation

A sniffer is a program that constantly observes data traveling over a network. It captures and analyzes network traffic, allowing the user to monitor and analyze the data being transmitted. This can be useful for network troubleshooting, security monitoring, and performance analysis. A sniffer can capture packets from the network and display their contents, providing insights into the network traffic and helping to identify any issues or anomalies.

Submit
50. Which of the following definitions would be correct regarding Eavesdropping?

Explanation

Eavesdropping refers to the act of listening or overhearing parts of a conversation without the knowledge or consent of the individuals involved. This can be done intentionally or unintentionally, and it typically involves gathering information that is meant to be private or confidential. Eavesdropping can occur in various settings, such as in-person conversations, phone calls, or electronic communications. It is considered a breach of privacy and can be illegal in certain circumstances.

Submit
51. A peer-to-peer computer network uses diverse connectivity between participants in a network and the cumulative bandwidth of network participants rather than conventional centralized resources where a relatively low number of servers provide the core value to a service or application. Which of the following is a security risk while using peer-to-peer software?

Explanation

Data leakage is a security risk while using peer-to-peer software because it involves the unauthorized or unintentional disclosure of sensitive or confidential information. Peer-to-peer networks allow for direct sharing of files and data between participants, which can increase the risk of data being leaked or accessed by unauthorized individuals. This can result in privacy breaches, loss of sensitive information, and potential legal and financial consequences for individuals or organizations involved.

Submit
52. A programmer plans to change the server variable in the coding of an authentication function for a proprietary sales application. Which process should be followed before implementing the new routine on the production application server?

Explanation

Before implementing the new routine on the production application server, the programmer should follow the process of change management. Change management involves planning, coordinating, and controlling changes to the system in a structured and organized manner. This process ensures that any changes made to the server variable in the coding of the authentication function are properly documented, tested, and approved before being implemented. It helps to minimize risks, ensure the stability and reliability of the system, and maintain the integrity of the proprietary sales application.

Submit
53. Which of the following is MOST effective in preventing adware?

Explanation

A pop-up blocker is the most effective in preventing adware because it blocks unwanted pop-up advertisements that often contain adware. Adware is commonly distributed through pop-up ads that appear while browsing the internet. By blocking these pop-ups, a pop-up blocker prevents the adware from being downloaded or installed onto the user's device. This helps to maintain a secure and adware-free browsing experience.

Submit
54. Java applets run in a restricted area of memory. What is this restricted area known as?

Explanation

The restricted area of memory that Java applets run in is the sandbox. The other options do not represent the restricted area of memory that Java applets run in.

Submit
55. What is the term used for an exploited email feature originally intended to allow the server to forward email to other servers?

Explanation

Open Relay is a type of SMTP Relay that is being exploited. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers.

Submit
56. Which of the following is not one of the main components of the security triad?

Explanation

The three components of the computer security triad that interact to provide a reasonably secure environment are physical, operational, and management.

Submit
57. Which of the following goals of information security refers to developing strategies and techniques to deal with an attack or loss?

Explanation

The three primary goals of information security are prevention, detection, and response. Response refers to developing strategies and techniques to deal with an attack or loss. Detection refers to identifying events when they occur. Prevention refers to preventing computer or information violations from occurring.

Submit
58. Your manager has asked that you investigate the costs of renting a location that can provide operations within hours of a failure. What type of location is this known as?

Explanation

A hot site is a location that can provide operations within hours of a failure. A warm site provides some of the capabilities of a hot site but requires more work to become operational. A cold site is a facility that isn't immediately ready to use; you must bring along your own network and equipment. There is no such entity as a round site.

Submit
59. Which of the following is a collection of data that is removed from the system because it's no longer needed on a regular basis?

Explanation

An archive is a collection of data that is removed from the system because it's no longer needed on a regular basis. A backup is a restorable copy of any set of data that is needed on the system. The other two choices are not relevant.

Submit
60. Risk assessment is a common first step in a risk management process. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situation and a recognized threat (also called hazard). As a best practice, risk assessments should be based upon which of the following?

Explanation

Risk assessments should be based on a quantitative measurement of risk, impact, and asset value. This means that the assessment should involve assigning numerical values to the level of risk, the potential impact of the risk, and the value of the assets at risk. This approach allows for a more objective and accurate evaluation of the risks involved in a given situation. Absolute measurements of threats, qualitative measurements of risk and impact, and surveys of annual loss, potential threats, and asset value may not provide the same level of precision and specificity as a quantitative measurement.

Submit
61. After auditing file, which log will show unauthorized usage attempts?

Explanation

The Security log will show unauthorized usage attempts after auditing a file. This log is specifically designed to track security-related events and activities, such as unauthorized access attempts, failed login attempts, and other security breaches. By analyzing the Security log, administrators can identify and investigate any unauthorized usage attempts on the audited file, helping to maintain the integrity and security of the system.

Submit
62. How to test the integrity of a company's backup data?

Explanation

To test the integrity of a company's backup data, one can restore a portion of the backup. This involves selecting a specific subset of the backup data and restoring it to ensure that the data is retrievable and intact. By doing so, the company can verify that the backup process is functioning properly and that the data can be successfully restored if needed. This method allows for a practical assessment of the backup system's reliability and ensures that the company's data can be recovered in case of any data loss or system failure.

Submit
63. Which of the following has largely replaced SLIP?

Explanation

SLIP (Serial Line Internet Protocol) was an early protocol used for connecting computers to the internet over serial lines. However, it had limitations such as lack of error checking and authentication. PPP (Point-to-Point Protocol) was developed as a replacement for SLIP, providing features like error detection, authentication, and multilink support. It became widely adopted and is now the standard protocol for establishing internet connections. Therefore, PPP has largely replaced SLIP in modern networking.

Submit
64. Social engineering attacks would be MOST effective in which of the following environments? (Select TWO).

Explanation

Social engineering attacks are most effective in environments where there is a lack of security awareness and controls. A public building with shared office space provides opportunities for attackers to gain unauthorized access or manipulate individuals through impersonation or deception. Similarly, a company with a help desk whose personnel have minimal training may be more susceptible to social engineering tactics, such as phishing or pretexting, where attackers exploit human vulnerabilities to gain access to sensitive information or systems.

Submit
65. The concept that a web script is run in its own environment and cannot interfere with any other process is known as a:

Explanation

The correct answer is sandbox. In web development, a sandbox is a secure environment where web scripts can be run separately from other processes. It ensures that the script cannot interfere with or access any other processes or data on the system. This helps to prevent malicious code or unauthorized access to sensitive information.

Submit
66. Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers?

Explanation

Time of day restriction would be the best measure to prevent night shift workers from logging in with stolen IDs and passwords from day shift workers. By restricting the login access to specific times of the day, it ensures that only authorized individuals can log in during the night shift hours. This prevents unauthorized access by anyone who may have obtained the login credentials from the day shift workers.

Submit
67. What is the minimum number of disks necessary to implement RAID 0?

Explanation

RAID 0, disk striping, requires a minimum of two disks. RAID 1, mirroring, requires a minimum of two disks. RAID 3, disk striping with a dedicated parity disk, requires a minimum of three disks. RAID 5, disk striping with parity, requires a minimum of three disks.

Submit
68. Which of the following is not one of the three key steps of the forensics process?

Explanation

The three key steps of the forensics process are acquiring the evidence, authenticating the evidence, and analyzing the evidence.

Submit
69. Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks. A HIDS is installed to monitor which of following?

Explanation

A HIDS is installed to monitor system files. System files are critical components of a computer's operating system, and any unauthorized changes or modifications to these files can indicate a potential security breach or intrusion. By monitoring system files, a HIDS can detect and alert administrators about any suspicious or unauthorized activities that may compromise the security of the computer or network.

Submit
70. Recently, your company has implemented a work from home program. Employees should connect securely from home to the corporate network. Which encryption technology can be used to achieve this goal?

Explanation

IPSec is the correct answer because it is a widely used encryption technology that provides secure communication over the internet. It can be used to create a virtual private network (VPN) between the employee's home network and the corporate network, ensuring that all data transmitted between the two is encrypted and protected from unauthorized access. This makes it an ideal choice for employees to securely connect to the corporate network while working from home.

Submit
71. A user sees an MD5 hash number beside a file that they wish to downloaD. Which of the following BEST describes a hash?

Explanation

A hash is a unique number that is generated based upon the files contents and should be verified after downloading. Hash functions take the data of a file and produce a fixed-size string of characters, which is the hash value. This hash value can be used to verify the integrity of the downloaded file by comparing it with the original hash value. If the two hash values match, it indicates that the file has not been tampered with during the download process.

Submit
72. Which of the following is the process that attackers use to gather information about how your network is configured?

Explanation

Scanning is the process that attackers use to gather information about how your network is configured. Packet sniffing is the process of monitoring data that is transmitted across a network. Footprinting is the process of systematically identifying a network and its security posture. Signal analysis/intelligence involves methods used to gain information about your environment including footprinting and scanning.

Submit
73. Which of the following authentication protocols employs certificates that contain rights and access privileges of a bearer as part of its payload?

Explanation

Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

Submit
74. Which of the following access attacks amounts to someone placing a computer between the sender and the receiver to capture information while it's sent?

Explanation

While all the choices listed are various types of access attacks, only in an active interception attack is a computer placed between the sender and receiver to capture information while it's sent. In a snooping attack, someone looks through your files in hopes of finding something interesting. In a passive interception attack, someone routinely monitors network traffic. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation.

Submit
75. Which of the following is a regulation that mandates national standards and procedures for the storage, use, and transmission of personal medical information?

Explanation

The Health Insurance Portability and Accountability Act (HIPAA) is a regulation that mandates national standards and procedures for the storage, use, and transmission of personal medical information. The Family Educational Rights and Privacy Act (FERPA) dictates that educational institutions may not release information to unauthorized parties without the express permission of the student or their parents. The Cyberspace Electronic Security Act (CESA) gives law enforcement the right to gain access to encryption keys and cryptography methods. The Gramm-Leach-Bliley Act requires financial institutions to develop privacy notices and notify customers that they are entitled to privacy.

Submit
76. Why malware that uses virtualization techniques is difficult to detect?

Explanation

Malware that uses virtualization techniques can be difficult to detect because it may be running at a more privileged level than the antivirus software. This means that the malware has higher access rights and can hide itself from detection by the antivirus software. It can also manipulate and control the virtualized environment, making it harder for security measures to identify and remove the malware. This allows the malware to operate undetected and carry out malicious activities without being noticed.

Submit
77. Which statement correctly describes the difference between a secure cipher and a secure hash?

Explanation

A secure cipher is a cryptographic algorithm that can be reversed, meaning that the original plaintext can be recovered from the encrypted ciphertext using the appropriate key. On the other hand, a secure hash function is a one-way function that cannot be reversed, meaning that it is computationally infeasible to retrieve the original input from its hash value. Therefore, the statement "A cipher can be reversed, a hash cannot" correctly describes the difference between a secure cipher and a secure hash.

Submit
78. Which of the following are the most popular spoofing attacks? (Choose two.)

Explanation

The two most common, or popular, spoofing attacks today are IP spoofing and DNS spoofing. The other choices do not represent the most popular spoofing attacks.

Submit
79. Which of the following is not a common level within an information policy?

Explanation

The common levels within an information policy are public (for all advertisements and information posted on the Web), internal (for all intranet-type information), private (for personnel records, client data, and so on), and confidential (PKI information and other restricted data).

Submit
80. What type of policy identifies the level of care used to maintain the confidentiality of private information?

Explanation

A due care policy identifies the level of care used to maintain the confidentiality of private information. A separation of duties policy is intended to reduce the risk of fraud and prevent losses in an organization. A document disposal and destruction policy is used to define how information that is no longer needed is handled. An incident response policy defines how an organization will respond to an incident.

Submit
81. Which of the following attacks are being referred to if packets are not connection-oriented and do not require the synchronization process?

Explanation

UDP (User Datagram Protocol) is a connectionless protocol, meaning that it does not require a synchronization process or a connection setup before transmitting data. UDP packets are not connection-oriented and do not require the establishment of a virtual circuit like TCP (Transmission Control Protocol). Therefore, the correct answer is UDP Attack, as this type of attack exploits the vulnerabilities in the UDP protocol to disrupt or manipulate network communications.

Submit
82. From the listing of attacks, choose the attack which misuses the TCP (Transmission Control Protocol) three-way handshake process, in an attempt to overload network servers, so that authorized users are denied access to network resources?

Explanation

The SYN (Synchronize) attack is the correct answer because it specifically mentions misusing the TCP three-way handshake process to overload network servers. In this type of attack, the attacker sends a large number of SYN requests to a target server, but does not complete the handshake process by sending the final ACK packet. This causes the server to keep waiting for the final ACK and ties up its resources, resulting in denial of service for authorized users.

Submit
83. During which general type of attack does someone who should not be able to get access attempt to get to your resources?

Explanation

In an access attack, someone who should not be able to get it wants access to your resources. During a modification and repudiation attack, someone wants to modify information in your system(s). A denial-of-service (DoS) attack tries to disrupt your network and services. Interception is a type of access attack but not a general attack category type.

Submit
84. What type of software hides certain things from the operating system?

Explanation

Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. Spyware is software that acts on behalf of a third party and collects information. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. SCR viruses are those that are disguised as or within screen savers.

Submit
85. Which of the following file extensions would not indicate an executable file?

Explanation

The .bat extension is used for batch files. The .com extension is used on command files. The .exe extension is used on executable files. All of these are executable files.

Submit
86. Which type of virus will change its form in order to avoid detection?

Explanation

A polymorphic virus will change its form in order to avoid detection. A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A multipartite virus attacks a system in multiple ways.

Submit
87. Which of the following is an agreement between your company and a service provider stipulating the performance you can expect or demand from the vendor?

Explanation

A service-level agreement (SLA) is an agreement between your company and a service provider stipulating the performance you can expect or demand from the vendor.

Submit
88. Which of the following ports are typically used by email clients? (Select TWO)

Explanation

The correct answer is 143 and 110. Email clients typically use these ports to communicate with email servers. Port 143 is used for the Internet Message Access Protocol (IMAP), which allows clients to access and manage their email on the server. Port 110 is used for the Post Office Protocol (POP3), which is another protocol for retrieving email from a server.

Submit
89. From the listing of attacks, choose the attack which exploits session initiation between a Transport Control Program (TCP) client and server within a network?

Explanation

The SYN attack is the correct answer because it specifically targets the session initiation process between a TCP client and server. In this attack, the attacker sends a flood of SYN requests to the server, but never completes the handshake process by sending the final ACK packet. This causes the server to allocate resources for the incomplete connections, eventually leading to a denial of service as the server becomes overwhelmed.

Submit
90. One type of network attack sends two different messages that use the same hash function to generate the same message digest. Which network attack does this?

Explanation

A birthday attack is a type of network attack where two different messages are sent using the same hash function, resulting in the same message digest. This attack takes advantage of the birthday paradox, which states that in a group of 23 people, there is a 50% chance that two people will have the same birthday. Similarly, in a hash function, as the number of messages increases, the probability of two messages having the same message digest also increases. Therefore, the correct answer is the birthday attack.

Submit
91. Which type of IM attack is intended to disrupt existing systems by injecting or flooding a channel with garbage data?

Explanation

Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A DoS attack in IM can take the form of many windows popping open as soon as the user tries to close one. A malformed MIME message can cause buffer overflow.

Submit
92. Which of the following is a type of virus disguised as or within screen savers?

Explanation

SCR viruses are those that are disguised as or within screen savers. Grayware is a classification for software that is annoying; this includes spyware (which acts on behalf of a third party and collects information) and adware. Adware is often used to generate unwanted/unsolicited pop-up advertisements. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system.

Submit
93. A technician is helping an organization to correct problems with staff members unknowingly downloading malicious code from Internet websites. Which of the following should the technician do to resolve the problem?

Explanation

To resolve the problem of staff members unknowingly downloading malicious code from Internet websites, the technician should disable unauthorized ActiveX controls. ActiveX controls are a type of software component that can be used to enhance functionality on websites but can also be exploited by malicious code. By disabling unauthorized ActiveX controls, the technician can prevent staff members from inadvertently downloading and executing malicious code, thereby reducing the risk of security breaches and malware infections. This solution directly addresses the root cause of the problem and mitigates the risk of further incidents.

Submit
94. To which of the following viruses does the characteristic when the virus will attempt to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, form part of?

Explanation

A stealth virus is a type of virus that attempts to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, making it difficult to detect and remove. Unlike a polymorphic virus, which changes its code to avoid detection, a stealth virus hides its presence by intercepting system calls and modifying the results returned to the applications. This allows the virus to remain active in the system without being detected by antivirus software. Therefore, the correct answer is Stealth Virus.

Submit
95. Choose the most effective method of preventing computer viruses from spreading throughout the network.

Explanation

Enabling scanning of all e-mail attachments is the most effective method of preventing computer viruses from spreading throughout the network. This is because many viruses are often transmitted through e-mail attachments, and scanning these attachments for viruses can help to detect and block any infected files before they can infect the network. By implementing this measure, organizations can significantly reduce the risk of virus infections spreading through their network via e-mail.

Submit
96. A user ID, PIN, and a palm scan are all required to authenticate a system. Which of the following is this an example of?

Explanation

This is an example of two-factor authentication because it requires two different factors to authenticate the system - a user ID and PIN, as well as a palm scan. Two-factor authentication adds an extra layer of security compared to single-factor authentication, which only requires one factor such as a password. Three-factor authentication would require three different factors for authentication.

Submit
97. Which of the following is the process of systematically identifying a network and its security posture?

Explanation

Footprinting is the process of systematically identifying a network and its security posture. Packet sniffing is the process of monitoring data that is transmitted across a network. Scanning is the process that attackers use to gather information about how your network is configured. Signal analysis/intelligence involves methods used to gain information about your environment including footprinting and scanning.

Submit
98. Which of the following is the term used to represent availability of 99.999 percent?

Explanation

Availability of 99.999 percent is known as five nines availability.

Submit
99. The FIRST step in creating a security baseline would be:

Explanation

The first step in creating a security baseline would be to establish a security policy. This involves defining the organization's goals, objectives, and guidelines for security. By creating a security policy, the organization sets the foundation for implementing security measures and controls. It provides a framework for identifying and addressing potential risks and vulnerabilities, and helps ensure consistency and compliance with industry standards and regulations. Once the security policy is in place, other steps such as identifying the use case, installing software patches, and vulnerability testing can be carried out based on the guidelines provided by the policy.

Submit
100. When power must be delivered to critical systems, which of the following is a countermeasure?

Explanation

A backup generator is a countermeasure that can be used to ensure that power is delivered to critical systems. In the event of a power outage or failure, a backup generator can provide temporary power to keep the systems running. This helps to prevent disruptions and ensure the continuity of operations. Backup generators are often used in conjunction with other measures, such as uninterruptible power supplies (UPSs), to provide a reliable and redundant power source for critical systems.

Submit
101. On the topic of comparing viruses and hoaxes, which statement is TRUE? Choose the best TRUE statement.

Explanation

Hoaxes can create as much damage as a real virus because they can spread misinformation and cause panic among users. People may fall for hoaxes, leading them to take unnecessary actions that can harm their devices or compromise their personal information. Additionally, hoaxes can also waste valuable time and resources as people try to address the false threat. Therefore, it is important to take hoaxes seriously and verify the information before taking any action.

Submit
102. Which protocol is used to manage group or multicasting sessions?

Explanation

Internet Group Management Protocol (IGMCP) is used to manage group or multicasting sessions. Simple Network Management Protocol (SNMP) is used to manage and monitor devices in a network. Internet Control Message Protocol (ICMP) is used to report errors and reply to requests from programs such as ping and traceroute. Trivial File Transfer Protocol (TFTP) is an anonymous version of FTP.

Submit
103. During which process must a forensics investigator be able to prove that the data being presented as evidence is the same data that was collected on the scene?

Explanation

During the evidentiary process, a forensics investigator must be able to prove that the data being presented as evidence is the same data that was collected on the scene.

Submit
104. Which type of policy should exist that defines the requirements, responsible parties, and procedures to follow after the collection of evidence?

Explanation

A chain-of-custody policy should exist that defines the requirements, responsible parties, and procedures to follow after the collection of evidence. Preservation of evidence needs to happen, but it is not a policy in and of itself. An information retention policy details how long data is retained. A storage policy defines how information is stored.

Submit
105. A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?

Explanation

By purchasing the anti-malware software for $5,000 per year, the call center can prevent workstations from being compromised with a 90% probability. If workstations are compromised, it will take three hours to restore services for the 30 staff members, resulting in a cost of $90 per hour per staff member. Therefore, the expected cost of not purchasing the software would be 0.1 (10% chance of compromise) multiplied by 30 (number of staff members) multiplied by 3 (hours to restore services) multiplied by $90 (hourly rate), which equals $2,700. Therefore, the expected net savings by purchasing the software would be $2,700 (cost without software) minus $5,000 (cost of software), which equals $2,290.

Submit
106. Choose the statement which best defines the characteristics of a computer virus.

Explanation

A computer virus is a type of malicious software that is designed to replicate itself and spread to other computers or systems. It achieves this by exploiting vulnerabilities in the target system and using various activation mechanisms to execute its code. Additionally, a computer virus typically has an objective, which can range from causing damage to stealing sensitive information.

Submit
107. The difference between identification and authentication is that:

Explanation

Authentication is the process of verifying the validity of a set of credentials, such as a username and password, to ensure that the user is who they claim to be. Identification, on the other hand, is the process of verifying the identity of a user requesting credentials, which may involve providing personal information or biometric data. Therefore, the correct answer is that authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials.

Submit
108. Which security measures should be recommended while implementing system logging procedures?

Explanation

Performing hashing of the log files is a recommended security measure while implementing system logging procedures. Hashing involves converting the log files into a unique string of characters, which can be used to verify the integrity of the files. By comparing the hash values before and after transmission or storage, any changes or tampering with the log files can be detected. This helps in ensuring the authenticity and reliability of the log files, which are crucial for monitoring and investigating security incidents.

Submit
109. Given: John is a network administrator. He advises the server administrator of his company to implement whitelisting, blacklisting, closing-open relays and strong authentication techniques. Question: Which threat is being addressed?

Explanation

The threat being addressed in this scenario is spam. John, the network administrator, suggests implementing whitelisting, blacklisting, closing-open relays, and strong authentication techniques to combat this threat. These measures are commonly used to prevent unsolicited and unwanted emails, which are typically associated with spam.

Submit
110. You have the server configured to automatically perform backups. A full backup is done every Sunday morning at 2 a.m. Differential backups are run every day at 7 a.m. You arrive at work Thursday morning to find the system crashed at 6 p.m. Wednesday night. How many backup sets must you restore to recover as much of the data as possible?

Explanation

After replacing the failed drive, you would restore the full backup from Sunday. Following that, you would restore the most recent differential backup, which was done at 7 a.m. Wednesday.

Submit
111. Which one of the following options overwrites the return address within a program to execute malicious code?

Explanation

A buffer overflow occurs when a program writes more data into a buffer than it can handle, causing the excess data to overwrite adjacent memory locations. In the case of a return address, a buffer overflow can overwrite the original return address with a new address pointing to malicious code. When the function finishes and tries to return to the overwritten address, it instead jumps to the malicious code, allowing it to be executed. Thus, a buffer overflow can be used to overwrite the return address within a program and execute malicious code.

Submit
112. A biometric fingerprint scanner is an example of which of the following?

Explanation

A biometric fingerprint scanner is an example of single-factor authentication because it relies solely on the unique physical characteristic of an individual's fingerprint to verify their identity. It does not require any additional factors such as a password or a security token.

Submit
113. Which of the following would give a technician the MOST information regarding an external attack on the network?

Explanation

A Network Intrusion Detection System (NIDS) is designed to monitor network traffic and detect any suspicious or malicious activity. It can provide a technician with the most information regarding an external attack on the network as it analyzes the network packets and alerts the technician about any potential threats or attacks. It can detect various types of attacks such as port scanning, denial of service attacks, and unauthorized access attempts, providing valuable information to the technician for further investigation and mitigation.

Submit
114. Which of the following access control models uses roles to determine access permissions?

Explanation

RBAC, or Role-Based Access Control, is an access control model that uses roles to determine access permissions. In this model, users are assigned specific roles, and access permissions are granted based on those roles. This allows for a more structured and efficient way of managing access to resources, as permissions can be easily assigned or revoked by modifying the roles assigned to users. Unlike MAC (Mandatory Access Control) and DAC (Discretionary Access Control), which focus on the classification and ownership of resources, RBAC focuses on the roles and responsibilities of users within an organization.

Submit
115. The main objective of risk management in an organization is to reduce risk to a level:

Explanation

The main objective of risk management in an organization is to identify and assess potential risks and determine the appropriate response. In some cases, it may be more cost-effective or practical for the organization to accept certain risks rather than trying to mitigate or eliminate them. Accepting a risk means acknowledging its existence and potential impact, but choosing not to take any specific action to reduce or avoid it. This approach allows the organization to allocate its resources more efficiently and focus on managing risks that are of higher priority or have a greater potential impact.

Submit
116. From the listing of attacks; which analyzes how the operating system (OS) responds to specific network traffic, in an attempt to determine the operating system running in your networking environment?

Explanation

Fingerprinting is the correct answer because it refers to the process of analyzing how the operating system responds to specific network traffic in order to determine the operating system running in a networking environment. This technique involves examining the unique characteristics and behavior of an operating system's response to network requests, allowing for identification and classification of the OS.

Submit
117. A protocol analyzer will most likely detect which security related anomalies?

Explanation

A protocol analyzer is a tool used to capture and analyze network traffic. It can detect security related anomalies such as many malformed or fragmented packets. These packets may indicate attempts to exploit vulnerabilities or launch attacks on the network. By analyzing these packets, the protocol analyzer can identify potential security threats and help in implementing appropriate measures to mitigate them.

Submit
118. You have been told to collect the key metrics outlines in every SLA and document them. Which of the following is a measure of the anticipated incidence of failure for a system or component?

Explanation

Mean Time Before Failure (MTBF) is a measure of the anticipated incidence of failure for a system or component. Mean Time To Repair (MTTR) is a measurement of how long it takes to repair a system or component after a failure has occurred. The other two choices do not represent metrics.

Submit
119. Which of the following definitions BEST suit Java Applet?

Explanation

Java Applet is a programming language that requires the client browser to have the capability to run Java applets in a virtual machine on the client. This definition highlights the specific requirement for the client browser to support Java applets and run them in a virtual machine, distinguishing it from other programming languages.

Submit
120. Who is responsible for establishing access permissions to network resources in the DAC access control model?

Explanation

In the DAC (Discretionary Access Control) access control model, the owner of the resource is responsible for establishing access permissions to network resources. This means that the owner has the authority to determine who can access the resource and what level of access they have. The system administrator may assist in implementing these permissions, but ultimately it is the owner's decision. The user requiring access to the resource does not have the responsibility of establishing access permissions in the DAC model.

Submit
121. Which one of the following options will allow for a network to remain operational after a T1 failure?

Explanation

Having a redundant ISP (Internet Service Provider) will allow a network to remain operational after a T1 failure. This means that if one ISP fails, there is another ISP available to maintain the network connection and ensure continuous operation. Redundancy in the ISP ensures that there is a backup connection in case of failure, minimizing downtime and ensuring uninterrupted network connectivity.

Submit
122. Which of the following types of viruses modifies and alters other programs and databases?

Explanation

A phage virus modifies and alters other programs and databases. A companion virus attaches itself to a legitimate program and then creates a program with a different file extension. A macro virus exploits the macro ability in many application programs. An armored virus is designed to make itself difficult to detect or analyze.

Submit
123. In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is known as

Explanation

In a classified environment, a clearance into a Top Secret compartment grants access to specific information within that compartment based on the principle of "need to know." This means that individuals are only given access to information that is necessary for them to perform their duties and responsibilities. This principle ensures that sensitive information is only shared with individuals who have a legitimate need for it, reducing the risk of unauthorized disclosure or misuse. Dual control refers to the practice of requiring two individuals to work together to perform certain tasks, separation of duties refers to dividing responsibilities to prevent fraud or error, and acceptable use refers to guidelines for appropriate use of resources.

Submit
124. One of the below is a description for a password cracker, which one is it?

Explanation

The correct answer is "A program that performs comparative analysis." This is because a password cracker is a program that attempts to guess or crack passwords by comparing different combinations of characters or by using various algorithms to analyze patterns and vulnerabilities in the password. It does not necessarily locate and read a password file, provide software registration passwords or keys, or obtain privileged access to the system.

Submit
125. Which type of policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections?

Explanation

A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A user management policy identifies the various actions that must occur in the normal course of employee activities.

Submit
126. A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?

Explanation

The annual loss expectancy (ALE) is calculated by multiplying the annual rate of occurrence (ARO) by the single loss expectancy (SLE). In this case, the ARO is 90% (0.9) because there is a 90% chance each year that workstations will be compromised. The SLE is calculated by multiplying the cost of restoring services ($90 per hour * 3 hours * 30 staff) which equals $8,100. Therefore, the ALE is $7,290 ($8,100 * 0.9).

Submit
127. Which type of instant messaging (IM) attack can occur when a user closes one window and dozens of others suddenly pop open?

Explanation

A denial-of-service (DoS) attack in IM can take the form of many windows popping open as soon as the user tries to close one. Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A malformed MIME message can cause buffer overflow.

Submit
128. Choose the correct order in which crucial equipment should draw power.

Explanation

The correct order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. The UPS line conditioner helps to regulate and stabilize the power supply before it reaches the UPS battery. The UPS battery provides backup power in case of a power outage or fluctuation. Finally, the backup generator is used as a last resort to provide power when both the UPS line conditioner and UPS battery are unable to meet the power requirements.

Submit
129. Which of the following would be disabled to prevent SPIM?

Explanation

Instant messaging would be disabled to prevent SPIM (Spam over Instant Messaging). SPIM refers to the unsolicited messages or spam that is sent through instant messaging platforms. By disabling instant messaging, it would prevent the delivery of spam messages and help in reducing the risk of SPIM.

Submit
130. Which type of instant messaging (IM) problem can occur from a malformed MIME message?

Explanation

A malformed MIME message can cause buffer overflow. Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A DoS attack in IM can take the form of many windows popping open as soon as the user tries to close one.

Submit
131. Which of the following access attacks amounts to someone routinely monitoring network traffic?

Explanation

All the choices listed are various types of access attacks. In a passive interception attack, someone routinely monitors network traffic. In a snooping attack, someone looks through your files in hopes of finding something interesting. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

Submit
132. During which of the following types of backups is the archive bit on individual files turned off? (Choose all that apply.)

Explanation

The archive bit is turned off after a full or incremental backup. The archive bit is left on after a differential or daily backup.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 20, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 27, 2012
    Quiz Created by
    Ashwaniwetech
Cancel
  • All
    All (132)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which file extension is used to indicate a JPEG file?
Which type of virus avoids detection by making itself...
What is the term used when an application receives more data than it...
Which of the below options would you consider as a program that...
Which type of policy identifies the various actions that must occur in...
In the "grandfather, father, son" backup plan, which refers...
During which general type of attack does someone want to modify...
Which of the following web vulnerabilities is being referred to when...
According to a good disaster recovery plan, which of the following...
Which of the following would BEST ensure that users have complex...
Which of the following logs shows when the workstation was last...
Which of the following goals of information security refers to...
What is the term used for a text file that a browser maintains on a...
Which of the following is a device that looks for open ports on a...
Which type of virus attacks a system in multiple ways?
Which type of policy lays out guidelines and expectations for...
Choose the option that details one of the primary benefits of using...
Which language is seen as a successor to HTML and offers many...
What is the term used for an email feature intended to allow the...
Which of the following definitions BEST suit Buffer Overflow?
Which access control system allows the system administrator to...
What type of software acts on behalf of a third party and collects...
One type of port scan can determine which ports are in a listening...
Which of the following is a remote administration tool used by...
Which of the following is another name for active sniffing?
Which of the following goals of information security refers to...
The purpose of a DNS server is to enable people and applications to...
PKI to encrypt sensitive emails sent to an assistant. In addition to...
Human resource department personnel should be trained about security...
Most current encryption schemes are based on
Which of the following are common ways to provide secure connections...
Which of the following is a type of spyware that is often used to...
An administrator wants to make sure that no equipment is damaged when...
Which of the following access attacks amounts to listening in on or...
Which of the following are popular examples of denial-of-service...
Which type of backup storage is stored in the same location as the...
Which of the following logs shows when the workstation was last...
Which file extension is used to indicate a JavaScript file?
You want to block all web traffic on the firewall, with and without...
Which of the following is a remote administration tool used by...
During which general type of attack does someone try to disrupt your...
What does the DAC access control model use to identify the users who...
Which of the following types of removable media is write-once and...
Which type of policy covers how information and resources are used?
If a file system contains a log file of all changes and transactions...
Choose the scheme or system used by PGP (Pretty Good Privacy) to...
Which type of virus often attacks the antivirus software installed on...
What is the minimum number of disks necessary to implement RAID 1?
Which of the below options would you consider as a program that...
Which of the following definitions would be correct regarding...
A peer-to-peer computer network uses diverse connectivity between...
A programmer plans to change the server variable in the coding of an...
Which of the following is MOST effective in preventing adware?
Java applets run in a restricted area of memory. What is this...
What is the term used for an exploited email feature originally...
Which of the following is not one of the main components of the...
Which of the following goals of information security refers to...
Your manager has asked that you investigate the costs of renting a...
Which of the following is a collection of data that is removed from...
Risk assessment is a common first step in a risk management process....
After auditing file, which log will show unauthorized usage attempts?
How to test the integrity of a company's backup data?
Which of the following has largely replaced SLIP?
Social engineering attacks would be MOST effective in which of the...
The concept that a web script is run in its own environment and cannot...
Which of the following would BEST prevent night shift workers from...
What is the minimum number of disks necessary to implement RAID 0?
Which of the following is not one of the three key steps of the...
Host intrusion detection systems (HIDS) and network intrusion...
Recently, your company has implemented a work from home program....
A user sees an MD5 hash number beside a file that they wish to...
Which of the following is the process that attackers use to gather...
Which of the following authentication protocols employs certificates...
Which of the following access attacks amounts to someone placing a...
Which of the following is a regulation that mandates national...
Why malware that uses virtualization techniques is difficult to...
Which statement correctly describes the difference between a secure...
Which of the following are the most popular spoofing attacks? (Choose...
Which of the following is not a common level within an information...
What type of policy identifies the level of care used to maintain the...
Which of the following attacks are being referred to if packets are...
From the listing of attacks, choose the attack which misuses the TCP...
During which general type of attack does someone who should not be...
What type of software hides certain things from the operating system?
Which of the following file extensions would not indicate an...
Which type of virus will change its form in order to avoid detection?
Which of the following is an agreement between your company and a...
Which of the following ports are typically used by email clients?...
From the listing of attacks, choose the attack which exploits session...
One type of network attack sends two different messages that use the...
Which type of IM attack is intended to disrupt existing systems by...
Which of the following is a type of virus disguised as or within...
A technician is helping an organization to correct problems with staff...
To which of the following viruses does the characteristic when the...
Choose the most effective method of preventing computer viruses from...
A user ID, PIN, and a palm scan are all required to authenticate a...
Which of the following is the process of systematically identifying a...
Which of the following is the term used to represent availability of...
The FIRST step in creating a security baseline would be:
When power must be delivered to critical systems, which of the...
On the topic of comparing viruses and hoaxes, which statement is TRUE?...
Which protocol is used to manage group or multicasting sessions?
During which process must a forensics investigator be able to prove...
Which type of policy should exist that defines the requirements,...
A small call center business decided to install an email system to...
Choose the statement which best defines the characteristics of a...
The difference between identification and authentication is that:
Which security measures should be recommended while implementing...
Given: John is a network administrator. He advises the server...
You have the server configured to automatically perform backups. A...
Which one of the following options overwrites the return address...
A biometric fingerprint scanner is an example of which of the...
Which of the following would give a technician the MOST information...
Which of the following access control models uses roles to determine...
The main objective of risk management in an organization is to reduce...
From the listing of attacks; which analyzes how the operating system...
A protocol analyzer will most likely detect which security related...
You have been told to collect the key metrics outlines in every SLA...
Which of the following definitions BEST suit Java Applet?
Who is responsible for establishing access permissions to network...
Which one of the following options will allow for a network to remain...
Which of the following types of viruses modifies and alters other...
In a classified environment, a clearance into a Top Secret compartment...
One of the below is a description for a password cracker, which one is...
Which type of policy defines the configuration of systems and...
A small call center business decided to install an email system to...
Which type of instant messaging (IM) attack can occur when a user...
Choose the correct order in which crucial equipment should draw power.
Which of the following would be disabled to prevent SPIM?
Which type of instant messaging (IM) problem can occur from a...
Which of the following access attacks amounts to someone routinely...
During which of the following types of backups is the archive bit on...
Alert!

Advertisement