Module III Certification Quiz Part 1

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Vtgamer
V
Vtgamer
Community Contributor
Quizzes Created: 5 | Total Attempts: 3,931
| Attempts: 141
SettingsSettings
Please wait...
  • 1/91 Questions

    Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?

    • Token access
    • Security badges
    • Hardware locks
    • Mantrap
Please wait...
About This Quiz


Scoo quiz for security plus test test and test some more

Module III Certification Quiz Part 1 - Quiz

Quiz Preview

  • 2. 

      Why will a Faraday cage be used?

    • To minimize weak encryption

    • To allow wireless usage

    • To find rogue access points

    • To mitigate data emanation

    Correct Answer
    A. To mitigate data emanation
    Explanation
    A Faraday cage is a shielded enclosure that prevents the escape or entry of electromagnetic fields. It is commonly used to mitigate data emanation, which refers to the unintentional leakage of electromagnetic signals that can be intercepted by unauthorized individuals. By using a Faraday cage, the electromagnetic signals generated by electronic devices inside the cage are contained, preventing them from being intercepted or accessed by external sources. This ensures the security and confidentiality of sensitive data and helps protect against potential data breaches or unauthorized access.

    Rate this question:

  • 3. 

      An enclosure that prevents radio frequency signals from emanating out of a controlled environment is BEST described as which of the following?

    • Grounded wiring frame

    • TEMPEST

    • Faraday cage

    • Mantrap

    Correct Answer
    A. Faraday cage
    Explanation
    A Faraday cage is an enclosure that is designed to block external radio frequency signals from entering or leaving a controlled environment. It is made of conductive material, such as metal, which creates a shield that prevents electromagnetic waves from passing through. This is achieved by the principle of electromagnetic shielding, where the conductive material absorbs and redistributes the electromagnetic energy, thereby minimizing its transmission. Therefore, a Faraday cage is the best description for an enclosure that prevents radio frequency signals from emanating out of a controlled environment.

    Rate this question:

  • 4. 

      Which one of the following options will create a security buffer zone between two rooms?

    • DMX

    • Turnstile

    • Mantrap

    • Anti-pass back

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is a security measure that creates a buffer zone between two rooms by using two interlocking doors or gates. It ensures that only one door can be open at a time, preventing unauthorized access and creating a controlled entry point. This physical barrier enhances security by restricting the movement of individuals between the two rooms and allowing for proper identification and authorization before granting access.

    Rate this question:

  • 5. 

      As a network administrator you need to take personal safety into consideration. What fire suppression substances types can effectively prevent damage to electronic equipment?

    • CO2

    • Halon

    • Water

    • Foam

    Correct Answer
    A. CO2
    Explanation
    CO2 (carbon dioxide) is the correct answer because it is an effective fire suppression substance that can prevent damage to electronic equipment. CO2 is commonly used in fire suppression systems because it is non-conductive and does not leave any residue. When CO2 is released into a fire, it displaces oxygen, effectively smothering the flames and preventing further damage to the equipment. CO2 is safe to use in areas with sensitive electronics and is an efficient and reliable method of fire suppression.

    Rate this question:

  • 6. 

      A Faraday case or Faraday shield is an enclosure formed by conducting material, or by a mesh of such material. Such an enclosure blocks out external static electrical fields. Faraday cages are named after physicist Michael Faraday, who built one in 1836. Which of the following would a Faraday cage prevent usage of?

    • Uninterruptible Power Supply (UPS)

    • Cell phone

    • USB key

    • Storage drive

    Correct Answer
    A. Cell phone
    Explanation
    A Faraday cage prevents the usage of a cell phone. This is because the cage is designed to block out external static electrical fields, which includes the signals and waves used by cell phones to communicate. When a cell phone is placed inside a Faraday cage, it is effectively shielded from any incoming or outgoing signals, rendering it unable to send or receive calls, messages, or data.

    Rate this question:

  • 7. 

      An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should be used?

    • Deluge sprinkler

    • Hydrogen peroxide

    • Wet pipe sprinkler

    • Carbon dioxide

    Correct Answer
    A. Carbon dioxide
    Explanation
    Carbon dioxide is the most suitable fire suppression system for a server room because it is effective in extinguishing fires without causing damage to the equipment. Carbon dioxide works by displacing oxygen, which is necessary for combustion, and suffocating the fire. It is a clean agent that does not leave any residue or water behind, making it ideal for sensitive electronic equipment. Additionally, carbon dioxide is non-conductive, so it does not pose a risk of electrical damage.

    Rate this question:

  • 8. 

      For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?

    • VPN

    • VLAN

    • DMZ

    • NAT

    Correct Answer
    A. DMZ
    Explanation
    A DMZ (Demilitarized Zone) is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure. It acts as a buffer zone between the internal network and the external network, providing an additional layer of security. Public facing systems such as web servers or email servers can be placed in the DMZ, allowing external access while minimizing the risk of compromising the internal network.

    Rate this question:

  • 9. 

      In computing, a stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. You have been studying stateful packet inspection and want to perform this security technique on the network. Which device will you use to BEST utilize stateful packet inspection?

    • Switch

    • IDS

    • Hub

    • Firewall

    Correct Answer
    A. Firewall
    Explanation
    A firewall is the device that is best utilized for stateful packet inspection. It is specifically designed to keep track of the state of network connections and perform stateful inspection. Switches, IDS (Intrusion Detection System), and hubs do not have the same capability to perform stateful packet inspection as a firewall does. Therefore, a firewall is the most appropriate device for implementing this security technique.

    Rate this question:

  • 10. 

      A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other’s traffic. Which of the following network devices should be used?

    • Switch

    • Firewall

    • Hub

    • Router

    Correct Answer
    A. Switch
    Explanation
    A switch should be used to reduce the ability of users on the same floor and network segment to see each other's traffic. Unlike a hub, which broadcasts all traffic to all connected devices, a switch only sends traffic to the intended recipient. This means that users on the same floor and network segment will not be able to see each other's traffic unless it is specifically addressed to them. A firewall, on the other hand, is used for network security and controlling access to the network, but it does not specifically address the requirement of reducing visibility of traffic between users on the same floor and network segment. A router is used to connect different networks, but it does not provide the same level of traffic isolation as a switch.

    Rate this question:

  • 11. 

      Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexible material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically of fine woven wire for flexibility, or of a then metallic foil), and then finally covered again with a thin insulating layer on the outside. Which is the primary security risk with coaxial cable?

    • Data emanation from the core

    • Refraction of the signal

    • Crosstalk between the wire pairs

    • Diffusion of the core light source

    Correct Answer
    A. Data emanation from the core
    Explanation
    The primary security risk with coaxial cable is data emanation from the core. This means that there is a potential for the data being transmitted through the cable to leak or be intercepted, compromising the security and confidentiality of the information.

    Rate this question:

  • 12. 

      Which statement best describes a static NAT?

    • A static NAT uses a one to many mapping

    • A static NAT uses a many to many mapping

    • A static NAT uses a many to one mapping

    • A static NAT uses a one to one mapping

    Correct Answer
    A. A static NAT uses a one to one mapping
    Explanation
    A static NAT uses a one to one mapping, meaning that it translates a single private IP address to a single public IP address. This allows for a direct and specific translation between the private and public IP addresses, ensuring that each private IP address has a unique corresponding public IP address. This type of mapping is commonly used when a network device needs to have a consistent public IP address for external communication.

    Rate this question:

  • 13. 

      Which of the following is employed to allow distrusted hosts to connect to services inside a network without allowing the hosts direct access to the internal networks?

    • Demilitarized zone (DMZ)

    • VLAN

    • Extranet

    • Intranet

    Correct Answer
    A. Demilitarized zone (DMZ)
    Explanation
    A demilitarized zone (DMZ) is employed to allow distrusted hosts to connect to services inside a network without allowing the hosts direct access to the internal networks. A DMZ acts as a buffer zone between the internal network and the external network, providing an additional layer of security. It allows external users to access certain services, such as web servers or email servers, while keeping them isolated from the internal network where sensitive data is stored. This helps to protect the internal network from potential security threats that may originate from the external network.

    Rate this question:

  • 14. 

      Which media is LEAST susceptible to a tap being placed on the line?

    • Coaxial

    • UTP

    • Fiber

    • STP

    Correct Answer
    A. Fiber
    Explanation
    Fiber is the least susceptible to a tap being placed on the line because it uses light signals to transmit data instead of electrical signals. This means that it is more difficult for someone to intercept or tap into the fiber optic cable without disrupting the signal. Additionally, fiber optic cables do not emit electromagnetic radiation, making it harder for someone to detect and intercept the signal.

    Rate this question:

  • 15. 

      Fiber optic cable is considered safer than CAT5 because fiber optic cable (Select TWO)

    • Can be run for a longer distance

    • Is hard to tap into

    • Is made of glass rather than copper

    • Is more difficult o install

    • Is not susceptible to interference

    Correct Answer(s)
    A. Is hard to tap into
    A. Is not susceptible to interference
    Explanation
    Fiber optic cable is considered safer than CAT5 because it is hard to tap into. Unlike copper cables, fiber optic cables do not emit electromagnetic signals that can be intercepted, making them more secure against eavesdropping or hacking attempts. Additionally, fiber optic cables are not susceptible to interference from electromagnetic fields or radio frequency interference, ensuring a reliable and uninterrupted transmission of data.

    Rate this question:

  • 16. 

      Which of the following types of firewalls provides inspection at layer 7 of the OSI model?

    • Stateful inspection

    • Packet filters

    • Application-proxy

    • Network address translation (NAT)

    Correct Answer
    A. Application-proxy
    Explanation
    An application-proxy firewall provides inspection at layer 7 of the OSI model. This type of firewall acts as an intermediary between the client and the server, and it can analyze the application layer data to determine if the traffic should be allowed or blocked. It can understand the specific protocols and applications being used, allowing for more granular control and better protection against advanced threats. Stateful inspection and packet filters operate at lower layers of the OSI model, while network address translation (NAT) is a technique used for translating IP addresses.

    Rate this question:

  • 17. 

      A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a:

    • Honeypot

    • Packet sniffer

    • Anti-virus program

    • Firewall

    Correct Answer
    A. Firewall
    Explanation
    A firewall is a software or hardware device that acts as a barrier between a computer or network and unauthorized access from external sources. It monitors and controls incoming and outgoing network traffic based on predetermined security rules. By allowing only authorized network traffic, a firewall helps to protect the computer or network from potential threats and unauthorized access attempts.

    Rate this question:

  • 18. 

      Internet filter appliances/servers will most likely analyze which three items? (Select THREE)

    • URLs

    • Content

    • CRLs

    • Certificate

    Correct Answer(s)
    A. URLs
    A. Content
    A. Certificate
    Explanation
    Internet filter appliances/servers analyze URLs, content, and certificates. URLs are analyzed to determine the website or web page being accessed and to apply filtering rules based on the domain or specific URL. Content analysis is performed to scan and filter out any inappropriate or unauthorized content, such as malware, explicit material, or prohibited websites. Certificates are analyzed to verify the authenticity and security of the website being accessed, ensuring that it is encrypted and trusted. By analyzing these three items, internet filter appliances/servers can effectively enforce internet usage policies and protect users from potential threats or inappropriate content.

    Rate this question:

  • 19. 

      Which item will MOST likely permit an attacker to make a switch function like a hub?

    • ARP poisoning

    • MAC flooding

    • DNS poisoning

    • DNS spoofing

    Correct Answer
    A. MAC flooding
    Explanation
    MAC flooding is a technique used by attackers to overload the switch's CAM (Content Addressable Memory) table, which is responsible for mapping MAC addresses to their corresponding ports. By flooding the switch with a large number of fake MAC addresses, the attacker can cause the switch to enter into a fail-open mode, where it starts behaving like a hub and broadcasting all network traffic to all connected devices. This allows the attacker to intercept and capture sensitive information from the network.

    Rate this question:

  • 20. 

      A company implements an SMTP server on their firewall. This implementation would violate which of the following security principles?

    • Create an in-depth defense

    • Address internal threats

    • Keep the solution simple

    • Use a device as intended

    Correct Answer
    A. Use a device as intended
    Explanation
    The implementation of an SMTP server on a firewall violates the principle of "Use a device as intended." A firewall is designed to control and monitor network traffic, not to function as an email server. By using the firewall for a purpose it was not intended for, the company is potentially compromising its security and opening itself up to vulnerabilities. It is important to use devices for their intended purposes to ensure their effectiveness and maintain a secure environment.

    Rate this question:

  • 21. 

      In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?

    • A static NAT uses a many to one mapping

    • A static NAT uses a one to one mapping

    • A static NAT uses a many to many mapping

    • A static NAT uses a one to many mapping

    Correct Answer
    A. A static NAT uses a one to one mapping
    Explanation
    A static NAT uses a one to one mapping, meaning that it maps a single internal IP address to a single external IP address. This allows for a direct and specific translation of IP addresses, ensuring that each internal address corresponds to a unique external address. This can be useful in scenarios where specific devices or services need to be accessed from outside the network using a dedicated IP address.

    Rate this question:

  • 22. 

      Which method is easiest to disable a 10Base2 network?

    • Introduce crosstalk

    • Install a zombie

    • Remove a vampire tap

    • Remove a terminator

    Correct Answer
    A. Remove a terminator
    Explanation
    Removing a terminator is the easiest method to disable a 10Base2 network. A 10Base2 network uses coaxial cables, and terminators are used at both ends of the network to absorb signals and prevent reflections. By removing a terminator, the network loses its termination point, causing signal reflections and disrupting the network communication. This is a simple and straightforward method to disable the network.

    Rate this question:

  • 23. 

      A company wants to connect the network to a manufacturer’s network to be able to order parts. Which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?

    • Extranet

    • Scatternet

    • Intranet

    • VON

    Correct Answer
    A. Extranet
    Explanation
    An extranet is a private network that allows controlled access to external users, such as suppliers or partners, to a company's internal network resources. By implementing an extranet, the company can connect its network to the manufacturer's network, enabling them to order parts. The extranet provides a secure and limited connection, allowing only authorized services and resources to be accessed by the manufacturer. This ensures that the company can maintain control over the connection while still benefiting from the collaboration with the manufacturer.

    Rate this question:

  • 24. 

      Which of the following portions of a company’s network is between the Internet and an internal network?

    • Filter router

    • Demilitarized zone (DMZ)

    • Workstation

    • IDS

    Correct Answer
    A. Demilitarized zone (DMZ)
    Explanation
    A demilitarized zone (DMZ) is a portion of a company's network that is located between the Internet and an internal network. It acts as a buffer zone that separates the public-facing services and systems from the internal network, providing an additional layer of security. The DMZ allows external users to access certain services, such as email or web servers, while keeping the internal network protected from potential threats. By placing these services in the DMZ, any potential attacks or vulnerabilities are contained within this zone and do not directly impact the internal network.

    Rate this question:

  • 25. 

      The MOST common exploits of Internet-exposed network services are due to:

    • Buffer overflows

    • Active content (e.g. Java Applets)

    • Trojan horse programs

    • Illicit servers

    Correct Answer
    A. Buffer overflows
    Explanation
    Buffer overflows are the most common exploits of Internet-exposed network services because they occur when a program tries to write more data to a buffer than it can hold, causing the excess data to overflow into adjacent memory locations. This can be exploited by attackers to overwrite critical data or execute arbitrary code, leading to unauthorized access or control of the system. Active content, Trojan horse programs, and illicit servers can also be used for exploitation, but buffer overflows are more prevalent and pose a significant security risk.

    Rate this question:

  • 26. 

      A company wants to implement a VLAN. Senior management believes that VLAN will be secure because authentication is accomplished by MAC addressing and that dynamic trunking protocol (DTP) will facilitate network efficiency. Which of the following issues should be discussed with senior management before VLAN implementation?

    • MAC addresses can be spoofed and DTP allow only authenticated users

    • MAC addresses are a secure authentication mechanism and DTP allows rogue network devices to configure ports

    • MAC addresses can be spoofed and DTP allows rogue network devices to configure ports

    • MAC addresses are a secure authentication mechanism and DTP allows only authenticated users

    Correct Answer
    A. MAC addresses can be spoofed and DTP allows rogue network devices to configure ports
    Explanation
    The correct answer is "MAC addresses can be spoofed and DTP allows rogue network devices to configure ports". This answer highlights two important security concerns with implementing VLANs. MAC addresses can be easily spoofed, which means that unauthorized devices can pretend to have a legitimate MAC address and gain access to the VLAN. Additionally, DTP allows for automatic configuration of ports, which can be exploited by rogue network devices to gain unauthorized access to the VLAN. These issues should be discussed with senior management to ensure that appropriate security measures are put in place before implementing VLANs.

    Rate this question:

  • 27. 

      Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?

    • Proxy

    • ACL

    • NIDS

    • HIDS

    Correct Answer
    A. ACL
    Explanation
    ACL stands for Access Control List and it is used to implement a procedure to control inbound and outbound traffic on a network segment. ACLs are a set of rules that are applied to a network interface or device to filter traffic based on specified criteria such as source IP address, destination IP address, port number, etc. By configuring ACLs, network administrators can determine what traffic is allowed or denied to pass through a network segment, providing an additional layer of security and control.

    Rate this question:

  • 28. 

      Which of the following is MOST often used to allow a client or partner access to a network?

    • Intranet

    • Demilitarized zone (DMZ)

    • Extranet

    • VLAN

    Correct Answer
    A. Extranet
    Explanation
    An extranet is a private network that allows authorized external users, such as clients or partners, to access a company's internal network. It provides a secure and controlled environment for sharing information, collaborating on projects, and conducting business transactions. This makes it the most common choice for granting external access to a network while maintaining security and privacy. An intranet is a private network for internal use only, a DMZ is a network segment that separates an internal network from an external network, and a VLAN is a logical division of a network.

    Rate this question:

  • 29. 

      Which of the following protocols are not recommended due to them supplying passwords and information over the network?

    • SNMP (Simple Network Management Protocol)

    • Internet Control Message Protocol (ICMP)

    • Domain Name Service (DNS)

    • Network News Transfer Protocol (NNTP)

    Correct Answer
    A. SNMP (Simple Network Management Protocol)
    Explanation
    SNMP (Simple Network Management Protocol) is not recommended due to it supplying passwords and information over the network. This protocol is commonly used for network management and allows devices to be monitored and controlled. However, SNMP uses clear text passwords and does not provide encryption, making it vulnerable to interception and unauthorized access. Therefore, it is not recommended to use SNMP for transmitting sensitive information over the network.

    Rate this question:

  • 30. 

      In cryptography, a pre-shared key or PSK is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. Pre-shared keys can be applied to which of the following?

    • TPM

    • CA

    • PGP

    • Digital signature

    Correct Answer
    A. TPM
    Explanation
    A pre-shared key (PSK) can be applied to a Trusted Platform Module (TPM). A TPM is a hardware chip that securely stores cryptographic keys and performs cryptographic operations. By using a PSK, the TPM can authenticate and establish a secure connection with another party, ensuring the confidentiality and integrity of the communication. PSKs are commonly used in scenarios where two parties need to establish a secure channel without relying on a public key infrastructure or certificate authority.

    Rate this question:

  • 31. 

      On the basis of certain ports, which of the following will allow wireless access to network resources?

    • 802.1x

    • 802.11g

    • 802.11a

    • 802.11n

    Correct Answer
    A. 802.1x
    Explanation
    802.1x is a network authentication protocol that allows wireless access to network resources. It provides a secure method of authenticating and authorizing devices to connect to a network. This protocol is commonly used in Wi-Fi networks to ensure that only authorized devices can access network resources. It uses a combination of authentication methods such as usernames and passwords, digital certificates, or smart cards to verify the identity of the device trying to connect. Once authenticated, the device is granted access to the network resources.

    Rate this question:

  • 32. 

      Which one of the following is not Bluetooth threat?

    • Blue jacking

    • Discovery mode

    • A smurf attack

    • Bluesnarfing

    Correct Answer
    A. A smurf attack
    Explanation
    A smurf attack is not a Bluetooth threat. A smurf attack is a type of network attack that involves sending a large amount of ICMP echo request (ping) traffic to IP broadcast addresses, causing the targeted network to become overwhelmed and resulting in a denial of service. Bluetooth threats, on the other hand, involve security vulnerabilities and attacks specifically targeting Bluetooth technology, such as blue jacking (sending unsolicited messages to Bluetooth-enabled devices), discovery mode (making a device visible to others for pairing), and bluesnarfing (unauthorized access to information on a Bluetooth device).

    Rate this question:

  • 33. 

      To keep an 802.11x network from being automatically discovered, a user should:

    • Change the SSID name

    • Activate the SSID password

    • Turn off the SSID broadcast

    • Leave the SSID default

    Correct Answer
    A. Turn off the SSID broadcast
    Explanation
    To keep an 802.11x network from being automatically discovered, the user should turn off the SSID broadcast. This means that the network's name will not be visible to other devices, making it harder for unauthorized users to find and connect to the network. Changing the SSID name or activating a password can also enhance security, but turning off the SSID broadcast is specifically effective in preventing automatic discovery of the network. Leaving the SSID default would not provide any additional security measures.

    Rate this question:

  • 34. 

      A small manufacturing company wants to deploy secure wireless on their network. Which of the following wireless security protocols could be used (Select TWO)

    • WPA

    • WAN

    • WEP

    • IPX

    Correct Answer(s)
    A. WPA
    A. WEP
    Explanation
    WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy) are both wireless security protocols that can be used to secure a wireless network. WPA provides stronger security compared to WEP as it uses encryption algorithms and dynamic keys to protect the network. WEP, on the other hand, uses a static encryption key which makes it less secure. By using both WPA and WEP, the small manufacturing company can ensure the security of their wireless network.

    Rate this question:

  • 35. 

      What will be implemented by a technician to mitigate the chances of a successful attack against the wireless network?

    • Implement an identification system and WPA2

    • Implement an authentication system and WEP

    • Implement a biometric system and WEP

    • Implement an authentication system and WPA

    Correct Answer
    A. Implement an authentication system and WPA
    Explanation
    Implementing an authentication system and WPA (Wi-Fi Protected Access) will help mitigate the chances of a successful attack against the wireless network. WPA provides stronger security compared to WEP (Wired Equivalent Privacy) and helps protect against unauthorized access. An authentication system further adds a layer of security by verifying the identity of users before granting access to the network. This combination of authentication and encryption (WPA) helps ensure that only authorized users can connect to the network, reducing the risk of successful attacks.

    Rate this question:

  • 36. 

      The purpose of the SSID in a wireless network is to:

    • Define the encryption protocols used

    • Protect the client

    • Secure the WAP

    • Identify the network

    Correct Answer
    A. Identify the network
    Explanation
    The SSID in a wireless network is used to identify the network. It serves as the name of the network that users can see when searching for available networks to connect to. The SSID allows users to differentiate between different networks and choose the one they want to connect to. It is not used to define encryption protocols, protect the client, or secure the WAP. Its main purpose is simply to identify the network.

    Rate this question:

  • 37. 

      A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 Players, Portable Media Players or Gaming devices; household appliances and office equipment. Which of the following will permit a technician to restrict a users Access to the GUI?

    • Password policy enforcement

    • Group policy implementation

    • Use of logical tokens

    • Access control lists

    Correct Answer
    A. Group policy implementation
    Explanation
    Group policy implementation allows a technician to restrict a user's access to the graphical user interface (GUI). Group policies are a set of rules and configurations that can be applied to a group of users or computers in a network. By implementing group policies, a technician can control and limit the actions and privileges of users, including their access to the GUI. This can help ensure security and prevent unauthorized access or changes to the system.

    Rate this question:

  • 38. 

      Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?

    • False acceptance

    • False negative

    • False positive

    • False rejection

    Correct Answer
    A. False rejection
    Explanation
    False rejection is the best description for an instance where a biometric system identifies legitimate users as being unauthorized. This occurs when the system incorrectly denies access to individuals who are actually authorized to use the system. It is a type of error in which the system fails to recognize and authenticate legitimate users, leading to their rejection or denial of access.

    Rate this question:

  • 39. 

      You work as a network technician. You have been asked to reconstruct the infrastructure of an organization. You should make sure that the virtualization technology is implemented securely. What should be taken into consideration while implementing virtualization technology?

    • The technician should perform penetration testing on all the virtual servers to monitor performance

    • The technician should verify that the virtual servers and the host have the latest service packs and patches applied

    • The technician should verify that the virtual servers are dual homed so that traffic is securely separated

    • The technician should subnet the network so each virtual server is on a different network segment

    Correct Answer
    A. The technician should verify that the virtual servers and the host have the latest service packs and patches applied
    Explanation
    When implementing virtualization technology, it is important to ensure that both the virtual servers and the host have the latest service packs and patches applied. This is crucial for maintaining the security and stability of the virtual environment. Service packs and patches often include important security updates and bug fixes that address vulnerabilities and improve overall performance. By regularly updating and patching the virtual servers and host, the technician can minimize the risk of security breaches and ensure that the infrastructure remains secure.

    Rate this question:

  • 40. 

      Which method can be used to correct a single security issue on a workstation?

    • A patch

    • A service pack

    • Patch management

    • Configuration baseline

    Correct Answer
    A. A patch
    Explanation
    A patch is a software update that is designed to fix a specific security issue on a workstation. It is a small piece of code that is applied to the existing software to address vulnerabilities and improve security. By installing a patch, the specific security issue can be corrected without making any major changes to the entire system or software.

    Rate this question:

  • 41. 

      While hardening an operating system, which item is LEAST effective?

    • Configuration baselines

    • Limiting administrative privileges

    • Installing HIDS

    • Install a software firewall

    Correct Answer
    A. Installing HIDS
    Explanation
    Installing HIDS (Host-based Intrusion Detection System) is the least effective option for hardening an operating system. While HIDS can provide some level of protection by monitoring system activity and detecting potential intrusions, it is not as effective as the other options listed. Configuration baselines help establish a secure starting point for the system, limiting administrative privileges reduces the risk of unauthorized access, and installing a software firewall adds an additional layer of protection against external threats. Therefore, installing HIDS is the least effective measure among the given options.

    Rate this question:

  • 42. 

      Which of the following needs to be backed up on a domain controller to be able to recover Active Directory?

    • System state

    • Operating system

    • System files

    • User date

    Correct Answer
    A. System state
    Explanation
    To be able to recover Active Directory on a domain controller, the system state needs to be backed up. The system state includes crucial components such as the registry, system files, boot files, and Active Directory database. By backing up the system state, all the necessary information and settings required for Active Directory recovery are preserved. Backing up the operating system, system files, or user data alone would not be sufficient to recover Active Directory.

    Rate this question:

  • 43. 

      Which of the following is the BEST place to obtain a hotfix or patch for an application or system?

    • A news group or forum

    • A CD-ROM

    • An email from the vendor

    • The manufacturer’s website

    Correct Answer
    A. The manufacturer’s website
    Explanation
    The manufacturer's website is the best place to obtain a hotfix or patch for an application or system because it is the official source for updates and is likely to have the most up-to-date and reliable information. News groups or forums may provide unofficial or outdated information, a CD-ROM may not have the latest updates, and an email from the vendor may not be as accessible or comprehensive as the manufacturer's website.

    Rate this question:

  • 44. 

      The Light Weight Directory Access Protocol or LDAP is an application protocol for querying and modifying directory services running over TCP/IP. A user needs to implement secure LDAP on the network. Which port number will secure LDAP use by default?

    • 389

    • 443

    • 636

    • 53

    Correct Answer
    A. 636
    Explanation
    Secure LDAP (LDAPS) uses port number 636 by default. LDAPS is a secure version of the LDAP protocol that uses SSL/TLS encryption to provide secure communication between the client and the LDAP server. By using port 636, LDAPS ensures that the data exchanged between the client and server is encrypted, preventing unauthorized access or tampering of the data.

    Rate this question:

  • 45. 

      Which action should be performed to harden workstations and servers?

    • Check the logs regularly

    • Install only needed software

    • Report all security incidents

    • Log on only as the administrator

    Correct Answer
    A. Install only needed software
    Explanation
    Installing only needed software is an action that should be performed to harden workstations and servers. By installing only the necessary software, the attack surface of the system is reduced, minimizing the potential vulnerabilities that could be exploited by attackers. Unnecessary software increases the risk of security breaches as it may contain vulnerabilities or provide additional entry points for attackers. Therefore, installing only the required software helps in strengthening the security of workstations and servers.

    Rate this question:

  • 46. 

      Which description is correct about the standard load for all systems?

    • Configuration baseline

    • Security template

    • Group policy

    • Patch management

    Correct Answer
    A. Configuration baseline
    Explanation
    A configuration baseline refers to a standard set of settings and configurations that are established for all systems within an organization. It serves as a reference point for ensuring consistency and security across different systems. By implementing a configuration baseline, organizations can ensure that all systems are set up and maintained in a standardized and secure manner. This helps to reduce vulnerabilities and maintain a stable and reliable IT environment.

    Rate this question:

  • 47. 

      Which of the following is an installable package that includes several patches from the same vendor for various applications?

    • Service pack

    • Hotfix

    • Patch rollup

    • Patch template

    Correct Answer
    A. Service pack
    Explanation
    A service pack is an installable package that includes several patches from the same vendor for various applications. It is a cumulative update that contains bug fixes, security enhancements, and additional features. Service packs are released periodically to provide a convenient way for users to update their software and ensure that they have the latest patches and improvements.

    Rate this question:

  • 48. 

      Kerberos uses which of the following ports by default?

    • 88

    • 139

    • 23

    • 443

    Correct Answer
    A. 88
    Explanation
    Kerberos uses port 88 by default. Kerberos is a network authentication protocol that uses tickets to provide secure authentication for client-server applications. It operates on port 88 to facilitate this authentication process.

    Rate this question:

  • 49. 

      Non-essential services are often appealing to attackers because non-essential services: (Select TWO)

    • Are not visible to an IDS

    • Consume less bandwidth

    • Sustain attacks that go unnoticed

    • Provide root level access

    • Are not typically configured correctly

    Correct Answer(s)
    A. Sustain attacks that go unnoticed
    A. Are not typically configured correctly
    Explanation
    Attackers often find non-essential services appealing because these services can sustain attacks that go unnoticed and are not typically configured correctly. Non-essential services may not receive as much attention or monitoring as essential services, making it easier for attackers to exploit vulnerabilities and carry out attacks without being detected. Additionally, since these services are not critical to the functioning of a system, they may not be configured with the same level of security measures as essential services, providing attackers with potential avenues for gaining unauthorized access.

    Rate this question:

Quiz Review Timeline (Updated): Aug 8, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Aug 08, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Feb 19, 2010
    Quiz Created by
    Vtgamer

Related Topics

Recent Quizzes

PTSD Knowledge check for Module Five PTSD Knowledge check for Module Five
Overview of Modules 1, 2, and 3 Overview of Modules 1, 2, and 3
NCOA DL Module 1 (Progress Checks) NCOA DL Module 1 (Progress Checks)
CMST&101 - Module 2 Quiz CMST&101 - Module 2 Quiz
MODULE 4 - STRUCTURAL DESIGN - ANNAYAZU MODULE 4 - STRUCTURAL DESIGN - ANNAYAZU
module 3 ,4,5 & 6 module 3 ,4,5 & 6
Module 1 & 2 Module 1 & 2
CMB 151 Module 3 Unit 12 Fractures CMB 151 Module 3 Unit 12 Fractures
NephroTube Dialysis Module Mini Exam (1) NephroTube Dialysis Module Mini Exam (1)

Featured Quizzes

First 20 Elements Of The Periodic Table Quiz First 20 Elements Of The Periodic Table Quiz
Aviation General Knowledge Quiz Questions Answers Aviation General Knowledge Quiz Questions Answers
Little Miss Quiz: What Little Miss Am I? Little Miss Quiz: What Little Miss Am I?
Philippine History Quiz Questions and Answers Philippine History Quiz Questions and Answers
Basketball Quiz Questions And Answers Basketball Quiz Questions And Answers
What Is My Talent? What Is My Talent?
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.