Module III Certification Quiz Part 1

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Vtgamer
V
Vtgamer
Community Contributor
Quizzes Created: 5 | Total Attempts: 3,931
| Attempts: 141
SettingsSettings
Please wait...
  • 1/91 Questions

      Why will a Faraday cage be used?

    • To minimize weak encryption
    • To allow wireless usage
    • To find rogue access points
    • To mitigate data emanation
Please wait...
About This Quiz


Scoo quiz for security plus test test and test some more

Module III Certification Quiz Part 1 - Quiz

Quiz Preview

  • 2. 

      Which media is LEAST susceptible to a tap being placed on the line?

    • Coaxial

    • UTP

    • Fiber

    • STP

    Correct Answer
    A. Fiber
    Explanation
    Fiber is the least susceptible to a tap being placed on the line because it uses light signals to transmit data instead of electrical signals. This means that it is more difficult for someone to intercept or tap into the fiber optic cable without disrupting the signal. Additionally, fiber optic cables do not emit electromagnetic radiation, making it harder for someone to detect and intercept the signal.

    Rate this question:

  • 3. 

      Which of the following is the BEST place to obtain a hotfix or patch for an application or system?

    • A news group or forum

    • A CD-ROM

    • An email from the vendor

    • The manufacturer’s website

    Correct Answer
    A. The manufacturer’s website
    Explanation
    The manufacturer's website is the best place to obtain a hotfix or patch for an application or system because it is the official source for updates and is likely to have the most up-to-date and reliable information. News groups or forums may provide unofficial or outdated information, a CD-ROM may not have the latest updates, and an email from the vendor may not be as accessible or comprehensive as the manufacturer's website.

    Rate this question:

  • 4. 

      An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should be used?

    • Deluge sprinkler

    • Hydrogen peroxide

    • Wet pipe sprinkler

    • Carbon dioxide

    Correct Answer
    A. Carbon dioxide
    Explanation
    Carbon dioxide is the most suitable fire suppression system for a server room because it is effective in extinguishing fires without causing damage to the equipment. Carbon dioxide works by displacing oxygen, which is necessary for combustion, and suffocating the fire. It is a clean agent that does not leave any residue or water behind, making it ideal for sensitive electronic equipment. Additionally, carbon dioxide is non-conductive, so it does not pose a risk of electrical damage.

    Rate this question:

  • 5. 

      Which of the following portions of a company’s network is between the Internet and an internal network?

    • Filter router

    • Demilitarized zone (DMZ)

    • Workstation

    • IDS

    Correct Answer
    A. Demilitarized zone (DMZ)
    Explanation
    A demilitarized zone (DMZ) is a portion of a company's network that is located between the Internet and an internal network. It acts as a buffer zone that separates the public-facing services and systems from the internal network, providing an additional layer of security. The DMZ allows external users to access certain services, such as email or web servers, while keeping the internal network protected from potential threats. By placing these services in the DMZ, any potential attacks or vulnerabilities are contained within this zone and do not directly impact the internal network.

    Rate this question:

  • 6. 

      In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?

    • A static NAT uses a many to one mapping

    • A static NAT uses a one to one mapping

    • A static NAT uses a many to many mapping

    • A static NAT uses a one to many mapping

    Correct Answer
    A. A static NAT uses a one to one mapping
    Explanation
    A static NAT uses a one to one mapping, meaning that it maps a single internal IP address to a single external IP address. This allows for a direct and specific translation of IP addresses, ensuring that each internal address corresponds to a unique external address. This can be useful in scenarios where specific devices or services need to be accessed from outside the network using a dedicated IP address.

    Rate this question:

  • 7. 

      An enclosure that prevents radio frequency signals from emanating out of a controlled environment is BEST described as which of the following?

    • Grounded wiring frame

    • TEMPEST

    • Faraday cage

    • Mantrap

    Correct Answer
    A. Faraday cage
    Explanation
    A Faraday cage is an enclosure that is designed to block external radio frequency signals from entering or leaving a controlled environment. It is made of conductive material, such as metal, which creates a shield that prevents electromagnetic waves from passing through. This is achieved by the principle of electromagnetic shielding, where the conductive material absorbs and redistributes the electromagnetic energy, thereby minimizing its transmission. Therefore, a Faraday cage is the best description for an enclosure that prevents radio frequency signals from emanating out of a controlled environment.

    Rate this question:

  • 8. 

      A Faraday case or Faraday shield is an enclosure formed by conducting material, or by a mesh of such material. Such an enclosure blocks out external static electrical fields. Faraday cages are named after physicist Michael Faraday, who built one in 1836. Which of the following would a Faraday cage prevent usage of?

    • Uninterruptible Power Supply (UPS)

    • Cell phone

    • USB key

    • Storage drive

    Correct Answer
    A. Cell phone
    Explanation
    A Faraday cage prevents the usage of a cell phone. This is because the cage is designed to block out external static electrical fields, which includes the signals and waves used by cell phones to communicate. When a cell phone is placed inside a Faraday cage, it is effectively shielded from any incoming or outgoing signals, rendering it unable to send or receive calls, messages, or data.

    Rate this question:

  • 9. 

      A small manufacturing company wants to deploy secure wireless on their network. Which of the following wireless security protocols could be used (Select TWO)

    • WPA

    • WAN

    • WEP

    • IPX

    Correct Answer(s)
    A. WPA
    A. WEP
    Explanation
    WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy) are both wireless security protocols that can be used to secure a wireless network. WPA provides stronger security compared to WEP as it uses encryption algorithms and dynamic keys to protect the network. WEP, on the other hand, uses a static encryption key which makes it less secure. By using both WPA and WEP, the small manufacturing company can ensure the security of their wireless network.

    Rate this question:

  • 10. 

      The purpose of the SSID in a wireless network is to:

    • Define the encryption protocols used

    • Protect the client

    • Secure the WAP

    • Identify the network

    Correct Answer
    A. Identify the network
    Explanation
    The SSID in a wireless network is used to identify the network. It serves as the name of the network that users can see when searching for available networks to connect to. The SSID allows users to differentiate between different networks and choose the one they want to connect to. It is not used to define encryption protocols, protect the client, or secure the WAP. Its main purpose is simply to identify the network.

    Rate this question:

  • 11. 

      Which description is true about the process of securely removing information from media (e.g. hard drive) for future use?

    • Reformatting

    • Sanitization

    • Deleting

    • Destruction

    Correct Answer
    A. Sanitization
    Explanation
    Sanitization is the process of securely removing information from media, such as a hard drive, to ensure that it cannot be recovered or accessed in the future. This involves using specialized software or hardware to overwrite the data multiple times, making it virtually impossible to retrieve. Reformatting, deleting, and destruction may not completely remove the data or make it unrecoverable, while sanitization ensures that the information is permanently erased.

    Rate this question:

  • 12. 

    Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?

    • Token access

    • Security badges

    • Hardware locks

    • Mantrap

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is a security measure that can be installed at a data center to prevent piggybacking. It is a small enclosed area with two doors, where one door cannot be opened until the other is closed. This ensures that only one person can enter at a time and prevents unauthorized individuals from entering by piggybacking on authorized staff. By installing a mantrap, the data center can effectively control access and prevent unauthorized entry.

    Rate this question:

  • 13. 

      A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a:

    • Honeypot

    • Packet sniffer

    • Anti-virus program

    • Firewall

    Correct Answer
    A. Firewall
    Explanation
    A firewall is a software or hardware device that acts as a barrier between a computer or network and unauthorized access from external sources. It monitors and controls incoming and outgoing network traffic based on predetermined security rules. By allowing only authorized network traffic, a firewall helps to protect the computer or network from potential threats and unauthorized access attempts.

    Rate this question:

  • 14. 

      To keep an 802.11x network from being automatically discovered, a user should:

    • Change the SSID name

    • Activate the SSID password

    • Turn off the SSID broadcast

    • Leave the SSID default

    Correct Answer
    A. Turn off the SSID broadcast
    Explanation
    To keep an 802.11x network from being automatically discovered, the user should turn off the SSID broadcast. This means that the network's name will not be visible to other devices, making it harder for unauthorized users to find and connect to the network. Changing the SSID name or activating a password can also enhance security, but turning off the SSID broadcast is specifically effective in preventing automatic discovery of the network. Leaving the SSID default would not provide any additional security measures.

    Rate this question:

  • 15. 

      Which method can be used to correct a single security issue on a workstation?

    • A patch

    • A service pack

    • Patch management

    • Configuration baseline

    Correct Answer
    A. A patch
    Explanation
    A patch is a software update that is designed to fix a specific security issue on a workstation. It is a small piece of code that is applied to the existing software to address vulnerabilities and improve security. By installing a patch, the specific security issue can be corrected without making any major changes to the entire system or software.

    Rate this question:

  • 16. 

      Which of the following is an installable package that includes several patches from the same vendor for various applications?

    • Service pack

    • Hotfix

    • Patch rollup

    • Patch template

    Correct Answer
    A. Service pack
    Explanation
    A service pack is an installable package that includes several patches from the same vendor for various applications. It is a cumulative update that contains bug fixes, security enhancements, and additional features. Service packs are released periodically to provide a convenient way for users to update their software and ensure that they have the latest patches and improvements.

    Rate this question:

  • 17. 

      Your company has already implemented two-factor authentication and wants to install a third authentication factor. If the existing authentication system uses strong passwords and PKI tokens, which item would provide a third factor?

    • Pass phrases

    • Six digit PINs

    • Elliptic curve

    • Fingerprint scanner

    Correct Answer
    A. Fingerprint scanner
    Explanation
    A fingerprint scanner would provide a third authentication factor because it is a biometric factor that verifies the unique physical characteristic of an individual, adding an extra layer of security to the existing two-factor authentication system. This would make it more difficult for unauthorized individuals to gain access to the system, as they would need to possess not only the strong password and PKI token, but also have their fingerprint recognized by the scanner.

    Rate this question:

  • 18. 

      Which of the following are components of host hardening? (Select TWO) Choose at least one answer.

    • Adding users to the administrator group

    • Disabling unnecessary services

    • Removing a user’s access to the user’s data

    • Applying patches

    • Configuring the Start menu and Desktop

    Correct Answer(s)
    A. Disabling unnecessary services
    A. Applying patches
    Explanation
    Host hardening refers to the process of securing a host or computer system by reducing its vulnerabilities and strengthening its defenses. Disabling unnecessary services is an important component of host hardening as it helps to minimize the attack surface by shutting down any services that are not required for the system's operation. Applying patches is also crucial as it ensures that the system is up to date with the latest security fixes and updates, reducing the risk of exploitation by known vulnerabilities.

    Rate this question:

  • 19. 

      Which item specifies a set of consistent requirements for a workstation or server?

    • Vulnerability assessment

    • Configuration baseline

    • Imaging software

    • Patch management

    Correct Answer
    A. Configuration baseline
    Explanation
    A configuration baseline is a set of consistent requirements for a workstation or server. It defines the desired state of the system and ensures that it remains consistent and secure. It includes specifications such as hardware requirements, operating system settings, software versions, and security settings. By adhering to a configuration baseline, organizations can ensure that their systems are properly configured and meet the necessary security standards.

    Rate this question:

  • 20. 

      Which of the following BEST describes the baseline process of securing devices on a network infrastructure?

    • Enumerating

    • Passive detection

    • Active prevention

    • Hardening

    Correct Answer
    A. Hardening
    Explanation
    Hardening refers to the process of securing devices on a network infrastructure by implementing various security measures such as disabling unnecessary services, applying security patches, configuring strong passwords, and implementing access controls. This helps in reducing the attack surface and strengthening the overall security posture of the network devices. Hardening is considered as the baseline process for securing devices as it establishes a strong foundation for implementing other security measures and controls.

    Rate this question:

  • 21. 

      Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexible material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically of fine woven wire for flexibility, or of a then metallic foil), and then finally covered again with a thin insulating layer on the outside. Which is the primary security risk with coaxial cable?

    • Data emanation from the core

    • Refraction of the signal

    • Crosstalk between the wire pairs

    • Diffusion of the core light source

    Correct Answer
    A. Data emanation from the core
    Explanation
    The primary security risk with coaxial cable is data emanation from the core. This means that there is a potential for the data being transmitted through the cable to leak or be intercepted, compromising the security and confidentiality of the information.

    Rate this question:

  • 22. 

      Fiber optic cable is considered safer than CAT5 because fiber optic cable (Select TWO)

    • Can be run for a longer distance

    • Is hard to tap into

    • Is made of glass rather than copper

    • Is more difficult o install

    • Is not susceptible to interference

    Correct Answer(s)
    A. Is hard to tap into
    A. Is not susceptible to interference
    Explanation
    Fiber optic cable is considered safer than CAT5 because it is hard to tap into. Unlike copper cables, fiber optic cables do not emit electromagnetic signals that can be intercepted, making them more secure against eavesdropping or hacking attempts. Additionally, fiber optic cables are not susceptible to interference from electromagnetic fields or radio frequency interference, ensuring a reliable and uninterrupted transmission of data.

    Rate this question:

  • 23. 

      A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 player, Portable Media Player or Gaming device; household appliances and office equipment. Which of the following will allow a technician to restrict a user access to the GUI?

    • User of logical token

    • Group policy implementation

    • Access control lists

    • password policy enforcement

    Correct Answer
    A. Group policy implementation
    Explanation
    Group policy implementation allows a technician to restrict a user's access to the graphical user interface (GUI). Group policies are a set of rules and settings that can be applied to a group of users or computers in a network. By implementing group policies, a technician can control various aspects of a user's access and privileges, including restricting their access to the GUI. This can be useful in situations where certain users need limited access or where specific settings need to be enforced for security or organizational reasons.

    Rate this question:

  • 24. 

      Which one of the following options will create a security buffer zone between two rooms?

    • DMX

    • Turnstile

    • Mantrap

    • Anti-pass back

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is a security measure that creates a buffer zone between two rooms by using two interlocking doors or gates. It ensures that only one door can be open at a time, preventing unauthorized access and creating a controlled entry point. This physical barrier enhances security by restricting the movement of individuals between the two rooms and allowing for proper identification and authorization before granting access.

    Rate this question:

  • 25. 

      Which action should be performed to harden workstations and servers?

    • Check the logs regularly

    • Install only needed software

    • Report all security incidents

    • Log on only as the administrator

    Correct Answer
    A. Install only needed software
    Explanation
    Installing only needed software is an action that should be performed to harden workstations and servers. By installing only the necessary software, the attack surface of the system is reduced, minimizing the potential vulnerabilities that could be exploited by attackers. Unnecessary software increases the risk of security breaches as it may contain vulnerabilities or provide additional entry points for attackers. Therefore, installing only the required software helps in strengthening the security of workstations and servers.

    Rate this question:

  • 26. 

      As a network administrator you need to take personal safety into consideration. What fire suppression substances types can effectively prevent damage to electronic equipment?

    • CO2

    • Halon

    • Water

    • Foam

    Correct Answer
    A. CO2
    Explanation
    CO2 (carbon dioxide) is the correct answer because it is an effective fire suppression substance that can prevent damage to electronic equipment. CO2 is commonly used in fire suppression systems because it is non-conductive and does not leave any residue. When CO2 is released into a fire, it displaces oxygen, effectively smothering the flames and preventing further damage to the equipment. CO2 is safe to use in areas with sensitive electronics and is an efficient and reliable method of fire suppression.

    Rate this question:

  • 27. 

      Which method is easiest to disable a 10Base2 network?

    • Introduce crosstalk

    • Install a zombie

    • Remove a vampire tap

    • Remove a terminator

    Correct Answer
    A. Remove a terminator
    Explanation
    Removing a terminator is the easiest method to disable a 10Base2 network. A 10Base2 network uses coaxial cables, and terminators are used at both ends of the network to absorb signals and prevent reflections. By removing a terminator, the network loses its termination point, causing signal reflections and disrupting the network communication. This is a simple and straightforward method to disable the network.

    Rate this question:

  • 28. 

      A company wants to connect the network to a manufacturer’s network to be able to order parts. Which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?

    • Extranet

    • Scatternet

    • Intranet

    • VON

    Correct Answer
    A. Extranet
    Explanation
    An extranet is a private network that allows controlled access to external users, such as suppliers or partners, to a company's internal network resources. By implementing an extranet, the company can connect its network to the manufacturer's network, enabling them to order parts. The extranet provides a secure and limited connection, allowing only authorized services and resources to be accessed by the manufacturer. This ensures that the company can maintain control over the connection while still benefiting from the collaboration with the manufacturer.

    Rate this question:

  • 29. 

      Which one of the following is not Bluetooth threat?

    • Blue jacking

    • Discovery mode

    • A smurf attack

    • Bluesnarfing

    Correct Answer
    A. A smurf attack
    Explanation
    A smurf attack is not a Bluetooth threat. A smurf attack is a type of network attack that involves sending a large amount of ICMP echo request (ping) traffic to IP broadcast addresses, causing the targeted network to become overwhelmed and resulting in a denial of service. Bluetooth threats, on the other hand, involve security vulnerabilities and attacks specifically targeting Bluetooth technology, such as blue jacking (sending unsolicited messages to Bluetooth-enabled devices), discovery mode (making a device visible to others for pairing), and bluesnarfing (unauthorized access to information on a Bluetooth device).

    Rate this question:

  • 30. 

      Why is malware that uses virtualization techniques difficult to detect?

    • A portion of the malware may have been removed by the IDS

    • The malware may be running at a more privileged level than the antivirus software

    • The malware may be using a Trojan to infect the system

    • The malware may be implementing a proxy server for command and control

    Correct Answer
    A. The malware may be running at a more privileged level than the antivirus software
    Explanation
    Malware that uses virtualization techniques can be difficult to detect because it may be running at a more privileged level than the antivirus software. This means that the malware has higher privileges and can potentially hide itself from detection by the antivirus software. It can also manipulate the virtualization environment to evade detection and make it harder for security systems to identify its presence. This makes it challenging for traditional antivirus software to detect and remove the malware effectively.

    Rate this question:

  • 31. 

      Default passwords in hardware and software should be changed ________________.

    • Once each month

    • If a threat becomes known

    • When the hardware or software is turned on

    • When the vendor requires it

    Correct Answer
    A. When the hardware or software is turned on
    Explanation
    Default passwords in hardware and software should be changed when the hardware or software is turned on. This is because default passwords are commonly known and can be easily exploited by attackers. Changing the default passwords as soon as the hardware or software is turned on helps to enhance security and prevent unauthorized access.

    Rate this question:

  • 32. 

      Which of the following types of firewalls provides inspection at layer 7 of the OSI model?

    • Stateful inspection

    • Packet filters

    • Application-proxy

    • Network address translation (NAT)

    Correct Answer
    A. Application-proxy
    Explanation
    An application-proxy firewall provides inspection at layer 7 of the OSI model. This type of firewall acts as an intermediary between the client and the server, and it can analyze the application layer data to determine if the traffic should be allowed or blocked. It can understand the specific protocols and applications being used, allowing for more granular control and better protection against advanced threats. Stateful inspection and packet filters operate at lower layers of the OSI model, while network address translation (NAT) is a technique used for translating IP addresses.

    Rate this question:

  • 33. 

      The hashing algorithm is created from a hash value, making it nearly impossible to derive the original input number. Which item can implement the strongest hashing algorithm?

    • LANMAN

    • NTLM

    • NTLMv2

    • VLAN

    Correct Answer
    A. NTLMv2
    Explanation
    NTLMv2 can implement the strongest hashing algorithm. The hashing algorithm used in NTLMv2 is designed to be highly secure and resistant to attacks. It is created from a hash value, which makes it extremely difficult to reverse engineer and derive the original input number. This level of complexity and security makes NTLMv2 a strong choice for implementing a hashing algorithm.

    Rate this question:

  • 34. 

      What are best practices while installing and securing a new system for a home user? (Select THREE)

    • Apply all system patches

    • Apply all service packs

    • Install remote control software

    • Use a strong firewall

    Correct Answer(s)
    A. Apply all system patches
    A. Apply all service packs
    A. Use a strong firewall
    Explanation
    The best practices for installing and securing a new system for a home user include applying all system patches and service packs. This ensures that the system has the latest updates and fixes for any vulnerabilities. Additionally, using a strong firewall is important to protect the system from unauthorized access and potential threats. Installing remote control software may not be a best practice as it can introduce security risks and potentially allow unauthorized access to the system.

    Rate this question:

  • 35. 

      On the basis of certain ports, which of the following will allow wireless access to network resources?

    • 802.1x

    • 802.11g

    • 802.11a

    • 802.11n

    Correct Answer
    A. 802.1x
    Explanation
    802.1x is a network authentication protocol that allows wireless access to network resources. It provides a secure method of authenticating and authorizing devices to connect to a network. This protocol is commonly used in Wi-Fi networks to ensure that only authorized devices can access network resources. It uses a combination of authentication methods such as usernames and passwords, digital certificates, or smart cards to verify the identity of the device trying to connect. Once authenticated, the device is granted access to the network resources.

    Rate this question:

  • 36. 

      You work as a network technician. You have been asked to reconstruct the infrastructure of an organization. You should make sure that the virtualization technology is implemented securely. What should be taken into consideration while implementing virtualization technology?

    • The technician should perform penetration testing on all the virtual servers to monitor performance

    • The technician should verify that the virtual servers and the host have the latest service packs and patches applied

    • The technician should verify that the virtual servers are dual homed so that traffic is securely separated

    • The technician should subnet the network so each virtual server is on a different network segment

    Correct Answer
    A. The technician should verify that the virtual servers and the host have the latest service packs and patches applied
    Explanation
    When implementing virtualization technology, it is important to ensure that both the virtual servers and the host have the latest service packs and patches applied. This is crucial for maintaining the security and stability of the virtual environment. Service packs and patches often include important security updates and bug fixes that address vulnerabilities and improve overall performance. By regularly updating and patching the virtual servers and host, the technician can minimize the risk of security breaches and ensure that the infrastructure remains secure.

    Rate this question:

  • 37. 

      Which of the following authentication systems make use of the KDC Key Distribution Center?

    • Security Tokens

    • CHAP

    • Certificates

    • Kerberos

    Correct Answer
    A. Kerberos
    Explanation
    Kerberos is the correct answer because it is an authentication protocol that uses a Key Distribution Center (KDC) to authenticate users and provide secure access to network resources. The KDC acts as a trusted third party that issues tickets to users, which they can present to access services. These tickets are encrypted using a shared secret key between the KDC and the service being accessed, ensuring secure authentication and authorization.

    Rate this question:

  • 38. 

      For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?

    • VPN

    • VLAN

    • DMZ

    • NAT

    Correct Answer
    A. DMZ
    Explanation
    A DMZ (Demilitarized Zone) is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure. It acts as a buffer zone between the internal network and the external network, providing an additional layer of security. Public facing systems such as web servers or email servers can be placed in the DMZ, allowing external access while minimizing the risk of compromising the internal network.

    Rate this question:

  • 39. 

      Which description is correct about the standard load for all systems?

    • Configuration baseline

    • Security template

    • Group policy

    • Patch management

    Correct Answer
    A. Configuration baseline
    Explanation
    A configuration baseline refers to a standard set of settings and configurations that are established for all systems within an organization. It serves as a reference point for ensuring consistency and security across different systems. By implementing a configuration baseline, organizations can ensure that all systems are set up and maintained in a standardized and secure manner. This helps to reduce vulnerabilities and maintain a stable and reliable IT environment.

    Rate this question:

  • 40. 

      Non-essential services are often appealing to attackers because non-essential services: (Select TWO)

    • Are not visible to an IDS

    • Consume less bandwidth

    • Sustain attacks that go unnoticed

    • Provide root level access

    • Are not typically configured correctly

    Correct Answer(s)
    A. Sustain attacks that go unnoticed
    A. Are not typically configured correctly
    Explanation
    Attackers often find non-essential services appealing because these services can sustain attacks that go unnoticed and are not typically configured correctly. Non-essential services may not receive as much attention or monitoring as essential services, making it easier for attackers to exploit vulnerabilities and carry out attacks without being detected. Additionally, since these services are not critical to the functioning of a system, they may not be configured with the same level of security measures as essential services, providing attackers with potential avenues for gaining unauthorized access.

    Rate this question:

  • 41. 

      Which technology is able to isolate a host OS from some types of security threats?

    • Intrusion detection

    • Cloning

    • Virtualization

    • Kiting

    Correct Answer
    A. Virtualization
    Explanation
    Virtualization is a technology that can isolate a host OS from some types of security threats. By creating virtual machines, the host OS can be separated from the virtualized environment, providing an additional layer of protection. This isolation helps to prevent malware or other security threats from affecting the host OS, as any malicious activity is contained within the virtual machine. Virtualization also allows for easier management and monitoring of security measures, making it an effective solution for mitigating security risks.

    Rate this question:

  • 42. 

      For which reason are clocks used in Kerberos authentication?

    • Clocks are used to generate the seed value for the encryption keys

    • Clocks are used to ensure proper connections

    • Clocks are used to ensure that tickets expire correctly

    • Clocks are used to both benchmark and specify the optimal encryption algorithm.

    Correct Answer
    A. Clocks are used to ensure that tickets expire correctly
    Explanation
    Clocks are used to ensure that tickets expire correctly in Kerberos authentication. This is because Kerberos uses time-based ticket expiration as a security measure. The clocks help to keep track of the current time and ensure that tickets are only valid for a certain period. When a ticket expires, it cannot be used for authentication anymore, enhancing the security of the system.

    Rate this question:

  • 43. 

      Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?

    • False acceptance

    • False negative

    • False positive

    • False rejection

    Correct Answer
    A. False rejection
    Explanation
    False rejection is the best description for an instance where a biometric system identifies legitimate users as being unauthorized. This occurs when the system incorrectly denies access to individuals who are actually authorized to use the system. It is a type of error in which the system fails to recognize and authenticate legitimate users, leading to their rejection or denial of access.

    Rate this question:

  • 44. 

      After the maximum number attempts have failed, which of the following could set an account to lockout for 30 minutes?

    • Account lockout threshold

    • Password complexity requirements

    • Account lockout duration

    • Key distribution center

    Correct Answer
    A. Account lockout duration
    Explanation
    The account lockout duration is the setting that determines how long an account will be locked out after the maximum number of failed login attempts. In this case, after the maximum number of attempts have failed, the account will be locked out for 30 minutes. The other options, such as account lockout threshold, password complexity requirements, and key distribution center, do not directly determine the lockout duration.

    Rate this question:

  • 45. 

      Which one of the following processes is best to remove Personally Identifiable Information (PII) data from a disk drive before reuse?

    • Reformatting

    • Sanitization

    • Degaussing

    • Destruction

    Correct Answer
    A. Sanitization
    Explanation
    Sanitization is the best process to remove Personally Identifiable Information (PII) data from a disk drive before reuse. Sanitization involves the thorough and irreversible removal of all data from the disk drive, ensuring that it cannot be recovered through any means. This process goes beyond simple reformatting, which can still leave traces of data behind. Degaussing, on the other hand, is a process that erases data using a magnetic field, but it may not be effective on solid-state drives. Destruction, while effective, renders the disk drive completely unusable and is not suitable for reuse. Therefore, sanitization is the most appropriate method for securely removing PII data from a disk drive.

    Rate this question:

  • 46. 

      A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other’s traffic. Which of the following network devices should be used?

    • Switch

    • Firewall

    • Hub

    • Router

    Correct Answer
    A. Switch
    Explanation
    A switch should be used to reduce the ability of users on the same floor and network segment to see each other's traffic. Unlike a hub, which broadcasts all traffic to all connected devices, a switch only sends traffic to the intended recipient. This means that users on the same floor and network segment will not be able to see each other's traffic unless it is specifically addressed to them. A firewall, on the other hand, is used for network security and controlling access to the network, but it does not specifically address the requirement of reducing visibility of traffic between users on the same floor and network segment. A router is used to connect different networks, but it does not provide the same level of traffic isolation as a switch.

    Rate this question:

  • 47. 

      A company implements an SMTP server on their firewall. This implementation would violate which of the following security principles?

    • Create an in-depth defense

    • Address internal threats

    • Keep the solution simple

    • Use a device as intended

    Correct Answer
    A. Use a device as intended
    Explanation
    The implementation of an SMTP server on a firewall violates the principle of "Use a device as intended." A firewall is designed to control and monitor network traffic, not to function as an email server. By using the firewall for a purpose it was not intended for, the company is potentially compromising its security and opening itself up to vulnerabilities. It is important to use devices for their intended purposes to ensure their effectiveness and maintain a secure environment.

    Rate this question:

  • 48. 

      When a new network device is configured for first-time installation, which of the following is a security threat?

    • Use of default passwords

    • Denial of Service (DoS)

    • Installation of a back door

    • Attacker privilege escalation

    Correct Answer
    A. Use of default passwords
    Explanation
    The use of default passwords during the first-time installation of a network device can pose a security threat. Default passwords are often well-known and easily accessible to attackers, making it easier for them to gain unauthorized access to the device. This can lead to potential breaches, data theft, and unauthorized control over the network device. It is crucial to change default passwords to unique and strong ones to mitigate this security risk.

    Rate this question:

  • 49. 

      Internet filter appliances/servers will most likely analyze which three items? (Select THREE)

    • URLs

    • Content

    • CRLs

    • Certificate

    Correct Answer(s)
    A. URLs
    A. Content
    A. Certificate
    Explanation
    Internet filter appliances/servers analyze URLs, content, and certificates. URLs are analyzed to determine the website or web page being accessed and to apply filtering rules based on the domain or specific URL. Content analysis is performed to scan and filter out any inappropriate or unauthorized content, such as malware, explicit material, or prohibited websites. Certificates are analyzed to verify the authenticity and security of the website being accessed, ensuring that it is encrypted and trusted. By analyzing these three items, internet filter appliances/servers can effectively enforce internet usage policies and protect users from potential threats or inappropriate content.

    Rate this question:

Quiz Review Timeline (Updated): Aug 8, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Aug 08, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Feb 19, 2010
    Quiz Created by
    Vtgamer
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.