IT Essentials 5.0 Chapter 10 Quiz-2

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Cardo.duhaney
C
Cardo.duhaney
Community Contributor
Quizzes Created: 2 | Total Attempts: 727
Questions: 22 | Attempts: 369

SettingsSettingsSettings
IT Essentials Quizzes & Trivia

Questions and Answers
  • 1. 

    A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

    • A.

      Social engineering

    • B.

      Anonymous keylogging

    • C.

      Spam

    • D.

      DDoS

    Correct Answer
    A. Social engineering
    Explanation
    This phone call represents a social engineering threat. Social engineering is a tactic used by attackers to manipulate individuals into divulging sensitive information or performing actions that compromise security. In this case, the caller is attempting to trick the user into revealing their username and password by posing as a representative of IT services and claiming it is for auditing purposes. This is a common technique used by attackers to gain unauthorized access to systems or steal sensitive information.

    Rate this question:

  • 2. 

    Which two security precautions will help protect a workplace against social engineering? (Choose two.)  

    • A.

      Ensuring that each use of an access card allows access to only one user at the time

    • B.

      Ensuring that all operating system and antivirus software is up to date

    • C.

      Encrypting all sensitive data stored on the servers

    • D.

      Performing daily data backups

    • E.

      Registering and escorting all visitors to the premises

    Correct Answer(s)
    A. Ensuring that each use of an access card allows access to only one user at the time
    E. Registering and escorting all visitors to the premises
    Explanation
    Ensuring that each use of an access card allows access to only one user at a time helps protect against social engineering by preventing unauthorized individuals from using someone else's access card. Registering and escorting all visitors to the premises helps protect against social engineering by ensuring that only authorized individuals are allowed onto the premises and preventing unauthorized individuals from gaining access through impersonation or deception.

    Rate this question:

  • 3. 

    What are two typical physical security precautions that a business can take to protect its computers and systems? (Choose two.)

    • A.

      Perform daily data backups.

    • B.

      Replace any software firewalls with a hardware firewall.

    • C.

      Implement biometric authentication.

    • D.

      Ensure that all operating system and antivirus software is up to date.

    • E.

      Disable the autorun feature in the operating system.

    Correct Answer(s)
    C. Implement biometric authentication.
    E. Disable the autorun feature in the operating system.
    Explanation
    Implementing biometric authentication and disabling the autorun feature in the operating system are two typical physical security precautions that a business can take to protect its computers and systems. Biometric authentication adds an extra layer of security by using unique physical characteristics, such as fingerprints or facial recognition, to verify the identity of individuals accessing the system. Disabling the autorun feature prevents unauthorized execution of potentially harmful programs or viruses when removable media, such as USB drives, are connected to the computer. These precautions help to prevent unauthorized access and protect against potential security threats.

    Rate this question:

  • 4. 

    Which physical security technology can hold user authentication information, include software license protection, provide encryption, and provide hardware and software authentication that is specific to the host system?

    • A.

      Biometric authentication

    • B.

      Trusted Platform Module (TPM)

    • C.

      Card key access

    • D.

      Two-factor security

    Correct Answer
    B. Trusted Platform Module (TPM)
    Explanation
    Trusted Platform Module (TPM) is a physical security technology that can hold user authentication information, provide software license protection, encryption, and hardware and software authentication specific to the host system. TPM is a dedicated microcontroller chip that stores cryptographic keys, passwords, and digital certificates securely. It provides a secure environment for the authentication process, ensuring the integrity of the system and protecting against unauthorized access. TPM can also be used for secure storage of sensitive data and to verify the integrity of the system's software and firmware.

    Rate this question:

  • 5. 

    It has been noted that the computers of employees who use removable flash drives are being infected with viruses and other malware. Which two actions can help prevent this problem in the future? (Choose two.)

    • A.

      Set virus protection software to scan removable media when data is accessed.

    • B.

      Configure the Windows Firewall to block the ports that are used by viruses.

    • C.

      Enable the TPM in the CMOS settings.

    • D.

      Repair, delete, or quarantine the infected files.

    • E.

      Disable the autorun feature in the operating system.

    Correct Answer(s)
    A. Set virus protection software to scan removable media when data is accessed.
    E. Disable the autorun feature in the operating system.
    Explanation
    Setting virus protection software to scan removable media when data is accessed can help prevent the problem because it will detect and remove any viruses or malware present on the flash drives before they can infect the computer. Disabling the autorun feature in the operating system can also help prevent the problem because it will prevent any malicious programs from automatically executing when the flash drive is connected to the computer. This will give the user the opportunity to scan the flash drive for viruses before accessing any files.

    Rate this question:

  • 6. 

    In which situation would a computer technician use the fixmbr command at the command prompt of a Windows XP computer to resolve a security issue?

    • A.

      When unauthorized users have changed the CMOS settings and the CMOS password must be reset

    • B.

      When a virus has damaged the master boot record of the system disk

    • C.

      When a virus has damaged the boot sector of the system disk

    • D.

      When the folder permissions for user members of a group are incorrect

    Correct Answer
    B. When a virus has damaged the master boot record of the system disk
    Explanation
    A computer technician would use the fixmbr command at the command prompt of a Windows XP computer to resolve a security issue when a virus has damaged the master boot record of the system disk. The master boot record (MBR) contains crucial information about the partitions and file systems on the disk, and if it gets damaged by a virus, it can prevent the computer from booting up properly. By using the fixmbr command, the technician can repair the MBR and restore the computer's ability to boot up correctly, thus resolving the security issue caused by the virus.

    Rate this question:

  • 7. 

    All users working with a particular Windows 7 computer are able to install unauthorized software. In addition to educating the users about correct security behavior, which action should also be performed to solve this issue?

    • A.

      Set the user folder permissions to Deny.

    • B.

      Disable the users’ accounts.

    • C.

      Change the user file permissions to Read Only.

    • D.

      Enable UAC on the computer.

    Correct Answer
    D. Enable UAC on the computer.
    Explanation
    Enabling UAC (User Account Control) on the computer is the correct action to solve the issue of users being able to install unauthorized software. UAC helps prevent unauthorized changes to the system by notifying users and asking for their permission before allowing certain actions to be performed. By enabling UAC, users will be prompted for their consent when attempting to install software, thereby preventing unauthorized installations. This additional layer of security, along with educating users about correct security behavior, will help mitigate the problem of unauthorized software installations.

    Rate this question:

  • 8. 

    You want to dispose of a 2.5 terabyte hard drive that contains confidential financial information. What is the recommended procedure to achieve this?  

    • A.

      Use data wiping.

    • B.

      Drill through the HDD.

    • C.

      Smash the platters with a hammer.

    • D.

      Immerse the HDD in a weak solution of bicarbonate of soda.

    Correct Answer
    C. Smash the platters with a hammer.
    Explanation
    Smashing the platters with a hammer is the recommended procedure to dispose of a 2.5 terabyte hard drive that contains confidential financial information. This method physically destroys the platters, which are the main components that store the data. By smashing the platters, the data becomes irretrievable, ensuring that the confidential financial information cannot be accessed or recovered. Using data wiping or drilling through the HDD may not completely remove the data and could potentially leave it vulnerable to being recovered. Immersing the HDD in a weak solution of bicarbonate of soda is not an effective method for securely disposing of the confidential financial information.

    Rate this question:

  • 9. 

    What is the most effective way of securing wireless traffic?  

    • A.

      WPA2

    • B.

      SSID hiding

    • C.

      WEP

    • D.

      Wireless MAC filtering

    Correct Answer
    A. WPA2
    Explanation
    WPA2 is the most effective way of securing wireless traffic. WPA2 (Wi-Fi Protected Access 2) is a security protocol that provides strong encryption and authentication for wireless networks. It is an improvement over its predecessor, WPA, and offers better security features. WPA2 uses the Advanced Encryption Standard (AES) algorithm, which is considered highly secure. It also supports enterprise-level authentication methods, such as 802.1X, which adds an extra layer of security. Overall, WPA2 is the recommended choice for securing wireless traffic due to its robust security measures.

    Rate this question:

  • 10. 

    Which two items are used in asymmetric encryption? (Choose two.)  

    • A.

      A token

    • B.

      A TPM

    • C.

      A private key

    • D.

      A DES key

    • E.

      A public key

    Correct Answer(s)
    C. A private key
    E. A public key
    Explanation
    Asymmetric encryption uses two different keys, a private key and a public key. The private key is kept secret and is used to decrypt the data that has been encrypted with the corresponding public key. The public key, on the other hand, is widely distributed and is used to encrypt data that can only be decrypted using the private key. This two-key system ensures that the data remains secure and can only be accessed by the intended recipient.

    Rate this question:

  • 11. 

    Which two characteristics describe a worm? (Choose two.)  

    • A.

      Hides in a dormant state until needed by an attacker

    • B.

      Infects computers by attaching to software code

    • C.

      Executes when software is run on a computer

    • D.

      Is self-replicating

    • E.

      Travels to new computers without any intervention or knowledge of the user

    Correct Answer(s)
    D. Is self-replicating
    E. Travels to new computers without any intervention or knowledge of the user
    Explanation
    A worm is a type of malware that is self-replicating, meaning it can create copies of itself and spread to other computers without any intervention or knowledge of the user. It is different from viruses, which typically require the user to execute a program or open a file for the infection to occur. Worms can also travel to new computers without any intervention or knowledge of the user, making them capable of spreading rapidly across networks.

    Rate this question:

  • 12. 

    Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?

    • A.

      Worm

    • B.

      Phishing

    • C.

      Adware

    • D.

      Stealth virus

    Correct Answer
    B. pHishing
    Explanation
    Phishing is a type of security threat that uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information. The intention is to deceive the recipient into providing sensitive information such as passwords, credit card details, or social security numbers. This information is then used for fraudulent purposes, such as identity theft or financial scams. Phishing attacks often exploit social engineering techniques to trick individuals into believing that the email is legitimate and trustworthy.

    Rate this question:

  • 13. 

    Which three questions should be addressed by organizations developing a security policy? (Choose three.)

    • A.

      How should future expansion be done?

    • B.

      What are the possible threats to the assets of the organization?

    • C.

      What is to be done in the case of a security breach?

    • D.

      When do the assets need protecting?

    • E.

      What assets require protection?

    • F.

      What insurance coverage is required?

    Correct Answer(s)
    B. What are the possible threats to the assets of the organization?
    C. What is to be done in the case of a security breach?
    E. What assets require protection?
    Explanation
    Organizations developing a security policy should address the following questions: What are the possible threats to the assets of the organization? This is important to identify potential risks and vulnerabilities. What is to be done in the case of a security breach? Having a plan in place to respond to and mitigate security breaches is crucial. What assets require protection? Determining which assets are most valuable and need protection helps prioritize security measures.

    Rate this question:

  • 14. 

    What does a malware detection program look for when running a scan?  

    • A.

      A service pack

    • B.

      Patterns in the programming code of the software on a computer

    • C.

      Mirror sites

    • D.

      Patches that prevent a newly discovered virus or worm from making a successful attack

    Correct Answer
    B. Patterns in the programming code of the software on a computer
    Explanation
    A malware detection program looks for patterns in the programming code of the software on a computer during a scan. It analyzes the code to identify any suspicious or malicious patterns that may indicate the presence of malware. By recognizing these patterns, the program can detect and alert the user about potential threats and take appropriate actions to remove or quarantine the malware.

    Rate this question:

  • 15. 

    Port triggering has been configured on a wireless router. Port 25 has been defined as the trigger port and port 113 as an open port. What effect does this have on network traffic?

    • A.

      Any traffic that is using port 25 going out of the internal network will also be allowed to transmit out port 113.

    • B.

      All traffic that is sent into port 25 to the internal network will also be allowed to use port 113.

    • C.

      All traffic that is sent out port 25 will open port 113 to allow inbound traffic into the internal network through port 113.

    • D.

      Any traffic that comes into port 25 allows outgoing port 113 to be used.

    Correct Answer
    C. All traffic that is sent out port 25 will open port 113 to allow inbound traffic into the internal network through port 113.
  • 16. 

    Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)  

    • A.

      Packet size

    • B.

      Physical addresses

    • C.

      Protocols

    • D.

      Packet speed

    • E.

      Ports

    Correct Answer(s)
    C. Protocols
    E. Ports
    Explanation
    When a network technician configures the company firewall to operate as a packet filter, they are monitoring the characteristics of network traffic related to protocols and ports. By filtering packets based on protocols, the firewall can allow or block certain types of network traffic based on their protocol, such as TCP or UDP. Similarly, by filtering packets based on ports, the firewall can control access to specific services or applications running on different ports, such as HTTP on port 80 or SMTP on port 25.

    Rate this question:

  • 17. 

    What is the primary goal of a DoS attack?  

    • A.

      To facilitate access to external networks

    • B.

      To prevent the target server from being able to handle additional requests

    • C.

      To scan the data on the target server

    • D.

      To obtain all addresses in the address book within the server

    Correct Answer
    B. To prevent the target server from being able to handle additional requests
    Explanation
    The primary goal of a DoS (Denial of Service) attack is to prevent the target server from being able to handle additional requests. This is achieved by overwhelming the server with a flood of malicious requests or by exploiting vulnerabilities in the server's resources, such as bandwidth or processing power. The intention is to make the server unavailable to legitimate users, disrupting its normal operation and causing inconvenience or financial loss to the target entity.

    Rate this question:

  • 18. 

    Which question would be an example of an open-ended question that a technician might ask when troubleshooting a security issue?

    • A.

      Have you scanned your computer recently for viruses?

    • B.

      What symptoms are you experiencing?

    • C.

      Did you open any attachments from a suspicious email message?

    • D.

      Is your security software up to date?

    Correct Answer
    B. What symptoms are you experiencing?
    Explanation
    The question "What symptoms are you experiencing?" would be an example of an open-ended question that a technician might ask when troubleshooting a security issue. This question allows the technician to gather specific information about the issue by allowing the person to describe the symptoms they are encountering. This can help the technician identify the root cause of the problem and provide appropriate solutions.

    Rate this question:

  • 19. 

    Which action would help a technician to determine if a denial of service attack is being caused by malware on a host?

    • A.

      Install rogue antivirus software on the host.

    • B.

      Log on to the host as a different user.

    • C.

      Disable ActiveX and Silverlight on the host.

    • D.

      Disconnect the host from the network.

    Correct Answer
    D. Disconnect the host from the network.
    Explanation
    Disconnecting the host from the network would help a technician determine if a denial of service attack is being caused by malware on the host because it isolates the host from any external communication. By disconnecting the host, the technician can observe if the denial of service attack continues or stops, which can indicate whether the attack is being caused by malware on the host or by external factors. This action allows the technician to analyze the host's behavior without any network interference.

    Rate this question:

  • 20. 

    A technician is troubleshooting a computer security issue. The computer was compromised by an attacker as a result of the user having a weak password. Which action should the technician take as a preventive measure against this type of attack happening in the future?

    • A.

      Ensure the security policy is being enforced.

    • B.

      Check the computer for the latest OS patches and updates.

    • C.

      Scan the computer with protection software.

    • D.

      Verify the physical security of all offices.

    Correct Answer
    A. Ensure the security policy is being enforced.
    Explanation
    To prevent this type of attack from happening in the future, the technician should ensure that the security policy is being enforced. This means implementing and enforcing measures such as password complexity requirements, regular password changes, and account lockouts after multiple failed login attempts. By enforcing a strong security policy, the technician can ensure that users are using strong passwords and reducing the risk of compromise due to weak passwords. Checking for the latest OS patches and updates, scanning the computer with protection software, and verifying physical security are important measures, but they do not specifically address the issue of weak passwords.

    Rate this question:

  • 21. 

    A user has reported that a computer web browser will not display the correct home page even if the default page is reset. What is the likely cause of this problem?  

    • A.

      A virus has damaged the boot sector of the system disk.

    • B.

      The computer has been infected with spyware.

    • C.

      UAC has been disabled on the computer.

    • D.

      Folder permissions have been changed from Deny to Allow.

    Correct Answer
    B. The computer has been infected with spyware.
    Explanation
    The likely cause of the problem is that the computer has been infected with spyware. Spyware is a type of malicious software that can alter browser settings, including the default home page. Even if the default page is reset, the spyware can still override the settings and display a different page.

    Rate this question:

  • 22. 

    What is the name given to the programming-code patterns of viruses?  

    • A.

      Mirrors

    • B.

      Signatures

    • C.

      Virus definition tables

    • D.

      Grayware

    Correct Answer
    B. Signatures
    Explanation
    Signatures are the name given to the programming-code patterns of viruses. Signatures are unique patterns or sequences of code that are specific to a particular virus. Antivirus software uses these signatures to identify and detect viruses in files or systems. By comparing the code patterns in files or system memory to a database of known virus signatures, antivirus software can determine if a file or system is infected with a virus.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jan 09, 2014
    Quiz Created by
    Cardo.duhaney
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.