IT Essentials V5 Chapter 10

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By John
J
John
Community Contributor
Quizzes Created: 6 | Total Attempts: 4,216
Questions: 22 | Attempts: 865

SettingsSettingsSettings
IT Essentials V5 Chapter 10 - Quiz


Questions and Answers
  • 1. 

    A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

    • A.

      Social engineering

    • B.

      Anonymous keylogging

    • C.

      Spam

    • D.

      DDoS

    Correct Answer
    A. Social engineering
    Explanation
    This phone call represents a social engineering threat. Social engineering is a tactic used by attackers to manipulate and deceive individuals into divulging sensitive information, such as usernames and passwords. In this case, the caller pretends to be from IT services and asks for confirmation of login credentials under the guise of auditing purposes. By exploiting the user's trust and authority, the attacker aims to gain unauthorized access to the system or steal sensitive data.

    Rate this question:

  • 2. 

    Which two security precautions will help protect a workplace against social engineering? (Choose two.)

    • A.

      Ensuring that each use of an access card allows access to only one user at the time

    • B.

      Ensuring that all operating system and antivirus software is up to date

    • C.

      Encrypting all sensitive data stored on the servers

    • D.

      Performing daily data backups

    • E.

      Registering and escorting all visitors to the premises

    Correct Answer(s)
    A. Ensuring that each use of an access card allows access to only one user at the time
    E. Registering and escorting all visitors to the premises
    Explanation
    Ensuring that each use of an access card allows access to only one user at a time helps protect against unauthorized access to the workplace. Registering and escorting all visitors to the premises helps prevent unauthorized individuals from entering the workplace and potentially engaging in social engineering tactics.

    Rate this question:

  • 3. 

    What are two typical physical security precautions that a business can take to protect its computers and systems? (Choose two.)

    • A.

      Perform daily data backups.

    • B.

      Replace any software firewalls with a hardware firewall.

    • C.

      Implement biometric authentication.

    • D.

      Ensure that all operating system and antivirus software is up to date.

    • E.

      Disable the autorun feature in the operating system.

    Correct Answer(s)
    C. Implement biometric authentication.
    E. Disable the autorun feature in the operating system.
    Explanation
    Implementing biometric authentication and disabling the autorun feature in the operating system are two typical physical security precautions that a business can take to protect its computers and systems. Biometric authentication adds an extra layer of security by using unique physical characteristics such as fingerprints or facial recognition to verify the identity of users. Disabling the autorun feature prevents unauthorized programs or malware from automatically running when a device is connected, reducing the risk of infection or data breaches. These precautions help to ensure that only authorized individuals can access the systems and protect against potential threats.

    Rate this question:

  • 4. 

    Which physical security technology can hold user authentication information, include software license protection, provide encryption, and provide hardware and software authentication that is specific to the host system?

    • A.

      Biometric authentication

    • B.

      Trusted Platform Module (TPM)

    • C.

      Card key access

    • D.

      Two-factor security

    Correct Answer
    B. Trusted Platform Module (TPM)
    Explanation
    Trusted Platform Module (TPM) is the correct answer because it is a physical security technology that can hold user authentication information, provide encryption, and offer hardware and software authentication that is specific to the host system. TPM is a microchip that is embedded in a computer's motherboard and it provides a secure storage area for cryptographic keys, passwords, and other sensitive data. It also supports software license protection by securely storing license information. Overall, TPM enhances the security of a system by providing various authentication and encryption capabilities.

    Rate this question:

  • 5. 

    It has been noted that the computers of employees who use removable flash drives are being infected with viruses and other malware. Which two actions can help prevent this problem in the future? (Choose two.)

    • A.

      Set virus protection software to scan removable media when data is accessed.

    • B.

      Configure the Windows Firewall to block the ports that are used by viruses.

    • C.

      Enable the TPM in the CMOS settings.

    • D.

      Repair, delete, or quarantine the infected files.

    • E.

      Disable the autorun feature in the operating system.

    Correct Answer(s)
    A. Set virus protection software to scan removable media when data is accessed.
    E. Disable the autorun feature in the operating system.
    Explanation
    The two actions that can help prevent the problem of computers being infected with viruses and malware through removable flash drives are:
    1. Setting virus protection software to scan removable media when data is accessed. This ensures that any viruses or malware present on the flash drive are detected and prevented from infecting the computer.
    2. Disabling the autorun feature in the operating system. This prevents any malicious programs or scripts from automatically running when a removable flash drive is connected to the computer, reducing the risk of infection.

    Rate this question:

  • 6. 

    In which situation would a computer technician use the fixmbr command at the command prompt of a Windows XP computer to resolve a security issue?

    • A.

      When unauthorized users have changed the CMOS settings and the CMOS password must be reset

    • B.

      When a virus has damaged the master boot record of the system disk

    • C.

      When a virus has damaged the boot sector of the system disk

    • D.

      When the folder permissions for user members of a group are incorrect

    Correct Answer
    B. When a virus has damaged the master boot record of the system disk
    Explanation
    A computer technician would use the fixmbr command at the command prompt of a Windows XP computer to resolve a security issue when a virus has damaged the master boot record of the system disk. The master boot record (MBR) is a critical component of a computer's startup process, and if it becomes infected or corrupted by a virus, it can prevent the computer from booting up properly. Using the fixmbr command can repair the damaged MBR and allow the computer to start up normally, resolving the security issue caused by the virus.

    Rate this question:

  • 7. 

    All users working with a particular Windows 7 computer are able to install unauthorized software. In addition to educating the users about correct security behavior, which action should also be performed to solve this issue?

    • A.

      Set the user folder permissions to Deny.

    • B.

      Disable the users’ accounts.

    • C.

      Change the user file permissions to Read Only.

    • D.

      Enable UAC on the computer.

    Correct Answer
    D. Enable UAC on the computer.
    Explanation
    Enabling User Account Control (UAC) on the computer is the correct action to solve the issue of users being able to install unauthorized software. UAC is a security feature in Windows that prompts users for permission or an administrator password before allowing certain actions to be performed. By enabling UAC, users will be prompted to provide credentials or consent when attempting to install software, preventing unauthorized installations. This helps to enforce security measures and restrict users from making changes to the system without proper authorization.

    Rate this question:

  • 8. 

    You want to dispose of a 2.5 terabyte hard drive that contains confidential financial information. What is the recommended procedure to achieve this?

    • A.

      Use data wiping.

    • B.

      Drill through the HDD.

    • C.

      Smash the platters with a hammer.

    • D.

      Immerse the HDD in a weak solution of bicarbonate of soda.

    Correct Answer
    C. Smash the platters with a hammer.
    Explanation
    The recommended procedure to dispose of a 2.5 terabyte hard drive that contains confidential financial information is to smash the platters with a hammer. This method ensures that the data stored on the hard drive is completely destroyed and cannot be recovered. Using data wiping may not guarantee complete data erasure, drilling through the HDD may damage the environment and is not practical, and immersing the HDD in a weak solution of bicarbonate of soda may not effectively destroy the data.

    Rate this question:

  • 9. 

    What is the most effective way of securing wireless traffic?

    • A.

      WPA2

    • B.

      SSID hiding

    • C.

      WEP

    • D.

      Wireless MAC filtering

    Correct Answer
    A. WPA2
    Explanation
    WPA2 (Wi-Fi Protected Access 2) is the most effective way of securing wireless traffic. It provides strong encryption and authentication methods, making it difficult for unauthorized users to access the network. WPA2 is more secure than WEP (Wired Equivalent Privacy) and provides better protection against attacks. SSID hiding and wireless MAC filtering can provide some level of security, but they are not as effective as WPA2 in securing wireless traffic.

    Rate this question:

  • 10. 

    Which two items are used in asymmetric encryption? (Choose two.)

    • A.

      A token

    • B.

      A TPM

    • C.

      A private key

    • D.

      A DES key

    • E.

      A public key

    Correct Answer(s)
    C. A private key
    E. A public key
    Explanation
    In asymmetric encryption, two items are used: a private key and a public key. The private key is kept secret and is used for decrypting messages that have been encrypted with the corresponding public key. The public key, on the other hand, is freely distributed and is used for encrypting messages that can only be decrypted with the corresponding private key. This two-key system ensures secure communication and authentication between parties.

    Rate this question:

  • 11. 

    Which two characteristics describe a worm? (Choose two.)

    • A.

      Hides in a dormant state until needed by an attacker

    • B.

      Infects computers by attaching to software code

    • C.

      Executes when software is run on a computer

    • D.

      Is self-replicating

    • E.

      Travels to new computers without any intervention or knowledge of the user

    Correct Answer(s)
    D. Is self-replicating
    E. Travels to new computers without any intervention or knowledge of the user
    Explanation
    A worm is a type of malware that is self-replicating, meaning it can create copies of itself and spread to other computers without any intervention or knowledge of the user. It is different from other types of malware like viruses, which require a user to execute a program or open a file for the infection to occur. Additionally, worms do not typically hide in a dormant state until needed by an attacker, as they are designed to spread and cause damage immediately. Therefore, the characteristics that describe a worm are being self-replicating and traveling to new computers without any intervention or knowledge of the user.

    Rate this question:

  • 12. 

    Which type of security threat uses email that appears to be from a legitimate sender and asks the email recipient to visit a website to enter confidential information?

    • A.

      Worm

    • B.

      Phishing

    • C.

      Adware

    • D.

      Stealth virus

    Correct Answer
    B. pHishing
    Explanation
    Phishing is a type of security threat that involves sending emails that appear to be from a legitimate sender, tricking the recipient into visiting a website and entering confidential information. This information is then used by the attacker for malicious purposes, such as identity theft or financial fraud. Phishing attacks often use social engineering techniques to persuade the recipient to trust the email and provide the requested information. It is important to be cautious and verify the authenticity of emails before sharing any sensitive information.

    Rate this question:

  • 13. 

    Which three questions should be addressed by organizations developing a security policy? (Choose three.)How should future expansion be done?

    • A.

      What are the possible threats to the assets of the organization?

    • B.

      What is to be done in the case of a security breach?

    • C.

      When do the assets need protecting?

    • D.

      What assets require protection?

    • E.

      What insurance coverage is required?

    Correct Answer(s)
    A. What are the possible threats to the assets of the organization?
    B. What is to be done in the case of a security breach?
    D. What assets require protection?
    Explanation
    The three questions that should be addressed by organizations developing a security policy are:
    1) What are the possible threats to the assets of the organization? This question helps identify potential risks and vulnerabilities that need to be addressed in the security policy.
    2) What is to be done in the case of a security breach? This question helps establish a plan of action and response protocols in the event of a security breach.
    3) What assets require protection? This question helps prioritize and determine the specific assets that need to be safeguarded to ensure the overall security of the organization.

    Rate this question:

  • 14. 

    What does a malware detection program look for when running a scan?

    • A.

      A service pack

    • B.

      Patterns in the programming code of the software on a computer

    • C.

      Mirror sites

    • D.

      Patches that prevent a newly discovered virus or worm from making a successful attack

    Correct Answer
    B. Patterns in the programming code of the software on a computer
    Explanation
    A malware detection program looks for patterns in the programming code of the software on a computer when running a scan. This is because malware often leaves behind specific patterns or signatures in the code that can be identified by the detection program. By scanning for these patterns, the program can identify and flag any potentially malicious code or files on the computer.

    Rate this question:

  • 15. 

    Port triggering has been configured on a wireless router. Port 25 has been defined as the trigger port and port 113 as an open port. What effect does this have on network traffic?

    • A.

      Any traffic that is using port 25 going out of the internal network will also be allowed to transmit out port 113.

    • B.

      All traffic that is sent into port 25 to the internal network will also be allowed to use port 113.

    • C.

      All traffic that is sent out port 25 will open port 113 to allow inbound traffic into the internal network through port 113.

    • D.

      Any traffic that comes into port 25 allows outgoing port 113 to be used.

    Correct Answer
    C. All traffic that is sent out port 25 will open port 113 to allow inbound traffic into the internal network through port 113.
    Explanation
    Port triggering is a feature on a router that allows certain outbound traffic to automatically open specific inbound ports. In this scenario, port 25 has been defined as the trigger port, which means that any traffic sent out through port 25 will automatically open port 113 to allow inbound traffic into the internal network. This allows for a specific type of traffic to initiate a connection from the outside and be directed to a specific port on the internal network.

    Rate this question:

  • 16. 

    Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)

    • A.

      Packet size

    • B.

      Physical addresses

    • C.

      Protocols

    • D.

      Packet speed

    • E.

      Ports

    Correct Answer(s)
    C. Protocols
    E. Ports
    Explanation
    When a network technician configures the company firewall to operate as a packet filter, they are monitoring two characteristics of network traffic: protocols and ports. Protocols refer to the set of rules that govern how data is transmitted over the network, such as TCP/IP or HTTP. Ports, on the other hand, are numerical identifiers used to differentiate between different services or applications running on a network device. By monitoring protocols and ports, the technician can control and filter the flow of network traffic based on specific criteria, enhancing network security and performance.

    Rate this question:

  • 17. 

    What is the primary goal of a DoS attack?

    • A.

      To facilitate access to external networks

    • B.

      To prevent the target server from being able to handle additional requests

    • C.

      To scan the data on the target server

    • D.

      To obtain all addresses in the address book within the server

    Correct Answer
    B. To prevent the target server from being able to handle additional requests
    Explanation
    The primary goal of a DoS (Denial of Service) attack is to prevent the target server from being able to handle additional requests. This is typically achieved by overwhelming the server with a flood of traffic or by exploiting vulnerabilities in the server's software or network infrastructure. The intention is to disrupt the normal functioning of the server and make it unavailable to legitimate users.

    Rate this question:

  • 18. 

    Which question would be an example of an open-ended question that a technician might ask when troubleshooting a security issue?

    • A.

      Have you scanned your computer recently for viruses?

    • B.

      What symptoms are you experiencing?

    • C.

      Did you open any attachments from a suspicious email message?

    • D.

      Is your security software up to date?

    Correct Answer
    B. What symptoms are you experiencing?
    Explanation
    An open-ended question allows the person to provide a detailed response rather than a simple yes or no answer. In the context of troubleshooting a security issue, asking "What symptoms are you experiencing?" would allow the technician to gather more information about the specific problems the user is facing. This can help in identifying the root cause of the security issue and providing appropriate solutions.

    Rate this question:

  • 19. 

    Which action would help a technician to determine if a denial of service attack is being caused by malware on a host?

    • A.

      Install rogue antivirus software on the host.

    • B.

      Log on to the host as a different user.

    • C.

      Disable ActiveX and Silverlight on the host.

    • D.

      Disconnect the host from the network.

    Correct Answer
    D. Disconnect the host from the network.
    Explanation
    Disconnecting the host from the network would help a technician determine if a denial of service attack is being caused by malware on the host. By disconnecting the host from the network, the technician can observe if the denial of service attack stops or if the host continues to experience the attack. If the attack stops after disconnecting, it indicates that the malware on the host is likely responsible for the attack.

    Rate this question:

  • 20. 

    A technician is troubleshooting a computer security issue. The computer was compromised by an attacker as a result of the user having a weak password. Which action should the technician take as a preventive measure against this type of attack happening in the future?

    • A.

      Ensure the security policy is being enforced.

    • B.

      Check the computer for the latest OS patches and updates.

    • C.

      Scan the computer with protection software.

    • D.

      Verify the physical security of all offices.

    Correct Answer
    A. Ensure the security policy is being enforced.
    Explanation
    To prevent future attacks resulting from weak passwords, the technician should ensure that the security policy is being enforced. This means implementing measures such as password complexity requirements, regular password changes, and multi-factor authentication. By enforcing a strong security policy, the likelihood of attackers compromising the computer through weak passwords is reduced. Checking for OS patches and updates, scanning with protection software, and verifying physical security are important measures as well, but they may not directly address the issue of weak passwords.

    Rate this question:

  • 21. 

    A user has reported that a computer web browser will not display the correct home page even if the default page is reset. What is the likely cause of this problem?

    • A.

      A virus has damaged the boot sector of the system disk.

    • B.

      The computer has been infected with spyware.

    • C.

      UAC has been disabled on the computer.

    • D.

      Folder permissions have been changed from Deny to Allow.

    Correct Answer
    B. The computer has been infected with spyware.
    Explanation
    The likely cause of the problem is that the computer has been infected with spyware. Spyware is a type of malicious software that can alter browser settings, including the home page. Even if the default page is reset, the spyware may still be active and continue to change the home page. This can be resolved by removing the spyware from the computer using antivirus or anti-malware software.

    Rate this question:

  • 22. 

    What is the name given to the programming-code patterns of viruses?

    • A.

      Mirrors

    • B.

      Signatures

    • C.

      Virus definition tables

    • D.

      Grayware

    Correct Answer
    B. Signatures
    Explanation
    The name given to the programming-code patterns of viruses is "signatures". Signatures are unique patterns or sequences of code that are characteristic of specific viruses. Antivirus software uses these signatures to identify and detect viruses on a computer system. By comparing the code of files or programs against a database of known virus signatures, antivirus software can determine if a file is infected with a virus and take appropriate action to remove or quarantine it.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jul 27, 2014
    Quiz Created by
    John
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.