I.T.

CHAPTER 9
A fingerprint reader is an example of which security technology?
authorization

biometric

keylogging

secureware

smartcard

Which wireless security technology is a good choice when using Cisco equipment in
conjunction with operating systems such as Windows and Linux?
LEAP

WEP

WPA

WTLS

Which type of program causes banners and ads to appear on the desktop without any
user intervention?
adware

spyware

stealth virus

trojan horse

What are two examples of malware? (Choose two.)

registry cleaner

pop-up blocker

spyware
 e-mail
Grayware

Which two characteristics describe a worm? (Choose two.)

Executes when software is run on a computer.

Is self-replicating.

Hides in a dormant state until needed by an attacker.

Infects computers by attaching to software code.

Travels to new computers without any intervention or knowledge of the user.

An employee for a small company inadvertently allows a visitor to see their username
and password. At home, the visitor then uses this information to gain access to the
company network. This is an example of what type of threat?
man-in-the-middle

phishing

physical

social engineering

spoofing

Which is the best procedure to secure a laptop left at the office while the user is away
for an extended period of time?
Secure by a security cable wrapped around the leg of the user's desk.

Put the laptop in a desk drawer in the locked office of the user.
 Place the laptop in a locked security cage designed to store computer
equipment.
Place the laptop in the office of the supervisor.

Where is the safest place to store backups?

portable lock box

locked telecommunications room

locked server room

offsite secure facility

What is the best method for a company to secure data being transmitted across the
Internet between remote sites?
Use plain text in an e-mail.

Use a shared server with an encrypted password on the file.

Use computers secured with smartcard authentication.

Use a VPN connection.

Which threat to security uses traffic from zombie computers to overwhelm servers?
DoS

DDoS

phishing

spoofing

SYN flood
Which two statements are true about username and password standards? (Choose
two.)
The username naming convention should be kept simple.

Usernames should expire periodically.

The passwords should be kept simple and easy to remember.

Rules about password expiration and lockout should be defined.

BIOS passwords should be given to users to enable them to configure their
computer.

When setting up a new wireless access point, which basic security measure should be
taken?
Disable SSID broadcast.

Enable SSID broadcast.

Broadcast the default SSID.

Broadcast a unique SSID.

What must be done to ensure that the anti-virus software on a computer is able to
detect and eradicate the most recent viruses?
Download the latest signature files on a regular basis.

Schedule a scan once a week.

Schedule anti-virus updates using Windows Task Manager.

Follow the firewall configuration guidelines on the anti-virus manufacturer website.

Which two items can be downloaded from the Microsoft website to help protect
Windows XP? (Choose two.)
ROM upgrades

service packs

security patches

BIOS upgrades

DirectX updates

What is the difference between WEP64 and WEP128?

WEP64 can handle 64 simultaneous connections, and WEP128 can handle 128
simultaneous connections.
WEP64 operates on a 64-bit processor, but WEP128 requires a dual core 128-bit
processor.
WEP64 uses 64-byte packets, and WEP128 uses 128-byte packets.

WEP64 uses a 64-bit encryption key, and WEP128 uses a 128-bit key.

A bank is upgrading the hard drives in a server. What should be done to the old hard
drives to permanently remove any confidential data?
Delete the files containing the confidential data.

Reformat the hard drives.

Expose the hard drives to ultraviolet light.

Destroy the hard drives with a hammer.

A technician has downloaded the latest Windows XP updates from the Microsoft
website. What should the technician do before installing the updates?
Create a restore point.

Manually update the Last Known Good Configuration.

Reinstall the anti-virus software.

Change the firewall rules to enable the installer to access port 8900 of the Microsoft
server

Which best practice should be included in a password protection policy?

Encourage users to document passwords in a personal file.

Enforce password protection at the BIOS level.

Implement lockout rules upon consecutive unsuccessful attempts at
accessing the system.
Restrict passwords to text-based strings.

An attacker claiming to be a bank representative contacts a potential victim via e-mail

and requests disclosure of vital account information. Which security attack is being
implemented?
adware

phishing

spyware

trojan

Which type of software is downloaded onto the computer of a user without the
knowledge of the user and causes information about various products to be displayed
on the user's monitor?
adware

free software

grayware

spyware