Sie sind auf Seite 1von 64

Module 01 : Foundations of Security

Understand :
• What data is and the difference between data and information
• How often data is generated
• The importance of personal and organizational data
• Different threats to data
• What data security is and the risks associated with data compromise
• Elements of security
• The potential losses due to a data breach
• How to implement data security
Module 02 : Securing Operating Systems
• Lock a windows system when not in use
• Create and change a user account password for a windows system
• Disable the guest account of a windows system
• Lock out unwanted guests from a windows system
• Rename the administrator account of a windows system
• Disable jumb lists of a windows system
• Enable software updates in a windows system
• Enable the firewall in a windows system
• Add new apps in the firewall of a windows system
• Remove/disable app rules from the firewall of a windows system
• Create a new firewall rule in a windows system
• Turn on windows defender
• Enable bitlocker in a windows system
• Understand windows encrypting file system
• Decrypt a file using EFS in a Windows system
• Disable unnecessary services in a windows system
• Kill unwanted processes in a windows system
• Hide files and folders in a windows system
• Disable simple file sharing in a windows system
• Lock a mac system, when not in use
• Disable automatic login in a mac
• Allow app downloads from the Mac app store
• Enable automatic software updates in a Mac
• Disable the guest account in a Mac
• Enable FileVault in a mac
• Enable the Firewall in a Mac
• Change User account password in a Mac
• Enable and set parental Controls in a Mac
Module 3 : Malware and Antivirus
• Understand what malware is
• Identify the various types of Malware
• Identity the various symptoms of Malware Infections
• Understand what an antivirus is and how it works
• Understand how to choose the right antivirus software for you and
what its limitations are
• Configure and use Kaspersky and Avast antivirus software
• Test if your antivirus is working
Module 4 : Internet Security
• Understand :
• The basic security measures to implement when online
• The different threats web browsers pose and their countermeasures
• Configure web browsers in a secure manner
• The different threats posed by instant messaging apps and their
countermeasures
• The different risks children are exposed to when online
• Know about and use children friendly web browsers like KidZui
• Identify :
• A secure website
• If a child is a victim of online abuse and take corrective measures if so
Module 5 : Security on Social Networking
Sites
• Understand :
• The concept of virtual social networking
• What a profile is on a social networking site and the information it contains
• The risks associated with online social networking
• What geotagging is and the risks it poses
• Various risks of online social networking that minors are exposed to
• Configure :
• The security settings of Facebook and Twitter
Module 6 : Securing Email Communications
• Understands :
• The concept of an email
• Why email security is important
• The various threats associated with using email
• The various email security procedures
• Identify the different email client products and service providers
available
Module 7 : Securing Module Devices
Understand :
• The basics of mobile security and its importance
• The importance of an IMEI Number of a mobile phone
• The risks that a mobile device is exposed to
• What mobile malware is
• The threats that Bluetooth poses to a mobile device
• The various security procedure of an android device, an IOS device, and a
windows device
• Identify various mobile security tools
Module 8: Securing The Cloud
Understand :
• The various types of clouds available and the different services they offer
• The advantages of a cloud service
• The Different thereats posed to a cloud account and their countermeasures
• The different privacy issues related to a cloud account and how to address
them
• How to choose the correct cloud advisor as per your needs
Module 9 : Securing Network Connections
Understand :
• The different types of networks
• How to set up your home network
• How to set up wireless networks in Windows and Mac
• The Various threats to a wireless network and their countermeasures
• How to use a firewall, antivirus, and encryption to secure a wireless network
Module 10 : Data Backup and Disaster
Recovery
Understand :
• The Importance and need for data backups
• The reasons behind data loss incidents
• What files to back up and when
• The different types of data backups
• How to create backups and restore data from them in Windows and Mac
• The difference between data deletion and data destruction and the
importance of the latter
LATIHAN SOAL
What does a lock icon symbolize besides a website name?
a. The website needs a password to be accessed
b. The website cannot be accessed without the site admin’s
permission
c. The website is a secure website
d. The website is not accessible at the moment
Horace is a 64 year-old man who worked as an accountant for SN Associates
before his retirement. The company gifted him a laptop at the time of his
retirement. Since Horace was not a technically savvy person, he did not
install any applications on his laptop, and only used it for checking his email
and playing poker online. After some time, Horace’s laptop started giving him
problems. It crashed frequently, often displayed the Blue Screen of Death
(BSOD), and unwanted windows kept popping up whenever he went online.
When Horace took his laptop to the service center, he was told that his
laptop was infected with malware.
Which software should Horace have installed to prevent malware infection in
his laptop?
a. Adobe Reader
b. Antivirus software
c. One Drive
d. Skype
Harold, an associate at AQ Corporation, received a phone call from a
person claiming to be Bob from the IT department. Bob told Harold
that he had noticed that Harold’s computer was running slow, and
could help him fix it. Harold, not having much knowledge regarding
computers, readily agreed. Following Bob’s instructions, Harold typed
in some commands on his computer, and gave remote access to Bob to
have his computer fixed. Later on, Harold noticed that confidential
information concerning his clients was missing from his computer.
Which attack was Harold a victim of?
a. War driver
b. Evil twin
c. Social engineering
d. Bluesnarfing
Ruth Cole is a sales manager and travels extensively on business. She
regularly updates and stores clients’ data on a remote data storage
device via the Internet, so that in case she loses her laptop or it crashes
for some reason, she does not lose the data which is essential to
carrying out her work.
Which type of data backup is Emma using to carry out her daily work?
a. Differential backup
b. Incremental backup
c. Online data backup
d. Full system backup
A new online service allows people living with roommates to feed in all
their house hold expenses in its ‘share calculator’ program. The
program then calculates how much each person is supposed to pay and
sends a detailed report to all those who are listed as roommates for
that particular transaction.
The above mentioned service is an example of which of the following?
a. Network as a Service
b. Software as a Service
c. Infrastructure as a Service
d. Platform as a Service
John is an 18 year-old college-going student. He loves to read books and
listen to music on his laptop. He regularly downloads e-books and music
from the internet. Lately, whenever John has been spending time on his
laptop, the laptop begins displaying the infamous Blue Screen of Death
(BSOD). Upon taking his laptop to the service center, John was told that his
laptop was infected with malware.
Which symptom of malware infection is John’s laptop displaying?
a. Laptop screen malfunction
b. Hard drive malfunction
c. Unexpected crashes
d. Slow system
Which of the following is the strongest password?
a. Domike*
b. Donna1992
c. donnamike92
d. Pa#72tLe
Which of the following terms refers to the process of protecting
information, and the infrastructure that stores it?
a. Keystroke logging
b. Maintenance
c. Availability
d. Data security
Luke works as an analyst for AS Pvt. Ltd. His job there is to analyze
statistics and records obtained from people to improve the sales of the
company. However, recently the statistics and records given to him
have been incorrect, thus leading to gross miscalculations and wrong
predictions on his part. Which of the terms listed below, best describes
these statistics and records that are incorrect?
a. Information
b. Data
c. Archives
d. Indicators
Duke is taking some of the best pictures he has yet as an amateur
photographer in a pen drive to get his work assessed by an expert. On
the subway an unknown person picks his pocket. Along with his wallet
Duke also lost the pen drive with his pictures. Since he had not made
any more copies of those pictures, he lost them forever.
What type of data loss is this?
a. Hardware theft
b. Malware attack
c. Natural disaster
d. Software theft
Andrew lost his iPhone on the way home from college. He anxiously
wanted to recover it, as it was a gift from his late grandfather. The
iPhone also contained pictures that he had taken for a national
photography contest.
Using which iOS feature, can Andrew locate his phone?
a. iCloud backup
b. SIM lock
c. Find my iPhone
d. System updates
Which of the following fundamental concepts of security refers to an
action taken in advance to protect the system against threats or
dangers?
a. Maintenance
b. Nonrepudiation
c. Precaution
d. Reaction
Which of the following software programs runs on the internet and
allows users to find, access, and display web pages?
a. Email
b. Web browsers
c. Extensions
d. Search engine
A newly established ITES company plans to launch a website which
enables its users to share pictures and videos with each other. Apart
from this, users can also comment on these pictures and share them
further.
Under which of the following cloud categories will the company’s
product come?
a. Public Cloud
b. Private Cloud
c. Community cloud
d. Hybrid Cloud
InfraTech Inc. is an international IT company with offices in Dubai, Singapore,
and Australia. To have continuity of business practice, it is imperative that all
the branch offices be able to communicate amongst themselves.
Which of the following network systems would be suitable for data
communication between the employees of all branches of InfraTech Inc.?
a. Ethernet
b. Local Area Network
c. Virtual Private Network
d. Wide Area Network
Which of the following terms refers to the process that ensures
accuracy of the sender and receiver of a message?
a. Nonrepudiation
b. Data
c. Authenticity
d. Availability
Which of the following terms refers to a collection of information that
defines or describes the user and his or her interests?
a. Facebook group
b. Account settings
c. Timeline
d. Profile
Sam uses his work laptop to watch pirated movies at home sometimes.
When he tried to watch the latest movie he downloaded, the movie file did
not play even after trying on several different players. Within a day of this,
Sam noticed that many of his files were vanishing one after the other from
his laptop even though neither he nor anyone else deleted them. The
network administrator of his company, after taking a look at his computer
told him that the movie files, which did not play, definitely had something to
do with this peculiar behavior.
What type of data loss could this be?
a. Software failure
b. Computer virus
c. Human error
d. Natural disaster
Alex, the coach of Manchester United, called up Wayne, the captain of the
team, to discuss the tactics they would employ in the upcoming Champions
League Final. The following day, Alex received an email with the transcript of
the conversation he had with Wayne. The sender of the email threatened to
make Alex’s tactics public, if he did not pay him $5000.
Which form of mobile device attack was Alex a victim of?
a. Social engineering
b. Man in the middle attack
c. Eavesdropping
d. Phishing
Raymond received an email from an official claiming to be from his bank. The
email requested Raymond to send his personal details since the customer
database of the bank was being updated. Upon confirmation from the bank,
Raymond was told that the bank had not sent any emails asking for the
personal details of their customers.
Which cyber-attack would Raymond have been a victim of if he had replied
to the email?
a. Man in the middle attack
b. War driver
c. Eavesdropping
d. Phishing
• Which of the following refers to the periodic patching of system files
to fix any issues in the previous version of the Windows OS?
a. Windows Updates
b. Windows Firewall
c. FileVault
d. Task manager
Ellie, an 18 year-old student, shares her Windows computer with her
younger brother, Adam. Adam is very mischievous and whenever he is on the
computer, he ruins Ellie’s college assignments. Ellie, who is fed up of this
decides to encrypt the drive that contains her assignments. She uses inbuilt
Windows software to encrypt the drive so that Adam cannot access the
drive.
Which software did Ellie use?
a. BitLocker
b. Adobe
c. Skype
d. SPAMfighter
Fred, a 14 year-old boy, is an only child. Fred loves spending time on his Mac
OS X browsing the internet. When his parents are not at home, he spends
hours at a stretch on the computer. Once, when Fred’s parents come home
late from work and find him on the Mac, they decided to limit his computer
time. Enabling an inbuilt feature in the Mac, Fred’s parents limit his
computer time to two hours daily.
Which MAC OS X feature did Fred’s parents enable?
a. FileVault
b. Parental control
c. Jump lists
d. UAC slider bar
Which of the following antivirus techniques refers to the process of
comparing the current state of stored programs to a previously
recorded state, which is known to be free of malware?
a. Bookmarks method
b. Integrity checking
c. Scanning
d. Heuristics analysis
Tom, a 14 year-old boy has been chatting online with Adam, whom Tom assumes is
14 years old as well. Over the months, they built up a great ‘online’ friendship,
playing online games, checking out EDM websites, continuing with their friendly
rivalry over football, and just talking about ‘guy’ stuff. When Adam invited Tom over
to meet him, Tom was obviously excited. However, when Tom met Adam, he was
shocked, as Adam turned out to be a 35 years old man. Despite this shock, Tom
entered Adam’s house, as he trusted him. Tom was having a great time playing PS3
with Adam, until the time Adam touched him inappropriately. Tom ran away from
Adam’s house and did not know what to do.
Which form of cyber-attack was Tom a victim of?
a. Pornography
b. Social engineering
c. Grooming
d. Phishing
You received the following email from an official claiming to be from your bank.
Dear ABC Bank User,
Since we will be updating our customer database shortly, you are kindly requested to send the
following information.
• Name
• Bank login id
• Password
• Branch
• Date of birth
• Alternate email
Please click the below link to update your details.
Proceed to update your account details
Please contact the ABC Bank customer team in case of any queries. Thank you for your cooperation.
Which type of email security threat is this?
a. Phishing
b. Malicious email attachment
c. Nigerian scam
d. Spy-phishing
Which of the following helps to backup data on a Mac?
a. Extensions
b. App Store
c. Internet Accounts
d. Time Machine
This part of an email informs you about the address from where it
came, time of the message, date sent, and the subject line.
Identify the email part?
a. Signature
b. Header
c. Footer
d. Body
Lucy, a 55 year-old woman, was not a technically savvy person. She did not
install or enable any applications on her computer, and only used it for
looking up recipes and knitting patterns. After some time, Lucy’s computer
started giving her problems. It often displayed the Blue Screen of Death
(BSOD) and unwanted windows kept popping up whenever she went online.
When a computer technician checked Lucy’s computer, it was discovered
that her computer was infected with malware.
Which inbuilt Windows software should Lucy have enabled to prevent
malware infection in her computer?
a. Task manager
b. Jump lists
c. Simple file sharing
d. Windows Defender
Sally is a 16-year-old high school student who is extremely attached to her
laptop. She uses it to download and watch episodes of her favorite sitcom.
While watching one of the episodes, her laptop switched off automatically a
couple of times. Suspecting a malware infection, she opened the antivirus
software on her laptop and chose a technique, which examined all files on
the memory and hard disk in order to identify and locate the malware.
Which antivirus technique did Sally employ?
a. Bookmarks method
b. Integrity checking
c. Heuristics analysis
d. Scanning
Which of the following terms refers to malicious software that is
specifically built to target mobile phones and smartphones systems?
a. Unmanaged applications
b. Broken cryptography
c. Mobile malware
d. Phishing
Which privacy issue of clouds exposes users to the risk of their data
being accessed by the cloud service provider without the user’s
consent?
a. Data migration
b. Data ownership
c. Data location
d. Data permanency
Which of the following terms refers to software that attackers create to
install on a victim’s computer in order to compromise its security?
a. Lockbin
b. Malware
c. Dropbox
d. Bitlocker
Which of the following websites can Windows Phone users use to
locate their stolen smartphone?
a. http://www.symbianguru.com/tracking-mobile-with-phone-
guardian.html
b. account.microsoft.com/devices
c. iCloud.com
d. android.com/devicemanager
Amy received an email from an official claiming to be from ABC Parcel
Services. The email asked her to collect a gift parcel sent by her friend three
weeks ago. The service claimed that they were unable to deliver the parcel
to Amy, as the address provided was wrong. The service asked her to print
out the attached invoice copy, fill it, and collect the package from the branch
office located in her city. .
Which type of email security threat could Amy have faced, if she clicked or
downloaded the attachment?
a. Phishing
b. Hoax mail
c. Malicious user redirection
d. Malicious email attachment
ABC Info Ltd. has a part of its business already on a cloud computing
platform. However, its new product suite would need a cloud service which
runs on a totally different technology. The company should be able to make
its legacy products and new products communicate with each other as the
new products are just an upgrade of the old ones and much of the required
data still resides on the old cloud.
Which of the following cloud computing platforms will be suitable for ABC
Info’s future needs?
a. Hybrid cloud
b. Private cloud
c. Community cloud
d. Public cloud
Daniel, a bank officer, communicates with his clients through emails on a
daily basis. Recently, he noticed that his Gmail inbox was filled with
unsolicited emails. The cluttered inbox annoyed him, as it was difficult to
filter the important emails. Hence, he decided to find a solution for it. Upon
inquiry, a service provider told him that he could use software which
automatically filters out the unsolicited emails. This software would not only
protect his Gmail account, but also protect all the email accounts configured
on his email client.
Which of the following tools did Daniel probably enquire about?
a. Norton
b. Kaspersky
c. Avast Pro
d. SPAMfighter
Isaac is transferring all the data from his computer to an external drive as he
wants to format his laptop. While moving the data, he accidentally hits
delete instead of cut on one of the files and without realizing, hit the enter
key when the computer prompted to confirm his action. As the file was a
huge one, it did not go to the recycle bin and got permanently deleted.
What type of data loss is this?
a. Software failure
b. Computer virus
c. Human error
d. Hardware theft
Janine’s parents gave her a smartphone for her birthday. The phone’s
operating system intrigued and delighted Janine at the same time. This
was because it was the first time she had seen a smartphone that had a
tile-based setup. In addition, the tiles could be removed and
interchanged on the home screen.
Which operating system did Janine’s phone have?
a. Windows
b. Symbian
c. iOS
d. Android
Sarah has recently rented a small room on ABC Street, and started a
business with seven employees. She provided every employee with a
computer and a common printer which is meant to be shared by
everyone.
Which of the following networks would suit Sarah’s business need?
a. Wide Area Network
b. Virtual Private Network
c. Ethernet Physical Layer
d. Local Area Network
Hermione is a 21 year-old college student. She loves spending time on
Facebook. However, with her final exams approaching, she feels that
spending time on Facebook will harm her exam results. Hence, she
enables a particular Facebook feature, with the help of which, she will
not get any emails or notifications from Facebook.
Which Facebook feature did Hermione use?
a. Who can look me up ?
b. Deactivate account
c. Login alerts
d. Where you’re logged in
Hermione is a 21 year-old college student. She loves spending time on
Facebook. However, with her final exams approaching, she feels that
spending time on Facebook will harm her exam results. Hence, she
enables a particular Facebook feature, with the help of which, she will
not get any emails or notifications from Facebook.
Which Facebook feature did Hermione use?
a. Who can look me up ?
b. Deactivate account
c. Login alerts
d. Where you’re logged in
Certain software applications add or modify a particular feature in a
browser. A few versions allow users to block ads, watch online videos,
or IM with friends.
What is this application called?
a. ActiveX
b. Extensions
c. Cookies
d. Java
As part of his security implementation plan, Glenn was updating his
firewall. Which aspect of the security implementation plan was Glenn
working on?
a. Nonrepudiation
b. Reaction
c. Precaution
d. Maintenance
Samuel, a network admin in an IT firm, has just discovered a phishing site
known for targeting corporate entities. Several employees have received
emails with the domain name, which is the same as that of this site. In order
to prevent the company’s network from being corrupted, Samuel decides to
block all incoming and outgoing traffic from that site.
Which of the following defense mechanisms can Samuel use to implement
this?
a. Encryption
b. Virus
c. Firewall
d. Disk encryption
Susan downloaded a software from the Internet and installed it on her
computer for watching movies online. After installing the software, she
noticed that her PC was slowing down and was taking more time to
open webpages.
What could Susan do to solve this problem?
a. Start using Ethernet
b. Install a latest antivirus software and scan her computer
c. Stop using wireless internet connection
d. Choose a suitable encryption method
Harry, a 21 year-old college-going student, was working on his dissertation
when suddenly a message flashed on his screen, “All files on your computer
have been encrypted. You must pay $1000 within 72 hours to regain access
to your data.”Even after Harry paid the money, he was not able to access his
data, and all the documents on his dissertation were lost.
Which malware attack was Harry a victim of?
a. Botnet
b. Virus
c. Ransomware
d. Adware
Susan, a 15-year-old girl, loves spending her free time baking and cycling.
However, recently she has been spending all of her free time glued to the
computer. She shows no interest in her hobbies anymore and looks
depressed most of the time. Her parents also noticed that whenever they
enter her room, she quickly changes the computer screen. Understandably,
Susan’s parents are worried about her.
What could be the reason for her behavior?
a. Social engineering
b. Too much pressure at school
c. Victim of online child abuse
d. Unsolicited emails
Imagine getting a letter from the Inland Revenue Authority of Singapore (IRAS)
demanding that you pay $5,700 in taxes. This is what happened to Rick. He
received a letter informing him that he owed the government unpaid income tax on
wages he never earned. The IRAS letter said that Rick had worked at several places.
However, Rick is only 15 years old and his only job was working at his uncle’s
grocery store during the summer. He had never even visited some of the places
where the letter said he worked. Rick was not sure what to do next. After all, he
has never even had a “real” job like those listed in the letter.
What is going on in this scenario?
a. Social engineering
b. Identity Theft
c. Nigerian scam
d. Phishing
XYZ Infra Solutions, a startup company is looking for a cloud service
provider who can provide virtual machines, virtual local area network,
customized software applications, on demand storage, IP addresses,
and firewalls to meet its business needs.
Which of the following cloud computing services can meet the business
needs of the company?
a. Platform as a Service
b. Software as a Service
c. Infrastructure as a Service
d. Application as a Service
Which of the following is an encryption program in Mac that helps
users to protect their data?
a. Safari
b. SPAMfighter
c. FileVault
d. Lockbin
TERIMA KASIH
&
SEMOGA SUKSES