Professional Documents
Culture Documents
1 How can web tools, such as Java or ActiveX, be used for a malicious attack?
by altering the interactivity level of a web page
2 What does a malware detection program look for when running a scan?
a service pack
9.4.1 Explain how to update signature files for anti-virus and anti-spyware software
It is a harmful virus that can corrupt the entire data on the network.
It is displayed in popup windows, which open faster than the user can close them.
data encryption
firewall protection
port protection
5 The IT manager of a bank is disposing of some computers, but the hard drives have some highly confidential data on them. What is the
recommended way of dealing with the drive to ensure that the data is irrecoverable?
Delete all files and folders.
6 An attacker sends a large number of requests to a server from several computers that are located at different geographical locations.
What is the name for this type of attack?
DDoS
DoS
e-mail bomb
ping of death
includes journaling
virus definitions
9.4.2 Explain how to install operating systems service packs and security patches
9 What is a good practice to prevent an unauthorized user from guessing a password and accessing an account?
disabling account lockout status within the network
enabling a user account only after issuing a password to the user over the phone
locking out the account after a small, finite number of unsuccessful attempts
setting the user account password to be left blank for the first login
12 What happens when a wireless access point (WAP) is configured to stop broadcasting the SSID?
No new connections can be accepted by the wireless access point.
Signals are prevented from transmission outside the boundaries of the local network.
13 Which two technologies are used for authenticating users? (Choose two.)
biometrics
Event Viewer
secure DNS
smart card
UNC
14 Which two devices are used for the sole function of protecting computer equipment from theft?
cable locks
card keys
security cages
smart card
15 Which two actions can be considered social engineering attacks? (Choose two.)
analyzing the products of a competitor company
obtaining the directory of a competitor company that contains the e-mail addresses of all the employees of that company
researching reviews and other articles about the performance of a competitor company
16 Which is the best procedure to secure a laptop left at the office while the user is away for an extended period of time?
Secure by a security cable wrapped around the leg of the user's desk.
Put the laptop in a desk drawer in the locked office of the user.
Place the laptop in a locked security cage designed to store computer equipment.
17 What must be done to ensure that the anti-virus software on a computer is able to detect and eradicate the most recent viruses?
Download the latest signature files on a regular basis.
9.4.1 Explain how to update signature files for anti-virus and anti-spyware software
18 Which three questions should be addressed by organizations developing a security policy? (Choose three.)
What items need to be protected?
19 A technician has downloaded the latest Windows XP updates from the Microsoft website. What should the technician do before installing
the updates?
Create a restore point.
Change the firewall rules to enable the installer to access port 8900 of the Microsoft server.
9.4.2 Explain how to install operating systems service packs and security patches
Enforce password protection at either the BIOS level or the network login level.
Passwords should contain a mixture of letters and numbers so that they cannot easily be broken.
It monitors activity on the computer and sends this information to the organization that launched it.
It prevents opening of extra windows on the computer without the consent of the user.
2 A company network was subjected to several security attacks after TCP/IP had been installed on the company computers. Analysis has
shown that in most of the attacks, attackers used network sniffers to extract user names and passwords of critical accounts on the
network. Which type of TCP/IP attack did these attackers deploy?
denial of service
ping of death
replay
SYN flood
3 An attacker has managed to decode the encrypted messages of a wireless network. The network uses Windows XP and Cisco
equipment. The security protocol that is used is WEP with 64-bit encryption. Which action can be recommended to the
technician for securing the network?
Advise users to store their network authentication data, such as their passwords, in a secure manner.
Configure Windows update to run automatically, at a convenient time and on a regular basis.
Recover all sensitive data from the computers of the network, destroy their hard drives, and recycle the computers.
DDoS attack
phishing attack
virus attack
ping-of-death attack
mirrors
signatures
• 9.4.1 Explain how to update signature files for anti-virus and anti-spyware software
10 When accessing a website, a user is overwhelmed by popup windows that open faster than the user can close them. What is
the most likely cause of this problem?
adware
phishing
spyware
Trojan
a card key
a key fob
a smart card
Ensure that the responsibility for conducting backups is frequently changed among users.
• 9.4.2 Explain how to install operating systems service packs and security patches
14 A company uses computers and wireless access points from a variety of different suppliers. Which wireless security protocol
should the company use to achieve the best level of security?
LEAP
WEP
WPA
WTLS
guiding visitors within the premises and escorting them personally when they leave
keeping hidden from public view any passwords that are posted in the work area
replay attack
spoofing attack
It encrypts the data that is broadcast between the wireless access point and the wireless clients.
adware
grayware
spam
• 9.4.1 Explain how to update signature files for anti-virus and anti-spyware software
20 Which two actions improve security on a wireless network? (Choose two.)
Enable WEP.
It monitors activity on the computer and sends this information to the organization that launched it.
It prevents opening of extra windows on the computer without the consent of the user.
2 A company network was subjected to several security attacks after TCP/IP had been installed on the company computers. Analysis has
shown that in most of the attacks, attackers used network sniffers to extract user names and passwords of critical accounts on the
network. Which type of TCP/IP attack did these attackers deploy?
denial of service
ping of death
replay
SYN flood
3 An attacker has managed to decode the encrypted messages of a wireless network. The network uses Windows XP and Cisco
equipment. The security protocol that is used is WEP with 64-bit encryption. Which action can be recommended to the technician for
securing the network?
Advise users to store their network authentication data, such as their passwords, in a secure manner.
Configure Windows update to run automatically, at a convenient time and on a regular basis.
Recover all sensitive data from the computers of the network, destroy their hard drives, and recycle the computers.
4 Which task is in the scope of responsibilities of a network technician working with security updates and patches?
submit a schedule to the manufacturer of when updates should be available
6 An employee of a bank asked the network administrator for advice about an e-mail that the employee had received. The e-mail asked for
the employee's username and password details to confirm the employee's identity in order to update details in a database. The network
administrator told the employee not to respond. Which type of security attack was the network administrator worried about?
adware attack
DDoS attack
phishing attack
virus attack
ping-of-death attack
8 Which two practices help prevent unauthorized access to a wireless network? (Choose two.)
disabling the broadcast of SSID
mirrors
signatures
virus definition tables
10 When accessing a website, a user is overwhelmed by popup windows that open faster than the user can close them. What is the most
likely cause of this problem?
adware
phishing
spyware
Trojan
11 Which security device stores user physical characteristics to provide a user level of facility access?
a biometric sensor
a card key
a key fob
a smart card
12 Which two procedures can help secure data backups? (Choose two.)
Only perform full backups.
Keep backup media off site.
Ensure that the responsibility for conducting backups is frequently changed among users.
13 A computer that is configured for automatic updates is shut down during a scheduled update. However, the update is downloaded
successfully without any file being corrupted in the process. What will happen to the update as a result of this shutdown?
Notification for downloading available updates will be displayed when the computer is rebooted.
14 A company uses computers and wireless access points from a variety of different suppliers. Which wireless security protocol should the
company use to achieve the best level of security?
LEAP
WEP
WPA
WTLS
guiding visitors within the premises and escorting them personally when they leave
keeping hidden from public view any passwords that are posted in the work area
16 In which type of attack are TCP ports randomly opened to overload the network with a large number of false requests?
e-mail bomb attack
replay attack
spoofing attack
It encrypts the data that is broadcast between the wireless access point and the wireless clients.
18 A large number of e-mail messages are appearing in the inbox of a home computer user. The messages relate to products for which the
user has never requested information. Which name is given to this type of e-mail?
spoof
adware
grayware
spam
19 What must be done to ensure that the anti-virus software on a computer is able to detect and eradicate the most recent viruses?
Download the latest signature files on a regular basis.