Security+ Chapter 2 review

Card Set Information

Author:
northendtrooper
ID:
253154
Filename:
Security+ Chapter 2 review
Updated:
2013-12-14 16:27:30
Tags:
Security Chapter review
Folders:
Comptia
Description:
Security+ Chapter 2 review
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user northendtrooper on FreezingBlue Flashcards. What would you like to do?


  1. Of the following choices, what type of control is least privilege?
    A. Corrective
    B. Detective
    C. Preventative
    D. Technical
    D. The principle of least privilege is a technical control and ensures that users have only the rights and permissions needed to perform the job, and no more. A corrective control attempts to reverse the effects of a problem. A detective control (such as a security audit) detects when a vulnerability has been exploited. A preventative control attempts to prevent an incident from occurring.
    (this multiple choice question has been scrambled)
  2. Of the following choices, what type of control is a vulnerability assessment?
    A. Corrective
    B. Management
    C. Detective
    D. Technical
    B. A vulnerability assessment is a management control and attempts to discover weaknesses in systems. Acorrective control attempts to reverse the effects of a problem. A detective control (such as a security audit)detects when a vulnerability has been exploited. A technical control (such as the principle of least privilege)enforces security using technical means.
    (this multiple choice question has been scrambled)
  3. Which of the following is a preventative control that can prevent outages due to ad-hoc configuration errors?
    A. Security audit
    B. Change management plan
    C. Least privilege
    D. A periodic review of user rights
    B. A change management strategy can prevent outages by ensuring that configuration changes aren’tmade on an as-needed (ad-hoc) basis, but instead are examined prior to making the change; changemanagement is also known as an operational control. The principle of least privilege is a technical control and ensures that users have only the rights and permissions needed to perform the job, and no more. A securityaudit is a detective control and a periodic review of user rights is a specific type of detective control.
    (this multiple choice question has been scrambled)
  4. Which of the following is a preventative control?
    A. Least privilege
    B. Security audit
    C. Security guard
    D. Periodic review of user rights
    C. A security guard (armed or not armed) is a preventative physical security control. The principle of leastprivilege is a technical control and ensures that users have only the rights and permissions needed to perform thejob, and no more. A security audit is a detective control and a periodic review of user rights is a specific type ofdetective control.
    (this multiple choice question has been scrambled)
  5. Your organization regularly performs routine security audits to assess the security posture. What type of control is this?
    A. Detective
    B. Corrective
    C. Technical
    D. Preventative
    A. A security audit is a form of detective control, since it will detect when a vulnerability has been exploitedafter the fact. A corrective control attempts to reverse the effects of a problem. A technical control (such as theprinciple of least privilege) enforces security using technical means. A preventative control attempts to preventan incident from occurring.
    (this multiple choice question has been scrambled)
  6. Of the following choices, what is a detective security control?
    A. HVAC
    B. User training
    C. Change management
    D. CCTV
    D. A closed-circuit television (CCTV) system can record activity and can detect what occurred as adetective security control. Change management is a preventative control. HVAC is an environmental control that is preventative. User training is preventative.
    (this multiple choice question has been scrambled)
  7. An administrator is assigning access to users in different departments based on their job functions. What access control model is the administrator using?
    A. RBAC
    B. DAC
    C. MAC
    D. CAC
    A. In a role-based access control (RBAC) model, roles are used to define rights and permissions for users.The DAC model specifies that every object has an owner, and the owner has full, explicit control of the object.The MAC model uses sensitivity labels for users and data. A CAC is an identification card that includes smart-cardcapabilities.
    (this multiple choice question has been scrambled)
  8. You manage user accounts for a sales department. You have created a sales user account template tocomply with the principle of least privilege. What access control model are you following?
    A. DACL
    B. RBAC
    C. DAC
    D. MAC
    B. The role-based access control (RBAC) model can use groups (as roles) with a user account template assigned to a group to ensure new users are granted access only to what they need, and no more. The DAC model specifies that every object has an owner, and the owner has full, explicit control of the object. The MACmodel uses sensitivity labels for users and data. A DACL is an access control list used in the DAC model.
    (this multiple choice question has been scrambled)
  9. Windows systems protect files and folders with New Technology File System (NTFS). What access control model does NTFS use?
    A. Discretionary access control (DAC)
    B. Mandatory access control (MAC)
    C. Implicit allow
    D. Rule-based access control (RBAC)
    A. Windows systems use the discretionary access control (DAC) model by default for NTFS files and folders.The MAC model uses labels. Rule-based access control uses rules to determine access. There is no such accesscontrol model as implicit allow. However, implicit deny is commonly used as the last rule in a firewall to indicatethat all traffic not explicitly allowed is implicitly denied.
    (this multiple choice question has been scrambled)
  10. What is the purpose of a cipher lock system?
    A. Control door access with a keypad
    B. Control access to a laptop with biometrics
    C. Control door access with a proximity card
    D. Control access to laptop with a smart card
    A. A cipher lock system is a door access security method and only opens after a user has entered thecorrect code into the cipher lock. A proximity card uses a proximity card reader, not a cipher lock. Biometric readers (such as a fingerprint reader) and smart cards can be used as authentication for systems such as laptop systems.
    (this multiple choice question has been scrambled)
  11. What can you use to electronically unlock a door for specific users?
    A. Certificate
    B. Proximity card
    C. Token
    D. Physical key
    B. Proximity cards are used as an additional access control in some areas to electronically unlock doors. Atoken (such as an RSA token) provides a rolling password for one-time use. A physical key does not electronicallyunlock a door. A certificate can be embedded in a smart card but, by itself, it would not electronically unlock a door.
    (this multiple choice question has been scrambled)
  12. An organization wants to prevent unauthorized personnel from entering a secure workspace. Of thefollowing choices, what can be used? (Choose two).
    A. Security guard
    B. Piggybacking
    C. CCTV
    D. Proximity cards
    A, D. Security guards and proximity cards are valid methods to prevent unauthorized personnel from entering a secure work space, such as a secure data center. Piggybacking (also called tailgating) occurs when oneuser follows closely behind another user without using credentials; it can be prevented with a mantrap. A CCTV can detect if an unauthorized entry occurred and provide reliable proof of the entry, but it can’t prevent it.
  13. A company hosts a datacenter with highly sensitive data. Of the following choices, what can provide the best type of physical security to prevent unauthorized entry?
    A. Proximity card
    B. ID badges
    C. CCTV
    D. Mantrap
    D. A mantrap is highly effective at preventing unauthorized entry and can also be used to preventtailgating. A proximity card is useful as an access control mechanism, but it won’t prevent tailgating so it isn’t as useful as a man trap. CCTV provides video surveillance, and it can record unauthorized entry, but it can’t preventit. ID badges are useful if the entry is staffed with security guards, but won’t prevent unauthorized entry if usedwithout security guards.
    (this multiple choice question has been scrambled)
  14. Two employees have entered a secure data center. However, only one employee provided credentials.How did the other employee gain entry?
    A. Tailgating
    B. Vishing
    C. Mantrap
    D. HVAC
    A. Tailgating (also called piggybacking) occurs when one user follows closely behind another user withoutusing credentials. A mantrap prevents tailgating. A heating, ventilation, and air-conditioning (HVAC) system can increase availability by ensuring that equipment doesn’t fail due to overheating. Vishing is a variant of phishingtechniques and often combines social engineering tactics with Voice over IP (VoIP).
    (this multiple choice question has been scrambled)
  15. Your organization has several portable USB drives that users are able to use to transfer large video files instead of copying them over the network. What should be used to prevent the theft of these drives when they are not being used?
    A. Locked cabinet
    B. TPM
    C. Video surveillance
    D. HSM
    A. A locked cabinet should be used to help prevent the theft of unused assets. A hardware securitymodule (HSM) is used to create and store encryption keys. A TPM is used for hardware encryption of entiredrives. Video surveillance is useful to provide proof of someone entering or exiting a secure space, but is not needed to protect unused assets.
    (this multiple choice question has been scrambled)
  16. Your organization requires users to create passwords of at least ten characters for their user accounts.Which of the following is being enforced?
    A. Password history
    B. Password complexity
    C. Password masking
    D. Password length
    D. Requiring passwords of a specific number of characters is the password length element of a password policy. Password complexity requires the characters to be different types, such as uppercase, lowercase,numbers, and special characters. Password masking displays a special character, such as *, when users type in their password, instead of showing the password in clear text. Password history prevents users from reusing passwords.
    (this multiple choice question has been scrambled)
  17. Your password policy includes a password history. What else should be configured to ensure that users aren’t able to easily reuse the same password?
    A. Password masking
    B. Password complexity
    C. Maximum age
    D. Minimum age
    D. The minimum password age prevents users from changing the password again until some time haspassed, such as one day. The maximum age forces users to periodically change their password, such as after sixtyor ninety days. Password masking displays a special character, such as *, when users type in their passwordinstead of showing the password in clear text. Password complexity ensures the password has a mixture ofdifferent character types and is sufficiently long.
    (this multiple choice question has been scrambled)
  18. Your organization has a password policy that requires employees to change their passwords at least every forty-five days and prevents users from reusing any of their last five passwords. However, when forced to change their passwords, users are changing their passwords five more times to keep their original password. What can resolve this security vulnerability?
    A. Modify the password policy to remember the last twelve passwords
    B. Modify the password policy to remember the last twenty-four passwords
    C. Modify the password policy to require users to change their password after a day has passed
    D. Modify the password policy to prevent users from changing the password until a day has passed
    D. Password policies have a minimum password age setting, and if set to one day it will prevent usersfrom changing their passwords until a day has passed. Requiring users to change their passwords every day wouldn’t resolve the problem and is not reasonable. The password history is currently set to remember the lastfive passwords. If you change the password history to remember the last twelve or twenty-four passwords, theycan do the same thing described in the scenario to get back to their original password.
    (this multiple choice question has been scrambled)
  19. A user has forgotten his password and calls the help desk for assistance. The help-desk professional willreset the password and tell the user the new password. What should the help desk professional configure to ensure the user immediately resets the password?
    A. Password masking
    B. Password expiration
    C. Password complexity
    D. Password history
    B. Password expiration should be configured so that the user is forced to change the password the firsttime he logs on. This ensures the help-desk professional doesn’t know the user’s password once the user logs on. Password complexity ensures the password has a mixture of different character types and is sufficiently long.Password masking displays a special character, such as *, when users type in their password instead of showingthe password in clear text. Password history prevents users from reusing passwords.
    (this multiple choice question has been scrambled)
  20. Users in your network are required to change their passwords every sixty days. What is this an example of?
    A. Password length requirement
    B. Password expiration requirement
    C. Password strength requirement
    D. Password history requirement
    B. A password policy can include a password expiration requirement (or a maximum age) that ensuresthat users change their passwords periodically, such as every sixty days or every ninety days. Password history prevents users from using previously used passwords. Password length ensures the password includes a minimumnumber of characters, such as at least eight characters. Password strength ensures the password uses a mixture of character types.
    (this multiple choice question has been scrambled)
  21. Your company has hired a temporary contractor that needs a computer account for sixty days. You wantto ensure the account is automatically disabled after sixty days. What feature would you use?
    A. Deletion through automated scripting
    B. Account expiration
    C. Manual deletion
    D. Account lockout
    B. Most systems include a feature that allows you to set the expiration of an account when a presetdeadline arrives. Account lockout locks out an account if an incorrect password is entered too many times. The scenario states you want to disable the account, not delete it.
    (this multiple choice question has been scrambled)
  22. After an employee is terminated, what should be done to revoke the employee’s access?
    A. Expire the password
    B. Disable the account
    C. Delete the account
    D. Lock out the account
    B. An account disablement policy would ensure that a terminated employee’s account is disabled torevoke the employee’s access. Expiring the password forces the user to change the password at the next logon.An account lockout policy locks out an account if an incorrect password is entered too many times. The account may be needed to access the user’s resources, so it is recommended to disable the account instead of deleting it.
    (this multiple choice question has been scrambled)
  23. Management wants to prevent users in the Marketing Department from logging onto network systems between 6 p.m. and 5 a.m. How can this be accomplished?
    A. Implement a detective control
    B. Password expiration
    C. Use time-of-day restrictions
    D. Account expiration
    C. Time-of-day restrictions can be used to prevent users from logging in at certain times, or even frommaking connections to network resources at certain times. Account expiration refers to when a temporaryaccount is automatically disabled (such as expiring a temporary account after sixty days). Password expirationrefers to the practice of setting a password to immediately expire after resetting it. A detective control won’t prevent a user from logging on but can detect it after it occurred.
    (this multiple choice question has been scrambled)
  24. You have recently added a server to your network that will host data used and updated by employees.You want to monitor security events on the system. Of the following, what is the most important security event to monitor?
    A. UDP connections
    B. TCP connections
    C. Data modifications
    D. Account logon attempts
    D. Of the choices, account logon attempts are the most important. Since the purpose of the system is tohost data that is read and updated by employees, data modifications are not critical because they are expectedto occur regularly. TCP and UDP are the primary protocols used when users connect to a server over a network,but it’s not important from a security perspective to monitor these events.
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview