IT Essentials v6.0 Chapter 12 Practice Quiz Answers

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

IT Essentials v6.0 Chapter 12 Practice Quiz Answers
Rate this post

IT-Essentials v6.0 Chapter 12 Practice Quiz Answers

1. Which action could be used to determine if a host is compromised and flooding traffic onto the network?

Unseat and then reconnect the hard drive connectors on the host.
Disconnect the host from the network.*
Check the host hard drive for errors and file system issues.
Examine the Device Manager on the host for device conflicts.

Explanation:
If a network is experiencing an extremely high volume of traffic, disconnecting a host from the network may confirm that the host is compromised and is flooding traffic onto the network. The other issues are hardware issues, and not typically security-related.

2. Which security threat installs on a computer without the knowledge of the user and then monitors computer activity?

adware
viruses
worms
spyware*

Explanation:
Spyware normally installs on a system without end-user knowledge and monitors activity on a computer, which can then be sent to the source of spyware. Viruses infect systems and execute malicious code. Worms self-replicate and propagate across networks from a singular host, consuming a lot of bandwidth. Adware is normally distributed through downloaded software and results in the exhibition of several pop-up windows on the system.

3. When would a PC repair person want to deploy the idle timeout feature?

when users are inserting media and running applications not sanctioned by the company
when users are leaving their desk but remaining logged on*
when users are playing music CDs and leaving them playing even after the users have left for the day
when users are surfing the Internet and not doing their job

Explanation:
The idle timeout and screen lock feature is a great security measure that protects the computer and data accessible through it if the user steps away from the desk for a specified period of time and forgets to lock the computer or log off.

4. Which is an example of social engineering?

a computer displaying unauthorized pop-ups and adware
the infection of a computer by a virus carried by a Trojan
an anonymous programmer directing a DDoS attack on a data center
an unidentified person claiming to be a technician collecting user information from employees*

Explanation:
A social engineer attempts to gain the confidence of an employee and convince that person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks, pop-ups, and viruses are all examples of software based security threats, not social engineering.

5. What is the best description of Trojan horse malware?

It is the most easily detected form of malware.
It is malware that can only be distributed over the Internet.
It is software that causes annoying but not fatal computer problems.
It appears as useful software but hides malicious code.*

Explanation:
The best description of Trojan horse malware, and what distinguishes it from viruses and worms, is that it appears as useful software but hides malicious code. Trojan horse malware may cause annoying computer problems, but can also cause fatal problems. Some Trojan horses may be distributed over the Internet, but they can also be distributed by USB memory sticks and other means. Specifically targeted Trojan horse malware can be some of the most difficult malware to detect.

6. A technician discovers that an employee has attached an unauthorized wireless router to the company network so that the employee can get Wi-Fi coverage while outside taking a break. The technician immediately reports this to a supervisor. What are two actions that the company should take in response to this situation? (Choose two.)

Create a guest account for the employee to use when outside the building.
Add an authorized wireless access point to the network to extend coverage for the employee.
Make sure that the wireless router is not broadcasting an SSID.
Immediately remove the device from the network.*
Consult the company security policy to decide on actions to take against the employee.*

Explanation:
Adding an unauthorized wireless router or access point to a company network is a serious potential security threat. The device should be removed from the network immediately in order to mitigate the threat. In addition, the employee should be disciplined. The company security policy, which employees agree to, should describe penalties for behavior that threatens the security of the company.

7. Which level of Windows security permission is required for a local user to backup files from another user?

Write
Change
Full
Read*

Explanation:
A local user requires the Read permission to backup files, but the Write permission is required to restore files.

8. Where in Windows would a technician configure a guest account for a temporary employee?

BIOS
Device Manager
Local Users and Groups*
Windows Firewall

Explanation:
The guest account should be used sparingly. Also, restrictions should be applied to the guest account so that the user cannot access data or resources not needed.

9. What must be done to ensure that the antivirus software on a computer is able to detect and eradicate the most recent viruses?

Download the latest signature files on a regular basis.*
Schedule a scan once a week.
Schedule antivirus updates using Windows Task Manager.
Follow the firewall configuration guidelines on the antivirus manufacturer website.

Explanation:
Having an antivirus program on a computer does not protect a PC from virus attacks unless the signature updates are done regularly in order to detect newer and emerging threats. It should be noted that if the signature update lacks a signature for a new threat, the software will be unable to protect against that threat.

10. For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?

smartcard settings
firewall settings*
MAC address settings
file system settings

Explanation:
Smartcard and file system settings do not affect network operation. MAC address settings and filtering may be used to control device network access but cannot be used to filter different data traffic types.

11. A computer can successfully ping outside the local network, but cannot access any World Wide Web services. What is the most probable cause of this problem?

Windows Firewall is blocking port 80.*
Windows Firewall blocks port 23 by default.
The computer network interface card is faulty.
The BIOS or CMOS settings are blocking web access.

Explanation:
The World Wide Web (HTTP) protocol uses port 80; port 23 is used by Telnet. Successful pings to other devices indicate that the network interface card is working correctly. BIOS and CMOS settings control system hardware functions, not network applications such as the World Wide Web.

12. What security technique could provide secure access to a server located in a small office without the expense of implementing a DMZ or purchasing a hardware firewall?

implement hash encoding for all wireless devices
implement MAC address filtering
implement port forwarding*
implement basic security on all wireless access points

Explanation:
Port forwarding provides a rule-based method to direct traffic between devices on separate networks. This method provides access to devices across the Internet in a less expensive way than using a DMZ.

13. What is an example of the implementation of physical security?

establishing personal firewalls on each computer
encrypting all sensitive data that is stored on the servers
requiring employees to use a card key when entering a secure area*
ensuring that all operating system and antivirus software is up to date

Explanation:
Encrypting data, keeping software up to date, and the use of personal firewalls are all security precautions, but will not restrict physical access to secure areas by only authorized people.

14. Which three rules increase the level of password strength? (Choose three.)

Passwords should never expire.
Passwords should be a combination of upper and lower case letters, numbers, and special characters*
Passwords should combine user special dates and initials so that they can be alphanumeric.
Passwords should be changed by the user after specific periods of time.*
Password reuse and lockout policies should be implemented.*
Passwords should be short to reduce the chances of users forgetting them.

Explanation:
Passwords should include both upper and lower case letters, numbers, and special characters. They should be at least eight characters in length. In addition, passwords should expire after a period time, such as 90 days and the reuse of passwords should be limited. In addition, computers should be configured to lock a user out after a series of failed attempts.

15. When a support technician is troubleshooting a security issue on a system, which action should the technician take just before documenting the findings and closing the ticket?

Boot the system in Safe Mode.
Disconnect the system from the network.
Ensure that all applications are working.*
Ask what the problem is that the customer is experiencing.

Explanation:
The last step before documenting findings is to verify full system functionality. Ensuring that all of the applications are working would be an example of verifying functionality. Asking what problem is that the user is experiencing is part of the first step: identifying the problem. Disconnecting from the network and rebooting in Safe Mode are both examples of the third step: determining an exact cause.

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.