Name: 
 

Day7Ch14


Multiple Choice
Identify the choice that best completes the statement or answers the question.
 

 1. 
Which access control measure best describes DAC (Discretionary Access Control)?
a.
Objects (files and other resources) are assigned security labels of varying levels, depending on the object's sensitivity. Users are assigned a security level or clearance, and when they try to access an object, their clearance is compared to the object's security label. If there's a match, the user can access the object; if there's no match, the user is denied access.
b.
Access is controlled based on a user's identity. Objects are configured with a list of users who are allowed access to them. An administrator has the discretion to place the user on the list or not. If a user is on the list, the user is granted access; if the user isn't on the list, access is denied.
c.
Access is controlled based on a user's role. Users are assigned to roles, and network objects are configured to allow access only to specific roles. Roles are created independently of user accounts.
 

 2. 
True or False? The most common types of events to audit are access attempts on objects, such as files or folders and user logons and logoffs.
a.
True
b.
False
 

 3. 
What is a formalized statement that defines how security will be implemented within a particular organization?
a.
Confidentiality Act
b.
Security Rules and Regulations
c.
Security Act
d.
Security policy
 

 4. 
True or False? A firewall is used to delete authorized software that a user tried to install on a computer.
a.
True
b.
False
 

 5. 
Which of the following data encryption methods is a two-way encryption scheme in which encryption and decryption are both performed by the same key.
a.
Symmetric encryption
b.
Hashing
c.
Asymmetric encryption
 

 6. 
Which type of malicious software is a piece of code that spreads from one computer to another by attaching itself to other files?
a.
Virus
b.
Worm
c.
Trojan or Trojan Horse
d.
Spam
 

 7. 
Which of the following statements about antivirus software is false?
a.
Antivirus software should be deployed on individual computers but not on network servers.
b.
Antivirus software is an application that scans files for common viruses.
c.
Antivirus software can also monitor boot sector access.
d.
Antivirus software does not usually protect against spam.
 

 8. 
True or False? Physical access controls are measures that restrict access to a building, to equipment, or to a room.
a.
True
b.
False
 

 9. 
True or False? Another way to secure data access is to configure the registry to disable the default, hidden, administrative shares, such as C$ and D$, that are created for every drive and volume on a Windows system each time it starts up.
a.
True
b.
False
 

 10. 
True or False? Computer hardware might contain environmentally hazardous material.
a.
True
b.
False
 

 11. 
True or False? Filtering out unauthorized MAC addresses is one method for increasing security on wireless access points.
a.
True
b.
False
 

 12. 
True or False? If WTLS is improperly configured or implemented, it can expose wireless devices to attacks of email forgery and sniffing of plain text data.
a.
True
b.
False
 

 13. 
WPA is an acronym for which of these?
a.
Wireless protocol access
b.
Wireless protected account
c.
Wi-Fi protected account
d.
Wi-Fi protected access
 

 14. 
Which wireless security protocol provides the safest environment?
a.
WPA
b.
WTLS
c.
802.1x
d.
802.11i
 

 15. 
Phishing is described as what kind of computer attack?
a.
Administrative engineer attack
b.
Spam attack
c.
A software virus
d.
A social engineering attack
 

 16. 
True or False? It is okay to provide personal financial information through email, if your bank asks for it.
a.
True
b.
False
 

 17. 
What ideas must users employ above all else when using a computer?
a.
Not everything on the Internet is true.
b.
They shouldn't comply with requests for personal information.
c.
Do not give out your password or ID.
d.
Remember to use common sense, and err on the side of caution.
 

 18. 
True or False? Users should always report possible attacks.
a.
True
b.
False
 

Multiple Response
Identify one or more choices that best complete the statement or answer the question.
 

 19. 
Which of the following are Windows XP built-in user accounts?
 a.
Administrator
 b.
HelpAssistant
 c.
Support
 d.
Guest
 

 20. 
What are the four special built-in groups in Windows XP?
 a.
Network Configuration Operators
 b.
Replicator
 c.
Backup Operators
 d.
Remote Desktop Users
 e.
HelpServicesGroup
 

 21. 
Encryption is used to do which of these?
 a.
Protect data stored in files.
 b.
Protect password during authentication.
 c.
Protect the data inside network messages.
 d.
Protect the software from viruses.
 

 22. 
Which of the following are physical access controls?
 a.
Swipe cards
 b.
PIN entry devices
 c.
Locks and keys
 d.
Alarms
 e.
User name and password
 

 23. 
Which of the following are true statements about data removal from a storage medium?
 a.
Formatting a hard drive, tape, or floppy disk permanently erases the information that was stored on that storage device.
 b.
Formatting a hard drive, tape, or floppy disk several times or bulk erasing it first permanently erases the information that was stored on that storage device.
 c.
There are many recovery tools that can reconstruct data from the electronic remnants of deleted files or formatted disks.
 d.
It is more secure to destroy the media.
 

 24. 
Which of these are methods for increasing the security on your wireless client?
 a.
Implement a security protocol that requires over-the-air encryption.
 b.
Install antivirus software.
 c.
Make tape backups.
 d.
Keep the client updated with security patches.
 

 25. 
Social engineering attacks typically occur through which of these?
 a.
Over the phone
 b.
By using a thumb drive
 c.
In person
 d.
Through email
 



 
Check Your Work     Start Over