1

What is a good practice to prevent an unauthorized user from guessing a password

and accessing an account?
disabling account lockout status within the network
enabling a user account only after issuing a password to the user over the
phone
***locking out the account after a small, finite number of unsuccessful
attempts
setting the user account password to be left blank for the first login

2
Which two file system security features are applicable to the NTFS file system?
(Choose two.)
supports file and folder level encryption
supported by all versions of Windows from, and including, Windows 95
limited to 4 GB files size and a volume limit of 32 GB
number of files in a volume limited to 4.17 million
***includes journaling

3
What must be done to ensure that the anti-virus software on a computer is able to
detect and eradicate the most recent viruses?
***Download the latest signature files on a regular basis.
Schedule a scan once a week.
Schedule anti-virus updates using Windows Task Manager.
Follow the firewall configuration guidelines on the anti-virus manufacturer
website.

4
Which statement accurately describes the WEP standard?
***WEP is a first generation security standard for wireless communication.
WEP is implemented using 16-bit encryption.
WEP provides better encryption and authentication than WPA provides.
WEP was created as a temporary solution until the implementation of 802.11i.

5
How can web tools, such as Java or ActiveX, be used for a malicious attack?
by altering the interactivity level of a web page
by creating popup windows
by causing the web browser to crash, leaving the system vulnerable
***by installing unwanted programs on a computer

6
The IT manager of a bank is disposing of some computers, but the hard drives have
some highly confidential data on them. What is the recommended way of dealing with
the drive to ensure that the data is irrecoverable?
Delete all files and folders.
Reformat the drive.
Use a utility that overwrites all the data on the drive.
***Break the drive platters with a hammer.

7
Which is the best procedure to secure a laptop left at the office while the user
is away for an extended period of time?
Secure by a security cable wrapped around the leg of the user's desk.
Put the laptop in a desk drawer in the locked office of the user.
***Place the laptop in a locked security cage designed to store computer
equipment.
 Place the laptop in the office of the supervisor.

8
Which two devices are used for the sole function of protecting computer equipment
from theft?
***cable locks
card keys
security cages
***smart card
security key fob

9
Which best practice should be included in a password protection policy?
Encourage users to document passwords in a personal file.
Enforce password protection at either the BIOS level or the network login
level.
***Passwords should contain a mixture of letters and numbers so that they
cannot easily be broken.
Restrict passwords to text-based strings.

10
Which three questions should be addressed by organizations developing a security
policy? (Choose three.)
***What items need to be protected?
How should the items be protected?
***What is to be done in the case of a security breach?
When do the items need protecting?
What insurance coverage is required?
***What are the possible threats to the items?

11
What happens when a wireless access point (WAP) is configured to stop broadcasting
the SSID?
No new connections can be accepted by the wireless access point.
The identity of the network is freely broadcast.
***The network is invisible to those who are unaware of the SSID.
Signals are prevented from transmission outside the boundaries of the local
network.

12
What is accomplished by a successful DoS attack?
It facilitates access to external networks.
***It obstructs access to the specific target server.
It obtains all addresses in the address book within the server.
It stealthily scans the data on the target server.

13
What is typically included in a service pack?
device drivers for nonstandard devices
hardware compatibility list
***operating system upgrades and patches
virus definitions

14
Which two technologies are used for authenticating users? (Choose two.)
***biometrics
Event Viewer
secure DNS
 ***smart card
UNC

15
A technician has downloaded the latest Windows XP updates from the Microsoft
website. What should the technician do before installing the updates?
***Create a restore point.
Backup all the install disks.
Update the antivirus software.
Change the firewall rules to enable the installer to access port 8900 of the
Microsoft server.

16
What does a malware detection program look for when running a scan?
a service pack
***patterns in the programming code of the software on a computer
patches that prevent a newly discovered virus or worm from making a
successful attack
mirror sites

17
An attacker sends a large number of requests to a server from several computers
that are located at different geographical locations. What is the name for this
type of attack?
***DDoS
DoS
e-mail bomb
ping of death

18
Which two actions can be considered social engineering attacks? (Choose two.)
analyzing the products of a competitor company
***obtaining the directory of a competitor company that contains the e-mail
addresses of all the employees of that company
researching reviews and other articles about the performance of a competitor
company
***researching the website of a competitor company
searching for important documents on the desks of a competing company

19
Which form of network protection is used as the basis of VPN?
data backup
***data encryption
firewall protection
port protection

20
Which feature is characteristic of adware?
It is a subset of spyware.
It is a harmful virus that can corrupt the entire data on the network.
***It is displayed in popup windows, which open faster than the user can
close them.
It sends out sensitive information to the attacker.