A PC has sensitive data that must be destroyed, before the PC is redeployed. A technician has
been tasked with completely wiping the PC hard drive. Which of the following methods is BEST for
the technician to use?
A. Quick format
B. FDISK
C. Low level for
Answer: C
Reference:http://www.dedoimedo.com/computers/low-level-formatting.html
An attack that creates a website that looks like another website, with the purpose of learning
someone's account information is called which of the following?
A. Virus
B. Shoulder surfing
C. Trojan
D. Phishing
Answer: D
Reference:http://www.consumer.ftc.gov/articles/0003-phishing
Which of the following helps to prevent virus infections from USB flash drives?
A. Strong passwords
B. Password protected screen savers
C. Disabling the guest account
D. Disabling the autorun feature
Answer: D
Reference:http://support.microsoft.com/kb/967715
Which of the following security threats are MOST often delivered via email? (Select TWO).
A. Rootkits
B. Phishing
C. Shoulder surfing
D. Social engineering
E. Spam
Answer: B,E
Reference:http://www.securelist.com/en/threats/spam
A user is advised by the software vendor that the user must have elevated privileges in order to
run a program. The user should do which of the following to BEST accomplish this?
A. Run in Windows XP compatibility mode
B. Run the program in a virtual PC e
Answer: D
Reference:http://msdn.microsoft.com/en-us/library/dd298823.aspx
A company wants to prevent non-authorized users from entering into a secure building. Which of
the following will BEST mitigate this activity?
A. Train users on tailgating
B. Implement an escort policy
C. Install mantraps
D. Require all users to have badg
Answer: C
Reference:http://whatis.techtarget.com/definition/mantrap-interlocking-door-controller
An employee at a company lost their mobile device that contains proprietary information. Which of
the following methods is the BEST to be implemented to prevent unauthorized users from
obtaining this information?
A. Lock screen pattern
B. Cancel mobile se
Answer: C
Reference:http://www.mobiledevicemanager.com/mobile-device-security/remote-wipe/
Which of the following would be the QUICKEST means of removing data from a hard drive, when
there is no consideration regarding the total destruction of the data?
A. Standard format
B. Low level format
C. Overwrite program
D. Drive wipe
Answer: A
Reference:http://pcsupport.about.com/od/windows7/ht/format-hard-drive-windows-7.htm
Which of the following is MOST effective in preventing security breaches on a network? (Select
THREE).
A. Bandwidth throttling
B. Eliminate password history
C. Enable QoS
D. Antivirus software
E. User education
F. Enforced login/logoff hours
Answer: D,E,F
Reference:http://www.esecurityplanet.com/network-security/how-to-prevent-security-breachesfrom-
known-vulnerabilities.html
Which of the following areas of a file system should a standard user have restricted permissions to
in order to promote a security best practice? (Select TWO).
A. Temporary Internet Files
B. My Document Files
C. Windows System Files
D. Network Files
E. Pr
Answer: C,E
Explanation:
Windows program files are important for Windows operating system. If these files are deleted,
Windows will corrupt. Similarly program files are related to applications and programs installed on
a computer. These are highly sensiti
A technician wants to ensure that only authorized administrators can make configuration changes
to the company's wireless router. Which of the following MUST the technician change to prevent
unauthorized users from modifying the access point configuration
Answer: B
Reference:http://pcsupport.about.com/od/windows7/f/default-password-windows-7.htm
Which of the following utilities would a technician use on a Windows Vista or Windows 7 machine
to configure what applications are allowed to send/receive data over the LAN connection?
A. Users and Groups
B. Windows Firewall
C. Registry Editor
D. Task Sch
Answer: B
Reference:http://windows.microsoft.com/en-us/windows7/products/features/windows-firewall
A customer needs to setup their laptop for use with a proxy server to browse the web at work.
Which of the following areas would a technician need to visit to configure this on a Windows 7
system?
A. System Protection
B. Security Center
C. Windows Firewal
Answer: D
Reference:http://windows.microsoft.com/is-is/windows-vista/using-windows-security-center
Which of the following security threats is defined by its self propagating characteristic?
A. Virus
B. Rootkit
C. Trojan
D. Worm
Answer: D
Reference:http://www.pcworld.com/article/111965/article.html
Which of the following should a technician implement to prevent external contractors from
physically plugging devices into the company's network jacks unless such jacks are designated for
guest use?
A. Disable DHCP and assign a static IP address to each n
Answer: C
Explanation:
The best way is to disable all switch ports when they are not utilized. Switch them on when you
need them. This way, you can prevent external contractors from physically plugging devices in to
company's network jacks.
Which of the following should a technician implement to prevent external contractors from
physically plugging devices into the company's network jacks unless such jacks are designated for
guest use?
A. Disable DHCP and assign a static IP address to each n
Answer: C
A small business owner is setting up their wireless network in their office, which is in a building
shared with several other businesses. The owner does not want to disable the SSID broadcasting
due to visiting customers needing to use the network, but do
Answer: B
Explanation:
Best way to do this is to adjust radio power to restrict the coverage to the business. When the
radio power is restricted to an office. The persons in the other office space cannot detect the
signals at all.
An administrator is concerned about users accessing network shares outside of their job role.
Which of the following would BEST prevent this?
A. Set up shares with permissions based upon group membership.
B. Implement a written policy addressing the issue
Answer: A
Reference:http://technet.microsoft.com/en-us/library/cc768050.aspx
A company is looking to donate a collection of old PCs that are no longer needed. Which of the
following data destruction methods would be MOST secure for highly sensitive information?
A. Simple 1-pass zero overwrite
B. Low level 3-pass random wipe
C. Low
Answer: C
Reference:http://superuser.com/questions/215852/is-using-multiple-passes-for-wiping-a-diskreally-
necessary
A user receives an unsolicited call from a technician claiming to be from a Microsoft certified
partner. The technician tricks the user into allowing them access to their PC because of malware
alerts that were being broadcasted. Which of the following att
Answer: C
Reference:http://www.social-engineer.org/
Which of the following identifies traffic based upon its physical network address?
A. Phishing
B. Hashing
C. MAC filtering
D. Geotracking
Answer: C
Reference:http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm
A technician must secure company documents from accidental disclosure. Which of the following should be implemented? (Select TWO).
A. User training
B. Anti-malware
C. Paper shredding
D. Time of day restrictions
E. Employee badges
F. Mantraps
Answer: A,C
Reference:http://en.wikipedia.org/wiki/Paper_shredder
Which of the following is TRUE about the difference between a worm and a virus?
A. Worms are written in
assembly while viruses are written with scripting languages.
B. Viruses hide in the boot record while worms hide within the file system.
C. Worms self
Answer: C
Reference:http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp
A technician is tasked with improving the security of a SOHO network. The office is comprised of a
single wireless router located under the front desk where the office manager sits. All desktop
computers are wired into the router which is configured with
Answer: D
Reference:http://network.cmu.ac.th/wp-content/uploads/2011/05/CCNA-Security-Ch2-Securing-
Network-Devices.pdf
After several passes with a malware removal program, the program keeps detecting the same
malware infection after a reboot. Which of the following should be done to attempt to remove the
offending malware?
A. Run the malware removal program while disconne
Answer: B
Reference:http://www.pcworld.com/article/243818/how_to_remove_malware_from_your_windows
_pc.html
A technician is trying to prevent a local application from reaching the web due to security
concerns. Which of the following solutions could BEST prevent the application from reaching the
web? (Select TWO).
A. Configure the workstation for a static IP
B.
Answer: D,F
Explanation:
Use Windows firewall to restrict an application from reaching the web. Alternatively you can also
reroute the web address in the HOST file.
For the last year, a company has gathered statistics on the most common security incidents. The
highest percentage deals with opening email attachments that contain malware. Which of the
following would mitigate this issue without reducing productivity?
A
Answer: A
Reference:http://www.aps.anl.gov/Safety_and_Training/Training/Courses/esh223/start.html
A company wants to ensure that the latest cyber security threats are known to the employees
across the enterprise to minimize occurrences. Which of the following should be implemented?
A. Message of the Day
B. Email lists
C. Company forums
D. Regular user
Answer: D
Explanation:
Educating user is the best way to combat security threats. After all security threats occur when a
human carries it across unknowingly.
A technician is implementing a SOHO wireless network for Company A that shares a floor with
Company B. Which of the following would BEST secure the wireless network so that only
Company A employees are allowed access?
A. Turning down the radio power level
Answer: B
Reference:http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm
A technician enabled remote management on the small office WAP to manage this device from
another location. Users are reporting that the WAP has changed its SSID without anyone's
knowledge. Which of the following would prevent this from occurring?
A. Chan
Answer: B
Reference:http://compnetworking.about.com/od/routers/ss/routerpassword.htm
A technician has configured the ability to connect to a small office server using remote desktop
from a workstation within the office. The technician has reviewed logs that show constant brute
force attacks to that server from outside the network. Which o
Answer: D
Reference:http://technet.microsoft.com/en-us/library/cc759006(v=ws.10).aspx
In order to prevent other users from editing files in 'C:\ Files', which of the following steps should
be taken?
A. Set NTFS permissions to read only
B. Set the folder to index files for search
C. Set the local administrator as the owner of the folder
D.
Answer: A
Reference:http://technet.microsoft.com/en-us/magazine/2005.11.howitworksntfs.aspx
Which of the following security threats requires the attacker to be physically located near the target
machine?
A. Shoulder surfing
B. Social engineering
C. Phishing
D. Rootkit
Answer: A
Reference:http://www.lifelock.com/education/id-theft-types/shoulder-surfing/
An unauthorized user observing system security procedures is known as:
A. a worm.
B. shoulder surfing.
C. phishing.
D. spyware.
Answer: B
Reference:http://www.lifelock.com/education/id-theft-types/shoulder-surfing/
Privacy filters applied to users computer screens are used to combat which of the following
security risks?
A. Rootkits
B. Spear phishing
C. Shoulder surfing
D. Social Engineering
Answer: C
Reference:http://blog.securityactive.co.uk/tag/stop-shoulder-surfing/
Which of the following is solely designed to avoid detection by an antivirus program by using the
underlying operating system to its advantage?
A. Rootkit
B. Virus
C. Trojan
D. Worm
Answer: A
Reference:http://www.webopedia.com/TERM/R/rootkit.html
Which of the following passwords is the MOST secure according to industry best practices?
A. VeryStrongPassword
B. SimpleAnswer1234
C. E@sy2Remember
D. thisisthecorrectanswer1
Answer: C
Reference:http://netforbeginners.about.com/od/antivirusantispyware/a/example_strong_passwords
.htm
Which of the following security best practices would prevent a program on a CD from immediately
launching when inserted into a computer?
A. MSCONFIG >Startup Tab
B. Disable the Guest account
C. Rename the Administrator account
D. Disable autorun
E. Restri
Answer: D
Reference:http://lifehacker.com/5858703/disable-autorun-to-stop-50-of-windows-malware-threats
Which of the following security threats involve shoulder surfing and phone phishing?
A. Man-in-the-Middle
B. Social engineering
C. Trojan virus
D. Spyware
Answer: B
Reference:http://www.webroot.com/us/en/home/resources/tips/online-shopping-banking/securewhat-
is-social-engineering
Which of the following security threats does NOT use software to extract sensitive information or
credentials?
A. Grayware
B. Shoulder surfing
C. Malware
D. Man-in-the-Middle exploits
Answer: B
Reference:http://searchsecurity.techtarget.com/definition/shoulder-surfing
Which of the following features helps to prevent shoulder surfing?
A. Native resolution
B. Auto adjust
C. Degaussing
D. Privacy screen
Answer: D
Reference:http://www.secure-it.com/shop/index.php/cPath/38
Which of the following security controls would be an example of the least privilege principle on a
home PC?
A. Install antispyware on the PC.
B. Create a standard user account for kids.
C. Store all financial data in a separate folder.
D. Disable the fire
Answer: B
Reference:http://en.wikipedia.org/wiki/Principle_of_least_privilege
A user regularly has to walk away from their computer and is worried someone may access their
workstation. Which of the following would BEST prevent this?
A. Lock the workstation
B. Shutdown the computer
C. Logon using the unprivileged guest account
D. Se
Answer: A
Reference:http://www.dummies.com/how-to/content/how-to-lock-your-pc.navId-323066.html
For any given 802.11n wireless Internet signal, which of the following is needed to establish a
connection?
A. MAC address filtering
B. Windows password
C. Proper SSID
D. SSL certificate
Answer: C
Reference:http://www.cisco.com/en/US/docs/wireless/access_point/12.4_21a_JA1/configuration/g
uide/scg12421aJA1-chap7-mbssid.html
A company is experiencing issues with third parties tailgating authorized users during entry to
secure server rooms. Which of the following would BEST alleviate this problem?
A. Retinal scanners
B. Mantraps
C. Door locks
D. Smart card badges
Answer: B
Reference:http://www.datacenterjournal.com/design/what-is-a-mantrap-and-do-you-need-one/
Which of the following security concepts establishes the notion that a user should only be given
sufficient access to the resources they need to perform their job function?
A. Deny all
B. Allow all
C. Most privilege
D. Least privilege
Answer: D
Reference:http://www.cs.cornell.edu/fbs/publications/leastPrivNeedham.pdf
A user reports that every time they use a search engine and click on a link to go to a website, they instead are taken to a site blocked by their company's content filter. The user is not trying to go to
the blocked site and needs to be able to successful
Answer: A
Reference:http://wiki.answers.com/Q/How_does_anti-malware_scanners_work
After being infected with a virus, a user's computer does not recognize the user as having local
administrator rights to the computer. After troubleshooting the issue, a technician determines the
computer needs to be rebuilt and data needs to be restored
Answer: B
Reference:http://en.wikipedia.org/wiki/Recovery_disc
Which of the following is BEST used to prevent other people from viewing a user's computer
screen?
A. Anti-virus software
B. Key fob
C. Biometric device
D. Privacy filter
Answer: D
Reference:http://www.privacyscreens.co.uk/howitworks.php
A pest exterminator tries to gain access to a company's computer lab, but the receptionist does
not see an extermination scheduled on the calendar and denies the exterminator access to the
lab. Which of the following security threats almost occurred?
A. W
Answer: B
Reference:http://www.veracode.com/blog/2013/03/hacking-the-mind-how-why-social-engineeringworks/
A computer program that functions normally while quietly installing malicious software on a
machine is known as a:
A. DDoS attack.
B. Worm.
C. Phishing attack.
D. Trojan.
Answer: D
Reference:http://computer.howstuffworks.com/trojan-horse.htm
Which of the following security threats is BEST mitigated through proper user training?
A. A Worm
B. Rootkits
C. Social Engineering
D. Browser Adware
Answer: C
Reference:http://www.veracode.com/blog/2013/03/hacking-the-mind-how-why-social-engineeringworks/
The practice of following an authorized person through an entrance without using a badge to
defeat security is called:
A. tailgating
B. spamming
C. shredding
D. phishing
Answer: A
Reference:http://en.wikipedia.org/wiki/Tailgating
Turnstiles and other mantraps will prevent which of the following security threats?
A. Shoulder surfing
B. Tailgating
C. Rootkits
D. Viruses
Answer: B
Reference:http://www.infosecpro.com/a_security_engineering/se13.htm
Which of the following encryption standards is found on older wireless devices and provides
minimal security?
A. WPA
B. WPA2
C. WEP
D. AES
Answer: C
Reference:http://searchsecurity.techtarget.com/definition/Wired-Equivalent-Privacy
Phishing is:
A. an infection that causes a web browser to go to a different site than the one intended from a
search result page.
B. a technique used to obtain financial information from a user mimicking a legitimate website.
C. an infection that causes a
Answer: B
Reference:http://www.victeach.com.au/Other-Services/Security/Threats-and-scams.html
A technician is configuring a PC that will have confidential information stored on it. To ensure that
only authorized users can access this PC, which of the following should the technician do? (Select
TWO).
A. Disable the guest account
B. Install antiviru
Answer: A,E
Explanation:
To prevent unauthorized access to the PC, disable guest accounts and change default usernames
for maximum security.
A company recently had a security breach and is now required to increase the security on their
workstations. A technician has been tasked to harden all the workstations on the network. Which
of the following should the technician do?
A. Enable Windows aut
Answer: B
Reference:http://windows.microsoft.com/is-is/windows-vista/use-your-windows-password-for-yourscreen-
saver-password
A user receives a phone call from a person claiming to be from technical support. This person
knows the user's name and that the user has Windows installed on their computer. The technician
directs the user to open Event Viewer and look at some event log
Answer: A
Reference:http://www.pcworld.com/article/182180/top_5_social_engineering_exploit_techniques.h
tml
A user has just purchased a wireless router for their home. Which of the following should be done
to BEST secure the router from unauthorized access? (Select TWO).
A. Change router default logins
B. Change the security settings on their computer
C. Set en
Answer: A,C
Explanation:
First change default router logins to avoid guesswork by hackers. Set encryption on the router
using WPA and/or WPA2.
A user is experiencing slow performance with their computer. A technician suspects the computer
has a virus and runs antivirus software. A virus is found and removed, but the performance issue
is not resolved. Which of the following should the technician
Answer: C
Explanation:
Go back to the finding the real problem. See what is slowing down the performance and then
resolve the problem usingrelated troubleshooting techniques.
The benefit of MAC filtering in wireless networking is that the network:
A. is encrypted.
B. is not visible.
C. uses static IP addresses.
D. is more secure.
Answer: D
Reference:http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm
When securing a new wireless router, which of the following should be changed FIRST?
A. Default SSID
B. Radio power levels
C. Default password
D. DHCP settings
Answer: C
Reference:http://blog.laptopmag.com/change-your-routers-username-and-password-how-to
A client has a computer that is infected with several viruses and spyware. Which of the following
should the technician perform FIRST before spyware removal?
A. Run Windows Update
B. Disable system restore
C. Run the chkdsk /r command
D. Disable network c
Answer: B
Reference:http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windowsvista/
A technician is trying to setup a non-domain user account on a workstation, but receives the
following error message "Password does not meet the complexity requirements." Which of the
following utilities should the technician use to identify the criteria?
Answer: A
Reference:http://www.tomshardware.com/forum/23713-63-password-meet-password-policy-requirements
In a SOHO wireless network, which of the following prevents unauthorized users from accessing
confidential data?
A. Reduce broadcast power
B. Change SSID name
C. Set encryption
D. Enable MAC filtering
Answer: C
Reference:http://www.dirksen.nl/assets/Uploads/Downloads/Top10ChecklistSOHOSecurity.pdf
A technician recently setup a new wired network and wants to ensure only their computers can
use it. Which of the following is the MOST secure way to accomplish this?
A. Make sure the computers are using strong passwords.
B. Enable an intrusion detection
Answer: D
Reference:http://www.geekzone.co.nz/forums.asp?forumid=66&topicid=10968
Which of the following security measures is usually found in a laptop?
A. Biometrics
B. Bollard
C. Hypervisor
D. Key fobs
Answer: A
Reference:http://searchsecurity.techtarget.com/definition/biometrics
Which of the following can be achieved with Group Policy to help with workstation security
measures?
A. BitLocker password
B. Complexity requirements
C. BIOS password
D. Wake on LAN
Answer: B
Reference:http://technet.microsoft.com/en-us/library/cc875814.aspx
Which of the following can enable a technician to remove a virus that prevents users from
updating their antivirus software?
A. Recovery console
B. REGEDIT
C. Safe mode
D. MSCONFIG
Answer: C
Reference:http://pcsupport.about.com/od/fixtheproblem/f/windows-safe-mode.htm
A technician has installed the hardware for a SOHO wired network. Which of the following is the
FIRST step to securing the network?
A. Enable MAC filtering
B. Change default usernames and passwords
C. Disable unused ports
D. Assign static IP addresses
Answer: B
Reference:http://www.dirksen.nl/assets/Uploads/Downloads/Top10ChecklistSOHOSecurity.pdf
Which of the following is a security threat that uses email to trick users?
A. Phishing
B. Virus
C. Spyware
D. Shoulder surfing
Answer: A
Reference:http://kb.iu.edu/data/arsf.html
Which of the following user accounts should be disabled to adhere to security best practices?
A. Standard user
B. Guest
C. Administrator
D. Power user
Answer: B
Reference:http://windows.microsoft.com/is-is/windows-vista/what-is-a-guest-account
Which of the following user accounts should be renamed to adhere to security best practices?
A. Power user
B. Guest
C. Standard user
D. Administrator
Answer: D
Reference:http://technet.microsoft.com/en-us/library/jj852273.aspx
Which of the following security threats do shredders help prevent?
A. Dumpster diving
B. Malware
C. Phishing
D. Worms
Answer: A
Reference:http://en.wikipedia.org/wiki/Garbage_picking
A user has setup a SOHO and needs to implement a network configuration that allows for sharing
of devices and files across the network without the complexity of a centralized server. Which of the
following would be MOST appropriate?
A. PAN
B. WorkGroup
C.
Answer: B
Reference:http://windows.microsoft.com/en-us/windows7/what-is-the-difference-between-adomain-
a-workgroup-and-a-homegroup
Browser redirection is caused by which of the following types of viruses?
A. Hijack
B. Trojan
C. Worm
D. Keylogger
Answer: A
Reference:http://en.wikipedia.org/wiki/Browser_hijacking
A user has a perimeter firewall and up-to-date antivirus software. The user is asking what else
they can do to improve their security. Which of the following will have the MOST impact on
network security? (Select TWO).
A. Install additional antivirus soft
Answer: D,E
Explanation:
To improve security, assign security rights based on job roles. You need to give least amount of
privilege to users so that they can do their jobs without having access toresources that have
nothing to do with their job roles.
An Internet browser's cookie could be classified as which of the following?
A. Rootkit
B. Phishing
C. Malware
D. Spyware
Answer: D
Reference:http://en.wikipedia.org/wiki/Spyware#Browser_cookies
A technician needs to change the minimum password length to 8 characters to make it more
secure. Which of the following system settings should the technician configure?
A. Windows Firewall
B. Windows Security Center
C. Local Security Policy
D. System Conf
Answer: C
Reference:http://technet.microsoft.com/en-us/library/dd277395.aspx
A technician would like to limit computer access to certain users. Which of the following should be
configured?
A. Advanced security
B. Boot.ini file
C. System configuration
D. Local security policy
Answer: D
Reference:http://technet.microsoft.com/en-us/library/dd277395.aspx
Which of the following common security threats could be occurring when a user calls and requests
his co-worker's password?
A. Shoulder surfing
B. Spyware
C. Phishing
D. Social engineering
Answer: D
Reference:http://www.pcworld.com/article/182180/top_5_social_engineering_exploit_techniques.h
tml
When securing a small office home office (SOHO) that has empty cubicles with unused network
ports, which of the following can be used to secure ONLY the unused ports?
A. Use DHCP addressing on the network.
B. Disable the ports on the router or switch.
C.
Answer: B
Explanation:
To secure unused ports, just disable them on the router or the switch.
Which of the following should a technician do LAST after cleaning up a virus infection?
A. Enable system restore and create restore point
B. Update antivirus software
C. Schedule scans and updates
D. Educate the end user
Answer: D
Explanation:
Most of the time users install virus, Trojans and other malicious codes on their computers
unknowingly. The best to prevent this loophole is to educate the user about viruses and where to
look and what to do to prevent installing ma
A user does not want their kids to be able to install software on their home desktop. Which of the
following types of accounts should the user set up in Windows 7?
A. Standard
B. Remote Desktop Users
C. Administrator
D. Power User
Answer: A
Reference:http://windows.microsoft.com/en-us/windows-vista/what-is-a-standard-user-account
Which of the following are examples of physical security? (Select TWO).
A. Badges
B. Anti-virus
C. Encryption
D. Firewalls
E. Locked doors
Answer: A,E
Reference:http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf
Which of the following scenarios BEST defines phishing?
A. A user receives an email from a friend to download a picture but the file format ends in .exe.
B. A user receives a pop-up message about a virus from a company that states that if they buy
this pr
Answer: D
Reference:http://www.scamwatch.gov.au/content/index.phtml/tag/requestsforyouraccountinformati
on
Which of the following would be the BEST way to combat social engineering?
A. User education
B. Deny social networks through the firewall
C. Badges
D. Strong password usage
Answer: A
Reference:http://searchsecurity.techtarget.com/magazineContent/Gaining-awareness-to-preventsocial-
engineering-techniques-attacks
Which of the following is considered a method of physical security?
A. Strong passwords
B. Cipher locked doors
C. NTFS
D. Firewall
Answer: B
Reference:http://www.wisegeek.com/what-is-a-cipher-lock.htm
A user wants to quickly install the most recent security patch released. Which of the following
options can be selected from the Windows Update website?
A. Custom settings
B. Advanced settings
C. Automatic settings
D. Express settings
Answer: D
Reference:http://wiki.answers.com/Q/What_will_the_windows_update_express_button_download_
onto_your_computer
Which of the following has the HIGHEST level rights?
A. Standard User
B. Power User
C. Guest User
D. Remote Desktop User
Answer: B
Reference:http://en.wikipedia.org/wiki/Power_user#Windows_administration
Which of the following allows a user to reset their password with a series of security questions that
only the user should know?
A. Permission propagation
B. Administration
C. Verification
D. Authentication
Answer: D
A user gets a warning from their ISP about illegally downloading copyrighted movies. The user
insists that they did not download any movies and calls a technician to implement stronger small
office home office (SOHO) security. Which of the following will
Answer: C
Reference:http://www.wi-fiplanet.com/tutorials/article.php/3924486/MAC-Filtering-for-Your-
Wireless-Network.htm
A technician is installing a webcam in a nursery for a user to monitor their baby. The user wants to
ensure that the webcam is not broadcasting externally. Which of the following would the technician
implement on the SOHO router to prevent the broadcast?
Answer: C
Reference:http://www.wilderssecurity.com/showthread.php?t=210105
A user installed a new SOHO router and new wireless NICs to increase their transmission speed
from 802.11b to 802.11g with the manufacturer's default settings. The user lives in an apartment
building and is still experiencing slowness to the Internet afte
Answer: C
Reference:http://security.stackexchange.com/questions/755/how-does-basic-http-auth-work
A user wants to prevent access to specific websites to prevent their children from accidently
accessing them. Which of the following can be implemented?
A. A switch
B. Antivirus software
C. Antispyware software
D. A firewall
Answer: D
Reference:http://en.wikipedia.org/wiki/MAC_filtering
Which of the following is the MOST secure method, short of physical destruction, that would be
used to ensure that data on a hard drive cannot be recovered?
A. Use a degaussing tool
B. Format the drive
C. Use an overwrite program
D. Repartition the drive
Answer: C
Reference:http://www.pcworld.com/article/261702/how_to_securely_erase_your_hard_drive.html
IT suspects that other people are frequently making changes to a computer when a user leaves
their desk. Which of the following security policies can be implemented in order to prevent this
situation?
A. Auto-lock
B. Password complexity
C. Change the defa
Answer: A
Reference:http://www.inf.aber.ac.uk/advisory/faq/156
A client has asked a technician about drive sanitation and wants to know what the difference is
between overwriting a drive and formatting a drive. Which of the following would be the BEST
response from the technician?
A. "Overwriting writes 1s and 0s to
Answer: A
Reference:http://www.pcworld.com/article/261702/how_to_securely_erase_your_hard_drive.html
Which of the following BEST describes the security term known as tailgating?
A. Propping open a secure entrance to gain later access
B. Following behind someone when entering a secure area
C. Removing files from a site using a hidden USB drive
D. Using so
Answer: B
Reference:http://en.wikipedia.org/wiki/Tailgating
A user is reporting that they are clicking on search results and being redirected to the wrong sites.
Which of the following should a technician check FIRST?
A. Temporary Internet Files
B. Proxy Settings
C. Cookies
D. Windows Firewall
Answer: B
Reference:http://answers.oreilly.com/topic/675-how-to-configure-proxy-settings-in-windows-7/
When setting up a new wireless router, which of the following actions should the technician take FIRST in order to secure the network? (Select TWO).
A. Disable unused ports
B. Change the SSID
C. Position the antennas to prevent outside access
D. Enable MA
Answer: B,E
Explanation:
The basic tasks to secure a network is to change SSID and the default user name. This is the
basic security a user can employ to secure the network immediately.
Which of the following allows a hidden backdoor to be used for access to workstations on the
Internet?
A. Firmware
B. Rootkits
C. SQL injection
D. Cross-side scripting
Answer: B
Reference:http://www.spamlaws.com/how-rootkits-work.html