EC: C2 Deep Pt.4

91問 • 1年前

問題一覧

A type of hierarchical database structure used in Windows Server environments that enables centralized management of devices and resources on a network is known as:

Active Directory

On a Windows domain, this tool can be used by system administrators to configure initial desktop environment (which may include mapping a network drive or setting up access to a shared printer) for a specific user.

Which of the following terms describes a large network of Windows-based PCs under single administration?

Windows domain

In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.

Group Policy

Windows Active Directory service allows for grouping users and computers into containers known as Organizational Units (OUs). An OU is the smallest unit to which system administrators can assign Group Policy settings to manage the configuration and use of accounts and resources within a given OU.

True

In Windows domain environment, the term "Home Folder" refers to a directory on a local PC where users can back up their data and files.

False

Which of the Windows Active Directory Group Policy settings allows network administrators to map a folder on a user's PC to a server-based location?

Folder redirection

In Windows Active Directory environment, this feature can be used by system administrators to assign user rights and grant permissions to shared resources.

Security Groups

Which wireless encryption scheme offers the highest level of protection?

WPA3

Which of the answers listed below refers to a security protocol designed to strengthen WEP implementations?

TKIP

Which of the following wireless technologies has been deprecated and should not be used due to its known vulnerabilities?

WEP

Which of the cryptographic algorithms listed below is the least vulnerable to attacks?

AES

Which of the following encryption schemes is used in WiFi Protected Access 2 (WPA2)?

AES-CCMP

For the purpose of encryption, WiFi Protected Access 3 (WPA3) takes advantage of: (Select 2 answers)

AES-GCMP, AES-CCMP

Which of the following acronyms refers to a client authentication method used in WPA2 Personal mode?

PSK

Which of the acronyms listed below refers to a client authentication method used in WPA3 Personal mode?

SAE

Which of the following would be the best solution for securing a small network that lacks an authentication server?

WPA3-SAE

What are the characteristic features of WPA2/WPA3 Enterprise mode? (Select 3 answers)

Suitable for large corporate networks, IEEE 802.1X, Requires RADIUS authentication server

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

Authentication

Which of the answers listed below refers to the process of granting or denying access to resources?

Authorization

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called:

Accounting

Examples of more complex authentication protocols providing the AAA functionality include: (Select all that apply)

TACACS+, RADIUS

What are the characteristics of TACACS+? (Select 3 answers)

Encrypts the entire payload of the access-request packet, Primarily used for device administration, Separates authentication and authorization

What are the characteristic features of RADIUS? (Select 3 answers)

Primarily used for network access, Combines authentication and authorization, Encrypts only the password in the access-request packet

Which of the following authentication protocols can be used to enable SSO in Windows-based network environments?

Kerberos

Assigning a unique encrypted key, called a ticket, to each user that logs on to the network is a characteristic feature of:

Kerberos

In the Kerberos-based authentication process, the purpose of the client's timestamp is to provide a countermeasure against:

Replay attacks

Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

Malware

A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program is known as a Trojan horse. This type of malware may act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.

True

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:

Rootkit

Which of the statements listed below apply to the definition of a computer virus? (Select 3 answers)

A self-replicating computer program containing malicious segment, Malware that requires its host application to be run to make the virus active, Malicious code that attaches itself to an application program or other executable component

Malicious software collecting information about users without their knowledge/consent is called:

Spyware

Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is referred to as:

Ransomware

Which of the following is an example of spyware?

Keylogger

A type of virus that infects the storage drive area containing the necessary data and code used to start the OS is known as:

Boot sector virus

Which of the answers listed below refers to a malware type that exploits computing resources without the owner's consent?

Cryptominer

Which of the following choices provides the most effective means for malware removal?

OS reinstallation

A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is called:

Phishing

The practice of using a telephone system to manipulate user into disclosing confidential information is known as:

Vishing

A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as:

Shoulder surfing

Phishing scams targeting people holding high positions in an organization or business are known as:

Whaling

What is tailgating?

Gaining unauthorized access to restricted areas by following another person

Which social engineering attack relies on identity theft?

Impersonation

In computer security, the term "Dumpster diving" is used to describe a practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about positions held in the company and other data can be used to facilitate social engineering attacks. Having the documents shredded or incinerated before disposal makes dumpster diving less effective and mitigates the risk of social engineering attacks.

True

The term "Evil twin" refers to a rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate access point and by advertising its own presence with the same SSID appears as a legitimate access point to connecting hosts.

True

What is the purpose of a DoS attack?

Resource exhaustion

As opposed to the simple Denial of Service (DoS) attacks that usually are performed from a single system, a Distributed Denial of Service (DDoS) attack uses multiple compromised computer systems to perform the attack against its target. The intermediary systems that are used as a platform for the attack are the secondary victims of the DDoS attack; they are often referred to as zombies, and collectively as a botnet.

True

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:

Zero-day attack

An email sent from unknown source disguised as a trusted source known to the message receiver is an example of: (Select 2 answers)

Spoofing, Social engineering

Which of the following statements can be used to describe the characteristics of an on-path attack? (Select 3 answers)

An on-path attack is also known as MitM attack, Attackers place themselves on the communication route between two devices, Attackers intercept or modify packets sent between two communicating devices

An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is referred to as:

Brute-force attack

Which password attack takes advantage of a predefined list of words?

Dictionary attack

Which term best describes a disgruntled employee abusing legitimate access to company's internal resources?

Insider threat

Entry fields of web forms lacking input validation are vulnerable to what kind of attacks?

SQL injection attacks

Which of the answers listed below refers to a countermeasure against SQL injection attacks?

Input validation

Which of the following answers can be used to describe characteristics of an XSS attack? (Select 3 answers)

Exploits the trust a user's web browser has in a website, A malicious script is injected into a trusted website, User's browser executes attacker's script

Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as pre-admission NAC where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network, and/or post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.

True

A Microsoft online service used for patching up system vulnerabilities, improving system performance, and fixing coding errors found in Windows software is known as:

Windows Update

The basic countermeasures against application-related vulnerabilities include avoiding applications from unknown sources and keeping the already installed apps up to date with current patches and bug fixes.

True

A mobile device deployment model that allows employees to use private mobile devices for accessing company's restricted data and applications is called:

BYOD

Which of the answers listed below refers to a potential IT security vulnerability?

All of the above

In Windows 10, Microsoft Defender Antivirus can be enabled/disabled via:

All of the above

Virus definition database files contain detection patterns for known viruses. To be effective, an AV program needs up-to-date versions of these files which can be obtained through an AV software update feature.

True

Which of the following actions in Windows 10 provides access to virus & threat protection update setting?

All of the above

Which of the answers listed below refers to an SSO account type?

Microsoft account

Which of the following user groups in Windows 10 can use most software and change system settings that don't affect other users or computer's security?

Standard Users

Which of the following answers refers to a built-in MS Windows account with complete and unrestricted system access?

Administrator

In MS Windows environments, Guest account is an account for users who do not have a permanent account on a Windows computer or domain. People using this type of account cannot install software or hardware, change settings, create passwords, or access protected files and folders. However, because the Guest account allows the user to log on to a network, browse the Internet, and shut down the computer, it is recommended to keep it disabled when it isn't being used.

True

Which user group in Windows (applies to Windows 7 and earlier versions) had rights and permissions that allowed its members to perform specific administrator-level tasks?

Power Users

Which sign-in options in Windows 10 rely on knowledge-based authentication factors? (Select 3 answers)

Username, PIN, Password

Which of the following answers refer to Windows 10 sign-in options that rely on inherence-based authentication factors? (Select 2 answers)

Fingerprint, Facial recognition

Which of the statements listed below are true? (Select 2 answers)

NTFS permissions apply to both network and local users, NTFS permissions can be applied to a folder or individual file

Which of the following statements describing share permissions in MS Windows are true? (Select 2 answers)

Apply only to network users, Can be set on a folder level

A Windows resource with conflicting NTFS and share permissions applied to it will assume:

The most restrictive permission

The share permissions on a shared Windows folder grant the user Read access and the local NTFS permissions grant the user Modify access. Which of the following are the effective user permission levels? (Select 2 answers)

Read when accessing the share remotely, Modify when accessing the folder locally

The share permissions on a shared Windows folder grant the user Full Control access and the local NTFS permissions grant the user Read access. Which of the following are the effective user permission levels? (Select 2 answers)

Read when accessing the share remotely, Read when accessing the folder locally

What is the correct hierarchy of precedence for permissions settings in NTFS?

Explicit Deny > Explicit Allow > Inherited Deny > Inherited Allow

In MS Windows, the attrib command is used to display or change file attributes. Some of the available options for this command include read-only (R), archive (A), system (S), and hidden (H). With attrib, the "+" symbol sets an attribute for a file, the "-" sign removes the attribute.

True

What is the correct syntax for applying the read-only attribute to a file?

attrib +R [drive:] [path] [filename]

In NTFS, permissions inherited from a parent object (e.g., a folder or user group) take precedence over permissions applied directly to an object (explicit permissions).

False

In NTFS, a folder or file moved from one location to another on the same volume inherits the permissions of its new parent folder.

False

In NTFS, a folder or file copied from one location to another on the same volume retains its original permissions.

False

In NTFS, a folder or file copied or moved from one location to another on a different volume inherits permissions of its new parent folder.

True

In NTFS, a folder or file copied or moved from one location to another on a different volume inherits permissions of its new parent folder.

True

In NTFS, permission propagation occurs when a folder or file created inside another folder takes on (inherits) permissions applied to that folder (permissions applied to the so-called parent folder propagate down to its child objects, i.e., folders and files created inside the parent folder).

True

The "Run as administrator" option in MS Windows allows users with lower-level permissions to perform tasks reserved for system administrators. This feature requires providing Administrator account credentials and temporarily elevates the current user's privileges to perform a given task. It also simplifies common system tasks, such as installation of new software, which would otherwise require logging out and switching to an admin account.

True

Windows Vista and newer releases of the Microsoft OS offer a security feature which limits privileges of software applications and access to administrative tasks. When a program makes a change that requires administrator-level permission or a user attempts to modify system settings that require administrative access, it triggers an on-screen prompt requiring an administrator password to proceed. This functionality is known as:

UAC

Which of the following actions in Windows allow to invoke the user access control prompt and run an application with administrator account permissions? (Select 3 answers)

Right-click on an application icon > select Run as administrator from the pop-up menu, In Windows Start menu press and hold Control + Shift keys > left-click on an application icon, Launch Windows Run dialog box (Windows logo key + R) > type in the application's name > press Control + Shift + Enter

What is the name of a Microsoft Windows feature that enables encryption of entire drives?

BitLocker

A Microsoft Windows feature specifically designed to enable encryption of removable drives is known as:

BitLocker To Go

Premium versions of the Microsoft OS contain a built-in component that enables encryption of individual files. This feature is called:

EFS

DION#1

Mixtapes øf Hanna · 90問 · 1年前

DION#1