2FA Password Expiry Choices Quiz

Questions and Answers

What is the purpose of a Wi-Fi Protected Setup (WPS) attack?

• To assign unique digital identifiers to endpoint devices
• To simplify account administration
• To discover an access point WPS PIN by guessing PIN numbers (correct)
• To force users to pay for access

Which type of privileges is the BEST choice for simplifying account administration in a high turnover department?

• Domain-assigned privileges
• User-assigned privileges
• Network-assigned privileges
• Group-based privileges (correct)

What do Mobile Device Management (MDM) applications do with endpoint devices?

• Assign unique digital identifiers (correct)
• Force users to acknowledge usage policies
• Connect to a server hosting the desktop
• Simplify account administration

What is the main function of a virtual desktop infrastructure (VDI)?

Provide a virtual desktop to users (B)

Which of the following is NOT a valid administration practice according to the text?

User-assigned privileges (A)

What does a WPS attack attempt to guess?

Access point WPS PINs (A)

What is the best method to add a second authentication factor for users launching the gcga application?

Push notifications (A)

Which control can detect malicious traffic after it enters a network?

An intrusion detection system (IDS) (D)

How does an authentication application differ from push notifications in terms of user-friendliness?

An authentication application requires smartphone login and code entry. (A)

What can a Trusted Platform Module (TPM) provide for regarding data security?

Implementing full disk encryption (D)

Which hardware device can generate and store RSA keys used with servers?

Hardware Security Module (HSM) (A)

Why can't an intrusion detection system (IDS) deter attacks according to the text?

Attackers are unaware of the presence of an IDS in a system. (B)

What does remote wipe do to a lost device?

Sends a signal to erase data (B)

Why won't geolocation technologies protect data on a lost device?

They are ineffective in locating lost devices (B)

What does an air gap provide in terms of system isolation?

Physical isolation with a gap of air between systems (A)

What does a screened subnet provide in network security?

Connection to both internal network and Internet (C)

What is the purpose of a Network Access Control (NAC) in a BYOD policy implementation?

Health monitoring for security compliance (A)

What type of detection does a Host-based Intrusion Detection System (HIDS) use for known issues?

Signature-based detection (A)

Which method ensures that 2FA passwords expire after 30 seconds?

TOTP (C)

What is the main advantage of removing all shared accounts?

Simplifies administration (D)

Why shouldn't generic accounts be used?

They provide individual accountability (D)

What is the primary purpose of role-based privileges?

To simplify administration tasks (D)

What does a sandbox primarily provide for testing updates?

Isolated testing environment (A)

What characteristic defines a single sign-on (SSO) solution?

Logging in once for access to multiple resources (D)

Which solution is recommended to protect laptop drives against data theft without user interaction?

DLP (C)

What type of attack attempts to discover the passphrase by targeting the initialization vector?

IV attack (A)

In a VPN setup, which mode encrypts all traffic after the user connects to the VPN?

Full tunnel (C)

What is the main purpose of a split tunnel in a VPN configuration?

Encrypt only traffic for private network (A)

Which type of attack attempts to access information on Bluetooth devices?

Bluesnarfing attack (C)

What is the best solution to implement for protecting against data theft according to the text?

SED (A)