Questions and Answers
Which of the following is the strongest password? (Select all that apply)
Which of these is a security component of Windows?
What key combination helps to secure the logon process?
Which of the following is the most common authentication model?
Signup and view all the answers
Which of the following access control methods uses rules to govern whether object access will be allowed?
Signup and view all the answers
When using the mandatory access control model, what component is needed?
Signup and view all the answers
Which of the following statements regarding the MAC model is true?
Signup and view all the answers
In the DAC model, how are permissions identified?
Signup and view all the answers
Robert needs to access a resource. In the DAC model, what is used to identify him or other users?
Signup and view all the answers
A company has a high attrition rate. What should you ask the network administrator to do first?
Signup and view all the answers
Your company has 1000 users. Which of the following password management systems will work best for your company?
Signup and view all the answers
In a discretionary access control model, who is in charge of setting permissions to a resource?
Signup and view all the answers
Jason needs to add several users to a group. Which of the following will help him to get the job done faster?
Signup and view all the answers
How are permissions defined in the mandatory access control model?
Signup and view all the answers
Which of the following would lower the level of password security?
Signup and view all the answers
Of the following access control models, which uses object labels?
Signup and view all the answers
Which of the following methods could identify when an unauthorized access has occurred?
Signup and view all the answers
What would you use to control the traffic that is allowed in or out of a network?
Signup and view all the answers
In an attempt to deter fraud and defend against it, your company cross trains people in each department. This is an example of?
Signup and view all the answers
What is a definition of implicit deny?
Signup and view all the answers
In an environment where administrators, the accounting department, and the marketing department all have different levels of access, which of the following access control models is being used?
Signup and view all the answers
Which security measure should be included when implementing access control?
Signup and view all the answers
Which password management system best provides for a system with a large number of users?
Signup and view all the answers
You administer a bulletin board system for a rock and roll band. While reviewing logs for the board, you see one particular IP address posting spam multiple times per day. What is the best way to prevent this type of problem?
Signup and view all the answers
Your organization has enacted a policy where employees are required to create passwords with at least 15 characters. What type of policy does this define?
Signup and view all the answers
Users are required to change their passwords every 30 days. Which policy should be configured?
Signup and view all the answers
You want to mitigate the possibility of privilege creep among your long-term users. What procedure should you employ?
Signup and view all the answers
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following would best describe this level of access control?
Signup and view all the answers
Which of the following access control models would be found in a firewall?
Signup and view all the answers
You are consulting a small organization that relies on employees who work from home and on the road. A hack has compromised the network by denying remote access to the company using a script. Which of the following security controls did the hacker exploit?
Signup and view all the answers
Which type of vulnerability assessment software can check for weak passwords on the network?
Signup and view all the answers
You are contracted to conduct a forensic analysis of the computer. What should you do first?
Signup and view all the answers
Which of the following has schemas written in XML?
Signup and view all the answers
Russ is using only documentation to test the security of a system. What type of testing methodology is this known as?
Signup and view all the answers
Of the following, which is the best way for a person to find out what security holes exist on the network?
Signup and view all the answers
After using Nmap to do a port scan of your server, you find that several ports are open. Which of the following should you do next?
Signup and view all the answers
Which of the following is a vulnerability assessment tool?
Signup and view all the answers
You are a consultant for an IT company. Your boss asks you to determine the topology of the network. What is the best device to use in this circumstance?
Signup and view all the answers
Which of the following can enable you to find all the open ports on an entire network?
Signup and view all the answers
What can hackers accomplish using malicious port scanning?
Signup and view all the answers
Many companies send passwords via clear text. Which of the following can view these passwords?
Signup and view all the answers
Which of the following persons is ultimately in charge of deciding how much residual risk there will be?
Signup and view all the answers
To show risk from a monetary standpoint, which of the following should risk assessments be based upon?
Signup and view all the answers
Study Notes
Password Security
- The strongest password option is "This1sV#ryS3cure", which combines upper and lower case letters, numbers, and special characters.
- A self-service password resetting system is beneficial for managing passwords for a large number of users.
Windows Security Components
- User Account Control (UAC) is a vital security feature in Windows that helps prevent unauthorized changes to the operating system.
Authentication and Access Control
- The key combination "CTRL+ALT+DEL" is crucial for securing the logon process on Windows machines.
- The most common authentication model is using a username and password.
- Rule-based access control uses established rules to determine object access permissions.
Access Control Models
- Mandatory Access Control (MAC) requires the use of labels to enforce access restrictions.
- Discretionary Access Control (DAC) allows resource owners to set permissions for their resources using Access Control Lists (ACLs).
- Role-Based Access Control (RBAC) assigns access rights based on user roles within the organization.
Security Policies and Procedures
- Implementing password complexity requirements enhances security.
- Employees should create passwords of at least 15 characters to strengthen security posture.
Job and Role Management
- Job rotation and user permission reviews are strategies to mitigate privilege creep in users with long-term access.
- A template can expedite the process of adding users to groups in an organization.
Risk Management
- Senior management ultimately decides the level of residual risk that an organization will accept.
- Quantitative risk assessments are essential for determining monetary impacts related to risk management decisions.
Vulnerability Assessments
- A vulnerability assessment tool like Nessus can help identify security weaknesses in networks.
- Port scanning can reveal open ports that may expose systems to attacks and should be followed up with an examination of the services running on those ports.
Network Security
- Access Control Lists (ACLs) are used to control network traffic flow and determine the permissions granted to resources.
- Implementing CAPTCHA can help prevent automated spam attacks in online systems.
General Security Practices
- Session termination and previous logon notifications are methods to identify unauthorized access attempts.
- Mandatory vacations are a practice that aids in the separation of duties, preventing potential fraud.
Logging and Monitoring
- Forensic analysis begins with backing up the system to prevent data loss before any analysis takes place.
- Protocol analyzers can view passwords sent in clear text on unsecured networks.
Miscellaneous Security Concepts
- Implicit deny means that any resources not explicitly granted access are denied by default.
- A network mapper is the best device for determining network topology in a consulting scenario.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on fundamental cybersecurity concepts including password security, Windows security components, and various access control models. This quiz covers essential practices such as User Account Control and authentication methods to safeguard systems.
