1. Which three suggestions are good security password policies that a company or individual should follow? (Choose three.)
*Passwords should have an expiration period.
*Password lockout should be enabled.
*A mix of letters, numbers, and other characters should be used.
2. Which two characteristics describe a worm? (Choose two.)
*Travels to new computers without any intervention or knowledge of the user.
3.Which type of program causes banners and ads to appear on the desktop without any user intervention?
4. A network administrator is looking for a technology that includes both hardware and software authentication. Which technology could the administrator use?
*Trusted Platform Module (TPM)
5. When setting up a new wireless access point, which basic security measure should be taken?
*Disable SSID broadcast.
6. Which best practice should be included in a password protection policy?
*Implement lockout rules upon consecutive unsuccessful attempts at accessing the system.
7. Which wireless security technology is a good choice when using Cisco equipment in conjunction with operating systems such as Windows and Linux?
8. A bank is upgrading the hard drives in a server. What should be done to the old hard drives to permanently remove any confidential data?
*Destroy the hard drives with a hammer.
9. Which two statements are true about username and password standards? (Choose two.)
*The username naming convention should be kept simple.
*Rules about password expiration and lockout should be defined.
10. A technician has downloaded the latest Windows XP updates from the Microsoft website. What should the technician do before installing the updates?
*Create a restore point.
11. A financial organization is donating computers to a local charity. What is the best method to remove all data from the hard drives in the computers?
*Use data wiping software and delete any hard drive partitions.
12. Which three security storage features are supported by the TPM hardware module? (Choose three.)
13. A fingerprint reader is an example of which security technology?
14. Where is the safest place to store backups?
*locked server room
15. Which type of authentication is evidenced by the use of a small chip on a card that contains user identification data such as bank account numbers and digital signatures?
16. Which two items can be downloaded from the Microsoft website to help protect Windows XP? (Choose two.)
17. Which threat to security uses traffic from zombie computers to overwhelm servers?
18. What is the preferred wireless encryption technique if the wireless clients support it?
19. Which is the best procedure to secure a laptop left at the office while the user is away for an extended period of time?
*Place the laptop in a locked security cage designed to store computer equipment.
20. What is the best method for a company to secure data being transmitted across the Internet between remote sites?
*Use computers secured with smartcard authentication.
21. Which type of software is downloaded onto the computer of a user without the knowledge of the user and causes information about various products to be displayed on the user's monitor?
22. An attacker has managed to decode the encrypted messages of a wireless network. The network uses Windows XP and Cisco equipment. The security protocol that is used is WEP with 64-bit encryption. Which action can be recommended to the technician for securing the network?
*Upgrade to the LEAP wireless security protocol.
23. What must be done to ensure that the anti-virus software on a computer is able to detect and eradicate the most recent viruses?
*Download the latest signature files on a regular basis.
24. Which statement accurately describes the WEP standard?
*WEP is a first generation security standard for wireless communication.
25. What are two examples of malware? (Choose two.)
26. An employee for a small company inadvertently allows a visitor to see their username and password. At home, the visitor then uses this information to gain access to the company network. This is an example of what type of threat?
27. An attacker claiming to be a bank representative contacts a potential victim via e-mail and requests disclosure of vital account information. Which security attack is being implemented?