Chapter 29: Securing Computers – Flashcards
Unlock all answers in this set
Unlock answersquestion
Mary's company routinely labels data according to its sensitivity or potential danger to the company if someone outside accesses the data. This is an example of _____.
answer
data classification
question
Once you've gathered data about a particular system or you've dealt with a computer or network problem, you need to complete the mission by telling your supervisor. This is called _______.
answer
incidence reporting
question
_____ is the act of trying to get people to give their usernames, passwords, or other security information by pretending to be someone else electronically.
answer
phishing
question
Enable ______ to create Event Viewer entries when a specific file is accessed.
answer
object access auditing
question
Although not all _______ is malicious, it can lead to data destruction.
answer
unauthorized access
question
Most attacks on computer data are accomplished through ________.
answer
social engineering
question
Going through someone's trash to uncover personal information is known as _____.
answer
dumpster diving
question
Many companies authenticate access to secure rooms using an ownership factor such as a(n) ______.
answer
smart card
question
A ______ is an authentication device that uses your physical body in some way, such as a retinal or fingerprint scanner.
answer
biometric device
question
Following someone into a restricted area is known as _______.
answer
tailgating
question
What is the process of using or manipulating people to gain access to network resources?
answer
Social engineering
question
Which of the following might offer good hardware authentication?
answer
Smart card
question
Which of the following tools would enable you to stop a user from logging on to a local machine but still enable him to log on to the domain?
answer
Local Security Policy
question
John dressed up in a fake security guard uniform that matched the uniforms of a company and then walked in with some legitimate employees in an attempt to gain access to company resources. What kind of attack is this?
answer
Tailgating
question
The first day on the job, Jill received a spreadsheet that listed approved software for users and clear instructions not to allow any unapproved software. What kind of policy must she follow?
answer
Compliance
question
Which of the following would be considered an environmental threat? (Choose three.)
answer
Temperature / Humidity / Power
question
A user account is a member of several groups, and the groups have conflicting rights and permissions to several network resources. The culminating permissions that ultimately affect the user's access are referred to as what?
answer
Effective permissions
question
What type of authentication uses at least two different methods to determine the user's identity?
answer
Multi factor authentication
question
What system enables users to categorize documents by importance and privacy?
answer
Data classification
question
Which threats are categorized as social engineering? (Select all that apply.)
answer
Telephone scams Dumpster diving
question
What do you call the documented list of everyone who has had access to a computer?
answer
User access list
question
A user calls and complains that the technician who fixed his computer removed some software he used to listen to music on the Internet. A check of approved software does not include the LimeWire application, so what should the supervisor do?
answer
Applaud the technician for proper compliance.
question
Your boss is considering getting an Internet connection for the office so employees have access to e-mail, but she is concerned about hackers getting into the company server. What can you tell your boss about safeguards you will implement to keep the server safe?
answer
Students should discuss the use of a firewall to protect against attacks from the Internet. They should also discuss antivirus software and the importance of keeping virus definitions up to date. Some students may discuss the use of Group Policy to limit Internet usage and prevent installation of spyware.