OSE Chapter 13 Exam Revision Questions

Which two items are used in asymmetric encryption? (Choose two.)

A token is something that is used to provide two-factor authentication. DES is using an identical key to encrypt and decrypt. Asymmetric encryption uses a private key associated with a public key.

Which two algorithms are used for hash encoding to guarantee the integrity of data? (Choose two.)

A high technology company has an issue with unauthorized people gaining access into the company by following an authorized employee through the secure entrance. Which two measures could help with this security breach? (Choose two.)

A guard checking IDs or a mantrap can help prevent someone following a legitimate employee into a restricted area. With biometrics, employee smart IDs, or multifactor authentication being used, once the door is accessed by someone having the correct credentials, unauthorized people could still trail the legitimate person into the building or area.

A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

Social engineering attempts to gain the confidence of an employee and convince that person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks, spam, and keylogging are all examples of software based security threats, not social engineering.

The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

Phishing, spyware, and social engineering are security attacks that collect network and user information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack, none of these attacks generate large amounts of data traffic that can restrict access to network services.

After confirming the removal of a virus from a computer, how should the technician ensure and verify the full functionality of the system?

After resolving a computer problem, the next step is to verify full functionality by ensuring that the OS is up to date and by testing the operation of the computer and the network that it is connected to. Documenting the issue and solution is the final step, whereas gathering information from the user and other sources are earlier steps in the troubleshooting process.

A system administrator has been asked to protect the sensitive data on the Windows 7 computers of all management employees. Which Windows feature can be used to selectively encrypt individual files within the user accounts of each manager?​

Encrypting File System (EFS) is a Windows feature that can be used to encrypt files and folders linked to a specific user account. BitLocker is a Windows feature that can be used to encrypt the entire hard drive volume. TPM is a specialized chip on the motherboard that stores information specific to the computer system such as encryption keys, digital certificates, and passwords. Windows Update is used to update the operating system, not to encrypt data.