Term
1. Which type of malware can copy itself and infect a computer without the user’s consent or knowledge?
a) virus
b) Trojan horse
c) rootkit
d) backdoor |
|
Definition
Answer: a
Difficulty: Easy
Section Reference: Looking at Types of Malware
Explanation: A computer virus is a program that can copy itself and infect a computer without the user’s consent or knowledge. Early viruses were usually some form of executable code that was hidden in the boot sector of a disk or as an executable file (that is, a filename with an .exe or .com extension). Later, viruses mutated enough to affect data documents that included macro languages. |
|
|
Term
2. What type of self-replicating program copies itself to other computers on a network without any user intervention and consumes bandwidth and computer resources?
a) virus
b) Trojan horse
c) worm
d) backdoor |
|
Definition
Answer: c
Difficulty: Medium
Section Reference: Looking at Types of Malware
Explanation: A worm is a self-replicating program that copies itself to other computers on a network without any user intervention. Unlike a virus, a worm does not corrupt or modify files on the target computer. Instead, it consumes bandwidth and processor and memory resources, slowing the system down or causing it to be unusable. Worms usually spread via security holes in operating systems or TCP/IP software implementations. |
|
|
Term
3. What malware looks like a useful or desired executable program but is in reality program that is supposed to cause harm to your computer or steal information from your computer?
a) virus
b) Trojan horse
c) worm
d) backdoor |
|
Definition
Answer: b
Difficulty: Easy
Section Reference: Looking at Types of Malware
Explanation: A Trojan horse is an executable program that appears as a desirable or useful program. Because it appears to be desirable or useful, users are tricked into loading and executing it on their systems. After the program is loaded, it might cause a user’s computer to become unusable, or it might bypass the user’s system security, allowing private information (including passwords, credit card numbers, and Social Security numbers) to be accessible by an outside party. In some cases, a Trojan horse may even execute adware. |
|
|
Term
4. What malware collects a user’s personal information or details about your browsing habits without your knowledge?
a) virus
b) Trojan horse
c) worm
d) spyware |
|
Definition
Answer: d
Difficulty: Easy
Section Reference: Looking at Types of Malware
Explanation: Spyware is a type of malware that is installed on a computer to collect a user’s personal information or details about browsing habits, often without the user’s knowledge. Spyware can also install additional software, redirect your web browser to other sites, or change your home page. One example of spyware is the keylogger, which records every key a user presses. |
|
|
Term
5. What malware gives administrator-level control over a computer system?
a) rootkit
b) Trojan horse
c) worm
d) spyware |
|
Definition
Answer: a
Difficulty: Hard
Section Reference: Looking at Types of Malware
Explanation: A rootkit is a software or hardware device designed to gain administrator-level control over a computer system without being detected. Rootkits can target the BIOS, hypervisor, boot loader, kernel, or (less commonly) libraries or applications. |
|
|
Term
6. What software component comes with Windows Vista and Windows 7 to defend against spyware?
a) Windows Firewall
b) Windows Defender
c) UAC
d) Windows Anti-virus |
|
Definition
Answer: b
Difficulty: Medium
Section Reference: Using Security Updates and Antivirus Software for Clients
Explanation: Windows Defender is a software product from Microsoft that is intended to prevent, remove, and quarantine spyware in Microsoft Windows. This program helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyware from your computer. |
|
|
Term
7. What do you call a message warning you to delete an essential Windows file?
a) virus hoax
b) keylogger
c) backdoor
d) worm |
|
Definition
Answer: a
Difficulty: Easy
Section Reference: Examining a Virus Hoax
Explanation: A virus hoax is a message warning recipients of a nonexistent computer virus threat, usually sent as a chain email that tells the recipient to forward it to everyone they know. This is a form of social engineering that plays on people’s ignorance and fear. |
|
|
Term
8. What server can be used to install Windows updates for your organization?
a) SCOM
b) WSUS
c) IIS
d) WDS |
|
Definition
Answer: b
Difficulty: Medium
Section Reference: Utilizing Windows Updates
Explanation: For corporations, you can also use Windows Server Update Service (WSUS) or System Center Configuration Manager (SCCM) to keep your systems updated. The advantage of using one of these two systems is that it allows you to test the patch, schedule the updates, and prioritize client updates. After you determine a patch is safe, you can enable it for deployment. |
|
|
Term
9. What do you call multiple Windows updates that have been packaged together as one installation and are well tested?
a) service packs
b) cumulative packs
c) critical update
d) optional update |
|
Definition
Answer: a
Difficulty: Easy
Section Reference: Utilizing Windows Updates
Explanation: A service pack is a tested cumulative set of hotfixes, security updates, critical updates, and updates, as well as additional fixes for problems found internally since the release of the product. |
|
|
Term
10. What Windows feature notifies you when something tries to make changes to your computer without your knowledge?
a) WDS
b) NAT
c) Windows Defender
d) UAC |
|
Definition
Answer: d
Difficulty: Medium
Section Reference: Utilizing User Account Control
Explanation: User Account Control (UAC) is a feature that started with Windows Vista and is included with Windows 7. UAC helps prevent unauthorized changes to your computer and, in doing so, helps protect your system from malware. |
|
|
Term
11. What host firewall is included with Windows 7?
a) Windows Firewall
b) Windows Defender
c) Microsoft Protector
d) Microsoft Safety Net |
|
Definition
Answer: a
Difficulty: Easy
Section Reference: Using Windows Firewall
Explanation: Microsoft recommends that you always use Windows Firewall. However, because some security packages and antivirus packages include their own firewalls, you can choose to run an alternative firewall—but you should use only one firewall. |
|
|
Term
12. What do you call unsolicited junk email?
a) spam
b) j-mail
c) junkettes
d) Infected mail |
|
Definition
Answer: a
Difficulty: Easy
Section Reference: Protecting Your Email
Explanation: Email has become an essential service for virtually every corporation. Unfortunately, much of the email received by company employees consists of unsolicited messages called spam or junk email, some of which can carry malware and may lead to fraud or scams. |
|
|
Term
13. What email validation system is designed to stop spam that uses source address spoofing?
a) Foremost Relay System
b) Sender Policy Framework
c) Spam Checking Networking
d) Spoof Checker |
|
Definition
Answer: b
Difficulty: Hard
Section Reference: Dealing with Spam
Explanation: Sender Policy Framework (SPF) is an email validation system designed to stop spam that uses source address spoofing. SPF allows administrators to specify in DNS SPF records in the public DNS which hosts are allowed to send email from a given domain. If email for a domain is not sent from a host listed in the DNS SPF, it will be considered spam and blocked. |
|
|
Term
14. What do spammers and hackers look for when they want to send email through your network?
a) open SMTP servers
b) open web servers
c) open POP3 servers
d) open FTP servers |
|
Definition
Answer: a
Difficulty: Medium
Section Reference: Relaying Email
Explanation: Simple Mail Transfer Protocol (SMTP), one of the primary email protocols, is used to transfer email from one server to another and is responsible for outgoing mail transport. SMTP uses TCP port 25. Although you may think your email servers function only for users to send and retrieve email, they also may be used to relay email. For example, web and application servers may relay email through their email servers, such as when you order something over the Internet and a confirmation email is sent to you. |
|
|
Term
15. Which tab in Internet Explorer settings would you use to delete history and cookies?
a) General
b) Privacy
c) Security
d) Advanced |
|
Definition
Answer: a
Difficulty: Medium
Section Reference: Looking at Cookies and Privacy Settings
Explanation: When you use a browser to access the Internet, you may be revealing personal information and a great deal about your personality. Therefore, you need to take steps to ensure that this information cannot be read or used without your knowledge. A cookie is a piece of text stored by a user’s web browser. To clean out history, temporary files, and cookies, open the Internet Options and select the General tab. |
|
|
Term
16. Which Internet Explorer zone is the least secure?
a) Internet zone
b) local intranet zone
c) trusted sites zone
d) restricted sites zone |
|
Definition
Answer: b
Difficulty: Hard
Section Reference: Examining Content Zones
Explanation: The trusted sites zone contains sites from which you believe you can download or run files without damaging your system. You can assign sites to this zone. The default security level for the trusted sites zone is Low, which means Internet Explorer will allow all cookies from websites in this zone to be saved on your computer and read by the website that created them. The next least secure is the local intranet, which is configured as Medium-Low. |
|
|
Term
17. What technique is used to send you to a fake, but realistic-looking, website to verify your account information?
a) spoofing
b) smurfing
c) man-in-the-middle
d) phishing |
|
Definition
Answer: d
Difficulty: Medium
Section Reference: Phishing and Pharming
Explanation: Phishing is a technique based on social engineering. With phishing, users are asked (usually through email or websites) to supply personal information in one of two ways:
• By replying to an email asking for their username, password, and other personal information, such as account numbers, PINs, and Social Security number
• By navigating to a convincing-looking website that urges them to supply their personal information, such as passwords and account numbers |
|
|
Term
| 18. ______________ is software that is designed to infiltrate or affect a computer system without the owner’s informed consent. |
|
Definition
Answer: Malware
Difficulty: Medium
Section Reference: Protecting Your Computer from Malware
Explanation: Malicious software, sometimes called malware, is software designed to infiltrate or affect a computer system without the owner’s informed consent. The term malware is usually associated with viruses, worms, Trojan horses, spyware, rootkits, and dishonest adware. As a network administrator or computer technician, you need to know how to identify malware, remove it, and protect a computer from it. |
|
|
Term
| 19. A _____________ is a program that give someone remote, unauthorized control or a system or initiates an unauthorized task. |
|
Definition
Answer: backdoor
Difficulty: Medium
Section Reference: Protecting Your Computer from Malware
Explanation: A backdoor is a program that gives someone remote, unauthorized control of a system or initiates an unauthorized task. Some backdoors are installed by viruses or other forms of malware. Other backdoors may be created by programs on commercial applications or with a customized application made for an organization. |
|
|
Term
| 20. What are the best two things can you to do protect yourself from viruses and other forms of malware? |
|
Definition
Answer: Keep Windows up-to-date with the newest security updates and use an up-to-date anti-virus software package.
Difficulty: Medium
Section Reference: Protecting Your Computer from Malware
Explanation: Some viruses, worms, rootkits, spyware, and adware gain access to a system by exploiting security holes in Windows, Internet Explorer, Microsoft Office, or some other software package. Therefore, the first step you should take to protect yourself against malware is to keep your system up-to-date with the latest service packs, security patches, and other critical fixes. Second, use an up-to-date antivirus software package. |
|
|
