It-essentials v7.0 Chapter 13 Exam Answers

It-essentials v7.0 Chapter 13 Exam Answers

1. Which two items are used in asymmetric encryption? (Choose two.)

a token

a DES key

a private key *

a public key *


Explanation: A token is something that is used to provide two-factor authentication. DES is using an identical key to encrypt and decrypt. Asymmetric encryption uses a private key associated with a public key.

2. Which two algorithms are used for hash encoding to guarantee the integrity of data? (Choose two.)

MD5 *

chap checksum




3. A high technology company has an issue with unauthorized people gaining access into the company by following an authorized employee through the secure entrance. Which two measures could help with this security breach? (Choose two.)


employee smart ID

mantrap *

multifactor authentication

security guard that checks IDs *

Explanation: A guard checking IDs or a mantrap can help prevent someone following a legitimate employee into a restricted area. With biometrics, employee smart IDs, or multifactor authentication being used, once the door is accessed by someone having the correct credentials, unauthorized people could still trail the legitimate person into the building or area.

4. A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?



social engineering *

anonymous keylogging

Explanation: Social engineering attempts to gain the confidence of an employee and convince that person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks, spam, and keylogging are all examples of software based security threats, not social engineering.

5. The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?


DDoS *


social engineering


Explanation: Phishing, spyware, and social engineering are security attacks that collect network and user information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack, none of these attacks generate large amounts of data traffic that can restrict access to network services.

6. After confirming the removal of a virus from a computer, how should the technician ensure and verify the full functionality of the system?

Check for the latest OS patches and updates. *

Document the problem and the procedures performed to solve it.

Talk with the user to determine the cause of the problem.

Gather information from a number of sources to clearly identify the problem.

Explanation: After resolving a computer problem, the next step is to verify full functionality by ensuring that the OS is up to date and by testing the operation of the computer and the network that it is connected to. Documenting the issue and solution is the final step, whereas gathering information from the user and other sources are earlier steps in the troubleshooting process.

7. A system administrator has been asked to protect the sensitive data on the Windows 7 computers of all management employees. Which Windows feature can be used to selectively encrypt individual files within the user accounts of each manager?​




Windows Update

Explanation: Encrypting File System (EFS) is a Windows feature that can be used to encrypt files and folders linked to a specific user account. BitLocker is a Windows feature that can be used to encrypt the entire hard drive volume. TPM is a specialized chip on the motherboard that stores information specific to the computer system such as encryption keys, digital certificates, and passwords. Windows Update is used to update the operating system, not to encrypt data.

8. When would a PC repair person want to deploy the idle timeout feature?

when users are inserting media and running applications not sanctioned by the company

when users are leaving their desk but remaining logged on *

when users are playing music CDs and leaving them playing even after the users have left for the day

when users are surfing the Internet and not doing their job

Explanation: The idle timeout and screen lock feature is a great security measure that protects the computer and data accessible through it if the user steps away from the desk for a specified period of time and forgets to lock the computer or log off.

9. Which type of firewall serves as a relay between users and servers on the Internet, inspects all traffic, and allows or denies traffic based on a set of rules?

packet filtering firewall

stateful packet firewall

proxy firewall *

operating system firewall

Explanation: There are several types of firewall configurations:

Packet filter– Packets cannot pass through the firewall, unless they match the established rule set configured in the firewall. Traffic can be filtered based on different attributes, such as source IP address, source port or destination IP address or port.

Stateful packet inspection (SPI)– This is a firewall that keeps track of the state of network connections traveling through the firewall. Packets that are not part of a known connection are dropped.

Application layer– All packets traveling to or from an application are intercepted. All unwanted outside traffic is prevented from reaching protected devices.

Proxy– This is a firewall installed on a proxy server that inspects all traffic and allows or denies packets based on configured rules. A proxy server is a server that is a relay between a client and a destination server on the Internet.

10. What would cause a Microsoft Windows update to fail?

The wired or wireless NIC was disabled.

The computer has a virus.

The computer has had its security breached.

A required prior update was not installed. *

Explanation: Two things commonly cause a Windows update to fail: 1. A required older update was not installed. 2. There was a problem with the downloaded update.

11. A user calls the help desk reporting that a laptop is not performing as expected. Upon checking the laptop, a technician notices that some system files have been renamed and file permissions have changed. What could cause these problems?

The file system is corrupted.

The laptop is infected by a virus. *

The display driver is corrupted.

The file system has been encrypted.

Explanation: Problems of system files being renamed and file permissions being changed without user knowledge are most likely caused by a virus. File system corruption would make the directory and files inaccessible. A corrupted display driver would prevent the laptop from displaying at all or it would display only VGA resolution.

12. How can users working on a shared computer keep their personal browsing history hidden from other workers that may use this computer?

Reboot the computer after closing the web browser.

Operate the web browser in private browser mode. *

Use only an encrypted connection to access websites.

Move any downloaded files to the recycle bin.

Explanation: When a computer user browses the web in private mode, the following occurs:Cookies are disabled. Temporary Internet files are removed after closing the window. Browsing history is removed after closing the window.

13. A retail store wants to secure laptops that are on display. The store manager also wants a record of which employees enter the backroom where inventory is kept. Which security option would work best for this situation?

guards and log sheets

security cameras and only the manager having access to the backroom

cable locks and a token-based lock on the backroom *

a condition that laptops are viewed one at a time and only the owner has a key to the backroom

Explanation: Retail solutions have to be flexible for both customers and employees. Physical security products are available to provide a solution such as using cable locks to secure equipment and an electronic lock that records activity on a door.

14. Refer to the exhibit.

It-essentials v7 Chapter 13 Exam q14

It-essentials v7 Chapter 13 Exam Answers q14

The security policy of an organization allows employees to connect to the office intranet from their homes. Which type of security policy is this?

acceptable use

incident handling

network maintenance

remote access *

Explanation: The remote access policy section of a corporate security policy identifies how remote users can access a network and what is accessible via remote connectivity.

15. A user notices that files created and saved locally last week are missing and asks the technician to investigate. The technician suspects there has been a security breach. Which type of malware could be responsible?




Trojan *

Explanation: Trojans can enable unauthorized remote access, provide the attacker with data, corrupt or delete files, use the computer as a source for other attacks, enable unauthorized services, and stop antimalware software.

16. A group of users on the same network are all complaining about their computers running slowly. After investigating, the technician determines that these computers are part of a zombie network. Which type of malware is used to control these computers?

botnet *




Explanation: A botnet is a network of infected computers called a zombie network. The computers are controlled by a hacker and are used to attack other computers or to steal data.

17. What are signatures as they relate to security threats?

a unique encryption code used by a known attacker

one or more code patterns within a specific type of malware *

the beginning or end of a malware segment that has a specific cyclic redundancy check number

the checksum associated with each specific type of malware that is stored in a virus table

Explanation: Antimalware software analyzes code patterns within malware to create signatures that are stored in virus definition tables. Antimalware signature files are constantly being updated because malware is constantly morphing into new strands.

18. A college student logs onto a college computer for the first time. Which security policy category should be presented to the student?

acceptable use policies *

identification and authentication policies

incident handling policies

network maintenance policies

Explanation: The acceptable use policies section of a security policy commonly identifies network resources and usages that are acceptable to the organization. They might also state the ramifications that can occur if this security policy is violated.

19. A technician is preparing to encrypt a corporate drive by using Microsoft BitLocker. Which BIOS option will the technician need to enable?





Explanation: A Trusted Platform Module (TPM) is a motherboard chip used to store security information such as encryption keys, security certificates, and passwords. It is required to be enabled before implementing BitLocker.

20. Which security technique or device wipes the data from a hard drive by being placed near the drive platter for at least 2 minutes?

degaussing wand *


low-level format

biometric scanner

erase scope

Explanation: A degaussing wand requires being placed over hard drive platters for a couple of minutes, whereas an electromagnetic degaussing device can wipe all data in seconds.

21. Refer to the exhibit.

It-essentials v7 Chapter 13 Exam q21

It-essentials v7 Chapter 13 Exam Answers q21

Which type of workstation password is being used?






Explanation: A BIOS password is configured by entering the BIOS Setup program.

22. A customer uses Internet Explorer and Microsoft Edge as browsers on the computer. The customer asks the technician how to configure the computer to detect and filter phishing websites, to analyze websites for suspicious items, and to check downloads against a list of known malicious files and sites. Which web security feature should the technician demonstrate?

ActiveX Filter



SmartScreen Filter *

Explanation: In Internet Explorer, use the Tools option to enable. In Microsoft Edge, use the three dotted icon to select Settings > View advanced settings to turn the Help protect me from malicious sites and downloads with Windows Defender SmartScreen option on.

23. A SOHO company has hired a technician to come in and configure and secure the computers. The technician has decided to configure a local security policy for the machines. Which setting would the technician use to ensure that the user did not make their password the same as their own user account name?

enforce password history

maximum password age

minimum password length

meet complexity requirements *

Explanation: The Password must meet complexity requirements option requires that the user not make their own user account name or part of their user account name as their password. This option also requires that the password have at least three of the following: uppercase letter, lowercase letter, number, and symbol.

24. A technician is configuring rights and permissions in Windows 7. Which tool will the technician use?

Device Manager

Local Security Policy

Local Users and Groups *

Resource Monitor

Explanation: Within the Local Users and Groups tool, a technician can create users, create groups, and assign rights and permissions.

25. An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task?

Computer Management


Local Security Policy

Windows Defender Firewall with Advanced Security *

Explanation: Windows Firewall with Advanced Security or the Windows 10 Windows Defender Firewall with Advanced Security is used to create inbound and outbound rules, connection security rules such as security traffic between two computers, and monitoring any active connection security rules.

26. A newly created company has fifteen Windows 10 computers that need to be installed before the company can open for business. What is a best practice that the technician should implement when configuring the Windows Firewall?

The technician should remove all default firewall rules and selectively deny traffic from reaching the company network.

The technician should enable the Windows Firewall for inbound traffic and install other firewall software for outbound traffic control.

After implementing third party security software for the company, the technician should verify that the Windows Firewall is disabled. *

The technician should create instructions for corporate users on how to allow an app through the WIndows Firewall using the Administrator account.

Explanation: Only disable Windows Firewall if other firewall software is installed. Use the Windows Firewall (Windows 7 or 8) or the Windows Defender Firewall (Windows 10) Control Panel to enable or disable the Windows Firewall.

27. Which two statements characterize wireless network security? (Choose two.)

Wireless networks offer the same security features as wired networks offer.

Wireless guest mode provides open access to a protected LAN.

With SSID broadcast disabled, an attacker must know the SSID to connect. *

Using the default IP address on an access point makes hacking easier. *

An attacker needs physical access to at least one network device to launch an attack.

Explanation: The default settings on a wireless network usually include an SSID that is being broadcast as well as default IP address settings. These default settings are considered insecure because with them an attacker can easily see a wireless network and attempt to connect to it and make changes to the network.

28. A manager approaches a PC repair person with the issue that users are coming in to the company in the middle of the night to play games on their computers. What might the PC repair person do to help in this situation?

Limit the login times. *

Use Event View to document the times logged in and out of the computer.

Use Device Manager to limit access to the computer.

Enable power on passwords in the BIOS.

Explanation: The technician can limit the time logins can occur on a computer. Using Event Viewer to determine the login times is an action that does not prevent the users from logging into the computer. Power on BIOS passwords are not usually configured for a specific time. Device Manager is used to view settings and operation of devices, not users.

29. A technician has been asked by a manager to recommend a security solution for protecting a computer against worms. Which security technique should the technician recommend?

antimalware *


ping sweep


30. A technician has been asked by a manager to recommend a security solution for protecting a computer against ransomware. Which security technique should the technician recommend?

antimalware *


ping sweep


31. A technician has been asked by a manager to recommend a security solution for protecting a computer against spyware. Which security technique should the technician recommend?

antimalware *

dual authentication

ping sweep


32. A technician has been asked by a manager to recommend a security solution for protecting a computer against keyloggers. Which security technique should the technician recommend?

antimalware *


ping sweep


33. A technician has been asked by a manager to recommend a security solution for protecting a computer against adware programs. Which security technique should the technician recommend?

antimalware *


ping sweep


34. A technician has been asked by a manager to recommend a security solution for protecting a computer against rootkits. Which security technique should the technician recommend?

antimalware *

ping sweep

dual authentication


35. A technician has been asked by a manager to recommend a security solution for protecting a computer against Trojans. Which security technique should the technician recommend?

antimalware *

port scan

dual authentication



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.