OS Chapter 26 Answers

Chapter 26 Review Solutions

Key Term Quiz

1.      Mary’s company routinely labels data according to its sensitivity or potential danger to the company if someone outside accesses the data. This is an example of data classification.

2.      A(n) Trojan masquerades as a legitimate program, yet does something different than what is expected when executed.

3.      Antivirus software uses updatable definition files to identify a virus by its signature.

4.      Enable object access auditing to create Event Viewer entries when a specific file is accessed.

5.      Although not all unauthorized access is malicious, it can lead to data destruction.

6.      Most attacks on computer data are accomplished through social engineering.

7.      A(n) firewall protects against unauthorized access from the Internet.

8.      Challenge Handshake Authentication Protocol (CHAP) is the most common remote authentication protocol.

9.      Before making a credit card purchase on the Internet, be sure the Web site uses the Secure Sockets Layer (SSL) security protocol, which you can verify by checking for the HTTPS protocol in the address bar.

10.  A virus that changes its signature to prevent detection is called a(n) polymorph viruses.

Multiple-Choice Quiz

1.      What is the process of using or manipulating people to gain access to network resources?

A.    Cracking

B.     Hacking

C.     Network engineering

D.    Social engineering

Answer: D.

2.      Which of the following might offer good hardware authentication?

A.    Strong password

B.     Encrypted password

C.     NTFS

D.    Smart card

Answer: D.

3.      Which of the following tools would enable you to stop a user from logging on to a local machine but still enable him to log on to the domain?

A.    AD Policy

B.     Group Policy

C.     Local Security Settings

D.    User Settings

Answer: C.

4.      Which type of encryption offers the most security?

A.    MS-CHAP

B.     PAP

C.     POP3

D.    SMTP

Answer: A. MS-CHAP offers the most security of the given choices.

5.      Zander downloaded a game off the Internet and installed it, but as soon as he started to play he got a Blue Screen of Death. Upon rebooting, he discovered that his My Documents folder had been erased. What happened?

A.    He installed spyware.

B.     He installed a Trojan.

C.     He broke the Group Policy.

D.    He broke the Local Security Settings.

Answer: B. Zander clearly installed a Trojan, a virus masquerading as a game.

6.      Which of the following should Mary set up on her Wi-Fi router to make it the most secure?

A.    NTFS

B.     WEP

C.     WPA

D.    WPA2

Answer: D.

7.      A user account is a member of several groups, and the groups have conflicting rights and permissions to several network resources. The culminating permissions that ultimately affect the user’s access are referred to as what?

A.    Effective permissions

B.     Culminating rights

C.     Last rights

D.    Persistent permissions

Answer: A. Effective permissions are the result of combined permissions and determine access to resources.

8.      What is true about virus shields?

A.    They automatically scan e-mails, downloads, and running programs.

B.     They protect against spyware and adware.

C.     They are effective in stopping pop-ups.

D.    They can reduce the amount of spam by 97 percent.

Answer: A.

9.      What does Windows use to encrypt the user authentication process over a LAN?

A.    PAP

B.     MS-CHAP

C.     HTTPS

D.    Kerberos

Answer: D.

10.  Which threats are categorized as social engineering? (Select two.)

A.    Telephone scams

B.     Dumpster diving

C.     Trojans

D.    Spyware

Answer: A, B.

11.  A user calls to complain that his computer seems awfully sluggish. All he’s done so far is open his e-mail. What should the tech do first?

A.    Educate the user about the dangers of opening e-mail.

B.     Quarantine the computer so the suspected virus does not spread.

C.     Run antivirus software on the computer.

D.    Remediate the infected system.

Answer: B. Best to stop the spread of any suspected virus as soon as you see the symptoms, so quarantine all suspected systems.

12.  Which of the following are good examples of remediation? (Select two.)

A.    Boot to the Recovery Console in Windows XP and run FIXMBR or FIXBOOT to repair boot sector damage.

B.     Boot to the repair environment in Windows Vista and run System Restore.

C.     Boot to a safe environment and run antivirus software.

D.    Remove a computer suspected of having a virus from the network, effectively quarantining the computer.

Answer: A, B. Repairing damage caused by a virus is a form of remediation.

13.  Which of the following are examples of grayware? (Select two.)

A.    Adware

B.     Spyware

C.     Trojan

D.    Virus

Answer: A, B.

14.  A user calls and complains that the technician who fixed his computer removed some software he used to listen to music on the Internet. A check of approved software does not include the LimeWire application, so what should the supervisor do?

A.    Applaud the technician for proper compliance.

B.     Educate the user about the legal issues involved with music downloads.

C.     Add the LimeWire application to the approved software list and make the technician apologize and reinstall the software.

D.    Check with the user’s supervisor about adding LimeWire to the approved software list.

Answer: A. You don’t even have to know that LimeWire is a known beacon for nasty viruses to applaud the technician for proper compliance.

15.  Cindy wants to put a policy in place at her company with regard to virus prevention or at least limitation. What policies would offer the best solution?

A.    Install antivirus software on every computer. Instruct users on how to run it.

B.     Install antivirus software on every computer. Set the software up to scan regularly.

C.     Install antivirus software on every computer. Set the software up to update the definitions and engine automatically. Set the software up to scan regularly.

D.    Install antivirus software on every computer. Set the software up to update the definitions and engine automatically. Set the software up to scan regularly. Educate the users about what sites and downloads to avoid.

Answer: D.

Essay Quiz

1.      Your boss is considering getting an Internet connection for the office so employees have access to e-mail, but she is concerned about hackers getting into the company server. What can you tell your boss about safeguards you will implement to keep the server safe?

Answer: Students should discuss the use of a firewall to protect against attacks from the Internet. They should also discuss antivirus software and the importance of keeping virus definitions up to date. Some students may discuss the use of Group Policy to limit Internet usage and prevent installation of spyware.

2.      A coworker complains that he is receiving a high amount of spam on his home computer through their personal e-mail account. What advice can you give him to alleviate his junk mail?

Answer: As the coworker’s e-mail address is already “out there” and receiving spam, students should discuss the use of a spam filter on the mail server, configuration of the coworker’s e-mail client to block unwanted mail, and the installation of a third-party spam blocker. However, any third-party spam blocker should be researched first, as some produce a high quantity of false positives. As a final resort, the student might suggest that the coworker change his e-mail address and not post it online—anywhere.

3.      An intern in your IT department has asked for your help in understanding the differences between a virus, a worm, and a Trojan horse. What advice can you offer?

Answer: Students should differentiate between the three by stating that a virus is a piece of malicious software that gets passed from computer to computer and attaches itself to a legitimate program. Trojans and worms are freestanding programs that do not require a host program. Trojans disguise themselves as legitimate programs, fooling the user into executing them. Worms replicate themselves over and over, causing network overload.

4.      The boss’s assistant has been asked to purchase a new coffee machine for the break room but is nervous about shopping online with the company credit card. What can you tell her about secure online purchases?

Answer: Students should discuss the concept of encryption, explaining that data sent from the client machine can be encrypted before it is sent to the server. Without getting too technical for the boss’s assistant, students should explain that the Web address must begin with HTTPS and the site should display a locked padlock in the browser status bar or address bar to indicate SSL is being used to encrypt the credit card number and other data being sent. Last, students should discuss purchasing only from known reputable online retailers.

Cross Check: Securing Windows Resources

This is a pretty open-ended cross check. The student should know about authentication through user names and passwords and authorization through NTFS permissions. Groups are important for managing multiple users. Encryption is important, especially with a computer that might fall into the hands of a third party.

Cross Check: Proper Passwords

Make sure you and your users use strong passwords: at least eight characters in length, including letters, numbers, and punctuation symbols. Never ask a user’s password, because then you’re liable. If you’re working on a user’s computer and you know you’ll need to reboot many times, have them create a temporary administrator user account and then have them delete that account when you’re done.

Cross Check: System Recovery Options

System Restore in Windows XP differs from the Windows Vista Complete PC Restore in a couple of ways. The former is a nondestructive refresh of the operating system files and the Registry to return your PC to a working state. None of your data files get overwritten or changed. With a complete backup, you return the PC to a completely different time. All files are updated (or redated, if you’ll pardon the pun), so more recent versions of data files are gone.

Cross Check: Securing Wireless Networks

You should have WPA securing your wireless networks at the very least. WPA2 is preferred. Wireless networks at the local coffee shop generally offer no security at all, so be safe when connecting.

Comments