1. What practice nullifies any code or 11.

Which item describes a text file

scripts provided by a user? pushed to your system to log your
a. Output validation user preferences?
b. Input validation a. Brownie
c. Script nullification b. Spyware
d. Input nullification c. Cookie
2. Which type of attacks will fuzzing d. Malware
protect against? 12. Which software allows the use of
a. SQL injections virtual machines?
b. Buffer overflows a. Supervisor
c. XML attacks b. Hypervisor
d. All of the above c. VM system manager
3. What is the name of Microsoft’s d. Virtual manager
cloud storage solution? 13. Which state is data in when sending
a. Dropbox an email?
b. iCloud a. Data in motion
c. OneDrive b. Data in use
d. Google Drive c. Data at rest
4. What does anti-malware not protect d. All of the above
against? 14. Which technology allows data access
a. Trojans from the Internet?
b. Social engineering attack a. Cloud
c. Virus b. Server
d. Worm c. File Folder
5. Which technology prevents adware? d. Google Docs
a. Anti-malware software 15. What is the best location for spare
b. Anti-spam or spam filters devices and documents?
c. Anti-spyware a. On the desk
d. Pop-up blockers b. Office bulletin board
6. What is the best form of security for c. In a safe
lost or stolen mobile devices? d. In the trash
a. Device encryption 16. Where is the Trusted Platform
b. Screen lock Module (TPM) located?
c. Passwords a. Hard Drive
d. Screen protector b. Motherboard
7. Multiple virtual machines with c. USB
different operating systems can be d. On a CD
used at the same time. 17. Which areas of an organization save
a. TRUE money by using virtualization?
b. FALSE a. Physical space
c. 0 b. Hardware and computers
d. 0 c. Licenses
8. How do systems get infected with d. All of the above
malware? 18. How would an end user prevent a
a. Connecting online XSS (cross-site scripting) attack?
b. Sharing usb drives a. Use anti-malware or anti-
c. Sharing hard drives spyware programs
d. All of the above b. Input validation
9. Which type of data must be protected c. Deploy security patches based on
from unauthorized access? the signatures of malware
a. Financial d. Take password off the computer
b. Healthcare or PII 19. Which software is not a hypervisor?
c. Trade secret a. VMware
d. All of the above b. VM Fusion
10. What is the practice of testing your c. Extreme Hyperware
server to see how it responds to d. Hyper V
errors? 20. Can all removable media support
a. Fuzzing encryption?
b. Shocking a. Yes
c. Mirroring b. No
d. Eavesdropping c. 0
d. 0
21. Which technologyh allows a PC to d. After it has been deployed, you
contain multiple operating systems can always patch it with updates
that can only be used one at a time? 30. Which technology protects our email
a. Hypervisor inbox from malicious users?
b. MultiBoot a. Anti-malware software
c. System boot b. Anti-spam or spam filters
d. Safe mode c. Anti-spyware
22. Which state is data in when being d. Pop-up blockers
copied or printed? 31. Which technology will protect data
a. Data at rest in motion?
b. Data in motion a. SSL
c. Data in use b. SSH
d. All of the above c. TLS
23. Which role is responsible for d. All of the above
application patch management? 32. Which technology can be used to
a. End user erase a lost or stolen mobile device?
b. Administrator a. Device encryption
c. IT intern b. Remote wipe
d. Your office neighbor c. Remote backup
d. Police mode
33. How would an end user prevent a
24. Using Application Patch CSRF attack?
Management what step should be a. Install certain browser add-ons
taken first? b. Delete temporary files
a. Validate that patch is from the c. Keep browser updated
correct manufacturer d. All of the above
b. Test the patch 34. Which process should be used to
c. Migrate the patch to user’s remove PII from a mobile device?
computer for use a. Sterilization
d. none of the above b. Recycling
25. What should be kept in a locking c. Sanitization
cabinet? d. deletion
a. Servers 35. Which feature allows tracking a lost
b. Switches or stolen mobile device?
c. Patch panels a. GPS
d. All of the above b. STS
26. Which item must be updated c. GTS
regularly to protect against malware? d. Phone Finder 2.0
a. System drivers 36. Which control prevents unauthorized
b. Browsers use of a mobile device?
c. Anti-malware software, a. Screen saver
signatures, and definitions b. Screen lock
d. Our Social Media c. Screen protector
27. What type of firewall can be used by d. Phone case
Windows? 37. Which type of encryption works on
a. Hardware an entire hard drive?
b. Software a. Full disk
c. Host based b. Database
d. Both B and C c. Removable media
28. What should be applied to databases d. Mobile device
to ensure confidentiality? 38. Which technology prevents
a. Encryption unauthorized viewing of databases?
b. System backup a. Cloud encryption
c. System image b. Database encryption
d. Screen lock c. Mobile device
29. When is the best time to write secure d. Individual file encryption
code in application development? 39. What should be used to print
a. Don’t worry about it sensitive data?
b. The beginning a. Office printer
c. When you are over halfway b. Send it to the cloud
finished c. Use a local printer
d. None of the above