A technician is troubleshooting a Windows 10 computer where the user cannot install a legitimate browser extension because the browser displays a warning that extensions from this source are not allowed. What setting is likely blocking the installation?
A company policy requires that all web traffic from employee computers be filtered to block known malicious sites. You need to implement this without installing client software on each machine. Which approach should you use?
A user receives an email with a link that appears to be from their bank, asking them to verify their account. The link leads to a page that looks exactly like the bank's login page. What type of attack is this?
During a security incident response, you discover that a user's browser has a rogue extension that exfiltrates data to a remote server. The extension was installed after the user clicked a fake update prompt on a website. What vulnerability was exploited?
A user reports that their web browser frequently redirects to an unfamiliar search engine and displays pop-up ads even when no tabs are open. What is the most likely cause of this behavior?
During a security audit, you find that a user's browser has an outdated version of Adobe Flash Player installed. What is the primary security risk associated with this finding?
A technician is configuring a shared kiosk computer in a library. The requirement is that users must not be able to download files or install software. Which browser security setting should be configured?
A small business owner asks you to configure their office computers so that employees cannot install unauthorized browser extensions. Which policy setting should you implement?
A customer reports that their browser shows a 'Your connection is not private' warning when visiting their online banking site, but other websites work fine. What is the most likely cause?
A user calls the help desk complaining that their browser homepage keeps changing to a site they did not set, and they cannot change it back. You remotely check and find no malware. What is the most likely cause?
A user reports that their browser crashes every time they visit a particular website. Other websites work fine. The technician tries the same website on another computer and it works normally. What is the most likely cause on the user's computer?
A user reports that after installing a free PDF converter from an advertisement, their browser homepage changed and they see constant pop-ups for antivirus software. A malware scan found PUPs (Potentially Unwanted Programs). What is the best next step to fully remove the unwanted software and restore browser settings?
A technician is investigating a security incident where a user's credentials were stolen. The user says they only logged into their email from a coffee shop Wi-Fi. The technician notices that the browser was not using HTTPS for the login page. What is the most likely attack method used?
A user's browser is displaying a warning that the website's certificate is not trusted, even though the URL is correct. The technician checks the date and time on the computer and finds it is set to 2019. What is the most likely cause of the certificate warning?
A customer says that when they click a link in an email, it opens a website that looks exactly like their bank's login page, but the URL starts with 'http://' instead of 'https://'. What is the most likely security concern?
A technician is configuring a kiosk computer that will be used by the public to access a specific website. The technician wants to prevent users from navigating to other sites or changing browser settings. Which browser feature should be enabled?
A technician is tasked with securing a legacy web application that only supports HTTP, not HTTPS. The application is critical for internal operations but must be accessible remotely. What is the best way to secure the traffic without modifying the application?
During a software deployment, a technician needs to ensure that a new web application can run in a sandboxed environment to prevent it from accessing other system resources. Which browser feature should be configured?
A user reports that their browser frequently redirects to a search page they never set, and they see unfamiliar toolbars. After running a malware scan that found nothing, what should the technician do next to resolve the issue?
A small business owner wants to ensure that employees cannot install browser extensions or add-ons without administrator approval. Which method should the technician use to enforce this restriction across all company computers?
A technician is troubleshooting a computer that has been infected with ransomware. The ransomware encrypted files and left a note demanding payment. After removing the malware, what is the most important step to prevent future infections?
A company uses a web application for internal communication. A security audit reveals that the application is vulnerable to cross-site scripting (XSS). Which browser security feature can help mitigate the risk for users while the application is being patched?
A user calls the help desk saying that every time they click a link in an email, their browser opens a page that says 'Your computer is infected! Call this number.' They are unable to close the page normally. What type of attack is this, and what is the first step you should take?
A user reports that their browser frequently redirects to a different search engine, and a new toolbar has appeared. After checking the browser settings, you find the homepage has been changed and there are unknown extensions enabled. What is the most likely cause of this issue?
A company policy requires that all web traffic be filtered to block known malicious sites. You need to implement this on the network without installing software on each client. What should you configure?
A small business owner wants to ensure that employees cannot install unauthorized browser extensions on company-managed Windows 10 computers. Which method should you use to enforce this restriction?
During a security audit, you discover that a user's browser has multiple pop-up windows appearing, even when no websites are open. The user denies installing any software. Which tool should you use to identify and remove the underlying cause?
A user's browser is infected with a malicious extension that steals credentials. The extension was installed via a drive-by download from a compromised website. After removing the extension, what additional step should you take to ensure the credentials are not compromised?
A user reports that their browser displays a warning saying 'Your connection is not private' when visiting a frequently used banking site. After checking, you see the certificate error is for a different domain. What is the most likely cause?
You are configuring a new Windows 10 computer for a user who frequently downloads files from the internet. To reduce the risk of malware, you want to block the execution of downloaded files from the internet until they are scanned by antivirus. Which Windows feature should you enable?
More Browser and Application Security questions available in the full practice test.