CCNA Itf Security Questions

23 of 98 questions · Page 2/2 · Itf Security topic · Answers revealed

76
MCQeasy

Which of the following is an example of a physical security control?

A.Password policy
B.Antivirus software
C.Biometric door lock
AnswerC

A biometric door lock physically restricts access to a room.

Why this answer

Physical security controls include measures like locks, guards, and biometric scanners to protect physical assets.

77
MCQhard

An attacker gains physical access to a building by following an employee through a secured door without using a badge. This is an example of which social engineering technique?

A.Phishing
B.Baiting
C.Pretexting
D.Tailgating
AnswerD

Following someone through a door without authorization.

Why this answer

Tailgating (also called piggybacking) is when an unauthorized person follows an authorized person into a restricted area.

78
MCQmedium

What is the primary purpose of a firewall?

A.To encrypt data on the hard drive
B.To detect and remove viruses
C.To prevent unauthorized network access
D.To manage user passwords
AnswerC

Firewalls block unauthorized traffic.

Why this answer

A firewall controls incoming and outgoing network traffic based on predetermined security rules. It filters traffic by port, protocol, or IP address to block unauthorized access.

79
MCQmedium

Which type of malware attaches to legitimate files and spreads when those files are executed?

A.Ransomware
B.Virus
C.Worm
D.Trojan
AnswerB

Correct. A virus attaches to files and spreads when executed.

Why this answer

A virus attaches itself to files or programs and replicates when the infected file is executed. Worms spread without a host file; trojans disguise as legitimate software.

80
Multi-Selecteasy

Which TWO of the following are characteristics of a strong password? (Select TWO.)

Select 2 answers
A.Includes uppercase letters, numbers, and symbols
B.Uses a common dictionary word
C.At least 12 characters long
D.Based on your birth date
E.Contains only lowercase letters
AnswersA, C

Complexity from character variety strengthens the password.

Why this answer

A strong password is at least 12 characters and includes a mix of character types. Using common words or personal information weakens the password.

81
Multi-Selecthard

A user receives a suspicious email with an attachment claiming to be an invoice. Which three practices should the user follow? (Select THREE.)

Select 3 answers
A.Do not download unexpected attachments
B.Verify the sender's email address carefully
C.Forward the email to all employees for awareness
D.Hover over any links to see the actual URL before clicking
E.Download and open the attachment to check its content
AnswersA, B, D

Correct. Unexpected attachments may contain malware.

Why this answer

Verify the sender, avoid downloading unexpected attachments, and hover over links to check URL. Forwarding to all users spreads potential risk.

82
MCQhard

A company implements a policy where employees must swipe their ID card and then enter a PIN to access the server room. Which two authentication factors are being used?

A.Something you know and something you are
B.Something you have and something you are
C.Something you have and something you know
D.Something you know and somewhere you are
AnswerC

Correct. ID card is something you have; PIN is something you know.

Why this answer

The ID card is 'something you have' (possession factor) and the PIN is 'something you know' (knowledge factor). This is multi-factor authentication.

83
Multi-Selecthard

A company's IT policy mandates data backups following the 3-2-1 rule. Which THREE of the following practices align with this rule?

Select 3 answers
A.Keeping one backup on the same external drive as the original
B.Having the original data on a server, a backup on a tape, and another backup on a separate cloud
C.Having a local backup on a NAS and a remote backup on a different cloud provider
D.Storing one backup in a cloud storage service
E.Using two different external hard drives for backups, both kept in the same building
AnswersB, C, D

Three copies on two media types (server/cloud and tape) with one offsite.

Why this answer

The 3-2-1 rule means: at least 3 copies of data, on 2 different media types, with 1 copy offsite.

84
MCQeasy

What is the primary purpose of a password manager?

A.To generate and store strong, unique passwords
B.To store passwords in the cloud
C.To share passwords with others
D.To bypass authentication
AnswerA

Correct. Password managers create and manage complex passwords.

Why this answer

Password managers generate and store strong, unique passwords for each account, reducing password reuse.

85
MCQmedium

An organization wants to ensure that employees only have access to the data necessary to perform their job functions. Which principle should be applied?

A.Defense in depth
B.Separation of duties
C.Mandatory access control
D.Least privilege
AnswerD

Users get minimum necessary permissions.

Why this answer

The principle of least privilege grants users only the permissions they need to do their work, minimizing potential damage.

86
MCQmedium

An employee receives an email that appears to be from the CEO, urgently requesting a wire transfer to an external vendor. The email address looks slightly off. Which type of social engineering attack is this?

A.Pretexting
B.Spear phishing
C.Phishing
D.Vishing
AnswerB

Spear phishing targets a specific person or organization with a tailored message.

Why this answer

This is a phishing attack, specifically spear phishing because it targets a specific individual (the employee) and impersonates the CEO to steal money.

87
Multi-Selectmedium

Which TWO of the following are examples of multi-factor authentication? (Choose TWO.)

Select 2 answers
A.Password and a security question
B.Username and password
C.Smart card and a PIN
D.Two different passwords
E.Password and a fingerprint scan
AnswersC, E

Smart card (possession) and PIN (knowledge) are two different factors.

Why this answer

MFA requires two or more factors from different categories. A password plus a fingerprint combines knowledge (password) and inherence (fingerprint). A smart card plus a PIN combines possession (card) and knowledge (PIN).

88
MCQmedium

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The user notices the sender's email address is slightly misspelled. Which type of threat is this?

A.Rootkit
B.Phishing
C.Tailgating
D.Ransomware
AnswerB

Correct. The email is a phishing attempt to steal credentials.

Why this answer

Phishing is a social engineering attack where attackers send fraudulent emails to steal sensitive information.

89
Multi-Selecteasy

Which TWO of the following are types of malware? (Select TWO)

Select 2 answers
B.Ransomware
C.Encryption
D.Phishing
E.Spyware
AnswersB, E

Correct. Ransomware is malware that encrypts files for ransom.

Why this answer

Ransomware and spyware are both types of malware. A firewall is a security tool, encryption is a protection method, and phishing is a social engineering attack.

90
Multi-Selectmedium

A user wants to protect their laptop in case it is stolen. Which THREE of the following measures would help protect the confidentiality of the data?

Select 2 answers
A.A strong password set in the BIOS
B.Full disk encryption
C.Using a VPN when connected to public Wi-Fi
D.Using a strong password for the user account
E.Enabling the screen lock with a password
AnswersB, D

Encryption renders data unreadable without the key.

Why this answer

Confidentiality measures prevent unauthorized access to data.

91
MCQmedium

A company wants to ensure that data on lost laptops cannot be accessed. Which technology should be used?

A.VPN
C.Full disk encryption
D.Antivirus software
AnswerC

Correct. Full disk encryption protects data at rest.

Why this answer

Full disk encryption (e.g., BitLocker) encrypts the entire drive, making data unreadable without the key.

92
Multi-Selectmedium

A help desk technician receives a call from a user who says their computer is showing a message that files are encrypted and a ransom is demanded. Which TWO types of malware are most likely involved?

Select 2 answers
A.Spyware
B.Trojan
C.Ransomware
D.Adware
E.Rootkit
AnswersB, C

Ransomware is often delivered as a trojan.

Why this answer

Ransomware encrypts files for ransom. It is often delivered via a trojan (disguised as legitimate software) that the user inadvertently runs. The other options are incorrect: adware shows ads, spyware collects info, rootkit hides.

93
MCQmedium

A user downloads a free game from an untrusted website. After installation, the user's computer begins displaying pop-up advertisements frequently. Which type of malware is most likely installed?

A.Ransomware
B.Adware
C.Rootkit
D.Spyware
AnswerB

Adware shows pop-up ads.

Why this answer

Adware displays unwanted advertisements, often bundled with free software.

94
MCQmedium

An employee is tailgated into a secure office building by someone without a badge. Which type of security threat does this represent?

A.Phishing
B.Tailgating
C.Baiting
D.Pretexting
AnswerB

Correct: tailgating is when someone follows an authorized person without credentials.

Why this answer

Tailgating (or piggybacking) is a physical social engineering attack where an unauthorized person follows an authorized person into a restricted area.

95
MCQeasy

What is the primary purpose of a password manager?

A.To store passwords in an encrypted vault and generate complex passwords
B.To share passwords with other users securely
C.To automatically log in to websites without typing a password
D.To recover forgotten passwords quickly
AnswerA

Correct. Secure storage and generation are key.

Why this answer

A password manager securely stores and generates strong, unique passwords for each account, reducing password reuse and improving security.

96
MCQhard

An organization implements a security policy where users must provide a password and a one-time code generated by a mobile app to log in. Which type of authentication is being used?

B.Biometric authentication
C.Token-based authentication
D.Single-factor authentication
AnswerA

Two factors are used: password (knowledge) and code from device (possession).

Why this answer

Multi-factor authentication requires two or more factors from different categories: something you know (password), something you have (smartphone app generating a code), and something you are (biometric).

97
MCQhard

A security analyst is explaining the CIA triad to new employees. Which scenario best illustrates a breach of integrity?

A.An employee accidentally deletes a critical file
B.An attacker modifies financial records in a database without authorization
C.An attacker steals customer credit card numbers from a database
D.A denial-of-service attack makes a website unavailable
AnswerB

Correct: unauthorized modification is a breach of integrity.

Why this answer

Integrity means data is not altered without authorization. An unauthorized modification breaches integrity, even if the system remains available and confidential.

98
Multi-Selecthard

An organization is implementing a defense-in-depth strategy. Which THREE of the following are considered security controls that can be used? (Choose THREE.)

Select 3 answers
B.Antivirus software
C.Single sign-on
D.Encryption
E.Acceptable use policy
AnswersA, B, D

A firewall is a network security control that filters traffic.

Why this answer

Defense-in-depth uses multiple layers of security controls. Firewalls, antivirus, and encryption are different types of controls that provide overlapping protection.

← PreviousPage 2 of 2 · 98 questions total

Ready to test yourself?

Try a timed practice session using only Itf Security questions.