UJIAN KUIS SEMESTER GASAL TAHUN AKADEMIK 2019/2020

Mata Kuliah/SKS : PTI Hari/Tgl. : Selasa / 3-12-2019

Jurusan/Smt/Kelas : TI/1/S-1 Waktu : 90.00-11.00 WIB
Dosen : Drs. Suhaeri, MT. Sifat : Open

Pilihan Ganda
NAMA : CLARISSA PUTRI AURELLIA
KELAS : A
NPM : 1402019026

1. Which two items are used in asymmetric encryption?

A. a token
B. a DES key
C. a private key and a public key
D. a TPM

Explanation:
A token is something that is used to provide two-factor authentication. DES is using
an identical key to encrypt and decrypt. Asymmetric encryption uses a private key
associated with a public key.

2. Which two algorithms are used for hash encoding to guarantee the integrity of data?

A. MD5 and SHA

B. chap checksum
C. VPN
D. SSL

Explanation:
A token is something that is used to provide two-factor authentication. DES is using
an identical key to encrypt and decrypt. Asymmetric encryption uses a private key
associated with a public key.

3. A user receives a phone call from a person who claims to represent IT services and then
asks that user for confirmation of username and password for auditing purposes. Which
security threat does this phone call represent?

A. DDoS
B. spam
C. social engineering
1
 D. anonymous keylogging

Explanation:
Social engineering attempts to gain the confidence of an employee and convince that
person to divulge confidential and sensitive information, such as usernames and
passwords. DDoS attacks, spam, and keylogging are all examples of software based
security threats, not social engineering.

4. The IT department is reporting that a company web server is receiving an abnormally high
number of web page requests from different locations simultaneously. Which type of security
attack is occurring?

A. adware
B. DDoS
C. phishing
D. social engineering
E. spyware

Explanation:
Phishing, spyware, and social engineering are security attacks that collect network
and user information. Adware consists, typically, of annoying popup windows. Unlike
a DDoS attack, none of these attacks generate large amounts of data traffic that can
restric

5. After confirming the removal of a virus from a computer, how should the technician ensure
and verify the full functionality of the system?

A. Check for the latest OS patches and updates.

B. Document the problem and the procedures performed to solve it.
C. Talk with the user to determine the cause of the problem.
D. Gather information from a number of sources to clearly identify the problem.

Explanation:
After resolving a computer problem, the next step is to verify full functionality by
ensuring that the OS is up to date and by testing the operation of the computer and the
network that it is connected to. Documenting the issue and solution is the final step,
whereas gathering information from the user and other sources are earlier steps in the
troubleshooting process.

6. When would a PC repair person want to deploy the idle timeout feature?

A. when users are inserting media and running applications not sanctioned by the
company
2
 B. when users are leaving their desk but remaining logged on
C. when users are playing music CDs and leaving them playing even after the users have
left for the day
D. when users are surfing the Internet and not doing their job

Explanation:
The idle timeout and screen lock feature is a great security measure that protects the
computer and data accessible through it if the user steps away from the desk for a
specified period of time and forgets to lock the computer or log off.

7. Which type of firewall serves as a relay between users and servers on the Internet, inspects
all traffic, and allows or denies traffic based on a set of rules?

A. packet filtering firewall

B. stateful packet firewall
C. proxy firewall
D. operating system firewall

Explanation:

There are several types of firewall configurations:

 Packet filter – Packets cannot pass through the firewall, unless they match the
established rule set configured in the firewall. Traffic can be filtered based on
different attributes, such as source IP address, source port or destination IP address or
port.
 Stateful packet inspection (SPI) – This is a firewall that keeps track of the state of
network connections traveling through the firewall. Packets that are not part of a
known connection are dropped.
 Application layer – All packets traveling to or from an application are intercepted.
All unwanted outside traffic is prevented from reaching protected devices.
 Proxy – This is a firewall installed on a proxy server that inspects all traffic and
allows or denies packets based on configured rules. A proxy server is a server that is a
relay between a client and a destination server on the Internet.

8. What would cause a Microsoft Windows update to fail?

A. The wired or wireless NIC was disabled.

B. The computer has a virus.
C. The computer has had its security breached.
D. A required prior update was not installed.

Explanation:

3
Two things commonly cause a Windows update to fail:

1. A required older update was not installed.

2. There was a problem with the downloaded update.

9. A user calls the help desk reporting that a laptop is not performing as expected. Upon
checking the laptop, a technician notices that some system files have been renamed and file
permissions have changed. What could cause these problems?

A. The file system is corrupted.

B. The laptop is infected by a virus.
C. The display driver is corrupted.
D. The file system has been encrypted.

Explanation:
Problems of system files being renamed and file permissions being changed without
user knowledge are most likely caused by a virus. File system corruption would make
the directory and files inaccessible. A corrupted display driver would prevent the
laptop from displaying at all or it would display only VGA resolution.

10. How can users working on a shared computer keep their personal browsing history
hidden from other workers that may use this computer?

A. Reboot the computer after closing the web browser.

B. Operate the web browser in private browser mode.
C. Use only an encrypted connection to access websites.
D. Move any downloaded files to the recycle bin.

Explanation:
When a computer user browses the web in private mode, the following
occurs:Cookies are disabled.
Temporary Internet files are removed after closing the window.
Browsing history is removed after closing the window.

11. Refer to the exhibit. The security policy of an organization allows employees to connect
to the office intranet from their homes. Which type of security policy is this?

A. acceptable use
B. incident handling
C. network maintenance
D. remote access

Explanation:
4
 The remote access policy section of a corporate security policy identifies how remote
users can access a network and what is accessible via remote connectivity.

12. A user notices that files created and saved locally last week are missing and asks the
technician to investigate. The technician suspects there has been a security breach. Which
type of malware could be responsible?

A. adware
B. phishing
C. spyware
D. Trojan

Explanation:
Trojans can enable unauthorized remote access, provide the attacker with data,
corrupt or delete files, use the computer as a source for other attacks, enable
unauthorized services, and stop antimalware software.

13. A group of users on the same network are all complaining about their computers running
slowly. After investigating, the technician determines that these computers are part of a
zombie network. Which type of malware is used to control these computers?

A. botnet
B. rootkit
C. spyware
D. virus

Explanation:
A botnet is a network of infected computers called a zombie network. The computers
are controlled by a hacker and are used to attack other computers or to steal data.

ANSWER : A

14. What are signatures as they relate to security threats?

A. a unique encryption code used by a known attacker

B. one or more code patterns within a specific type of malware
C. the beginning or end of a malware segment that has a specific cyclic redundancy
check number
D. the checksum associated with each specific type of malware that is stored in a virus
table

Explanation:

5
 Antimalware software analyzes code patterns within malware to create signatures that
are stored in virus definition tables. Antimalware signature files are constantly being
updated because malware is constantly morphing into new strands.

15. A college student logs onto a college computer for the first time. Which security policy
category should be presented to the student?

A. acceptable use policies

B. identification and authentication policies
C. incident handling policies
D. network maintenance policies

Explanation:
The acceptable use policies section of a security policy commonly identifies network
resources and usages that are acceptable to the organization. They might also state the
ramifications that can occur if this security policy is violated.

16. A technician is preparing to encrypt a corporate drive by using Microsoft BitLocker.

Which BIOS option will the technician need to enable?

A. NTFS
B. SSL
C. TPM
D. EFS

Explanation:
A Trusted Platform Module (TPM) is a motherboard chip used to store security
information such as encryption keys, security certificates, and passwords. It is
required to be enabled before implementing BitLocker.

17. Refer to the exhibit. Which type of workstation password is being used?

A. BIOS
B. login
C. multifactor
D. network
E. synchronous

Explanation:
A BIOS password is configured by entering the BIOS Setup program.

6
18. A SOHO company has hired a technician to come in and configure and secure the
computers. The technician has decided to configure a local security policy for the machines.
Which setting would the technician use to ensure that the user did not make their password
the same as their own user account name?

A. enforce password history

B. maximum password age
C. minimum password length
D. meet complexity requirements

Explanation:
The Password must meet complexity requirements option requires that the user not
make their own user account name or part of their user account name as their
password. This option also requires that the password have at least three of the
following: uppercase letter, lowercase letter, number, and symbol.

19. A technician is configuring rights and permissions in Windows 7. Which tool will the
technician use?

A. Device Manager
B. Local Security Policy
C. Local Users and Groups
D. Resource Monitor

Explanation:
Within the Local Users and Groups tool, a technician can create users, create groups,
and assign rights and permissions.

20. A newly created company has fifteen Windows 10 computers that need to be installed
before the company can open for business. What is a best practice that the technician should
implement when configuring the Windows Firewall?

A. The technician should remove all default firewall rules and selectively deny traffic
from reaching the company network.
B. The technician should enable the Windows Firewall for inbound traffic and install
other firewall software for outbound traffic control.
C. After implementing third party security software for the company, the technician
should verify that the Windows Firewall is disabled.
D. The technician should create instructions for corporate users on how to allow an app
through the WIndows Firewall using the Administrator account.

Explanation:
Only disable Windows Firewall if other firewall software is installed. Use the
Windows Firewall (Windows 7 or 8) or the Windows Defender Firewall (Windows
10) Control Panel to enable or disable the Windows Firewall.
7
21. A manager approaches a PC repair person with the issue that users are coming in to the
company in the middle of the night to play games on their computers. What might the PC
repair person do to help in this situation?

A. Limit the login times.

B. Use Event View to document the times logged in and out of the computer.
C. Use Device Manager to limit access to the computer.
D. Enable power on passwords in the BIOS.

Explanation:
The technician can limit the time logins can occur on a computer. Using Event
Viewer to determine the login times is an action that does not prevent the users from
logging into the computer. Power on BIOS passwords are not usually configured for a
specific time. Device Manager is used to view settings and operation of devices, not
users.

22. A technician has been asked by a manager to recommend a security solution for
protecting a computer against worms. Which security technique should the technician
recommend?

A. antimalware
B. SSL
C. ping sweep
D. IPS

Explanation:

Antimalware (anti-malware) is a type of software program designed to prevent, detect

and remove malicious software (malware) on IT systems, as well as individual
computing devices.

23. A technician has been asked by a manager to recommend a security solution for
protecting a computer against spyware. Which security technique should the technician
recommend?

A. antimalware
B. dual authentication
C. ping sweep
D. IPS

Explanation:
Antimalware (anti-malware) is a type of software program designed to prevent, detect
and remove malicious software (malware) on IT systems, as well as individual
computing devices.

8
24. A technician has been asked by a manager to recommend a security solution for
protecting a computer against Trojans. Which security technique should the technician
recommend?

A. antimalware
B. port scan
C. dual authentication
D. ASA

Explanation:
Antimalware (anti-malware) is a type of software program designed to prevent, detect
and remove malicious software (malware) on IT systems, as well as individual
computing devices.