A small office's wireless network was compromised recently by an attacker who brute forced a PIN to gain access. The attacker then modified the DNS settings on the router and spread malware to the entire network.
Which of the following configurations MOST likely allowed the attack to take place? (Choose two.)
The attack described involves the brute forcing of a PIN, which is a method commonly associated with Wi-Fi Protected Setup (WPS). WPS is known to be vulnerable to brute force attacks due to its reliance on an 8-digit PIN, making it susceptible to such exploits. Additionally, the attacker was able to modify the DNS settings on the router. This level of access suggests that the router's administrative credentials were likely left at their default settings, which is a common security oversight. Therefore, the most likely configurations that allowed the attack are the use of default login credentials and having WPS enabled.
A client wants a technician to create a PC naming convention that will make the client's PCs easier to track and identify while in use.
Which of the following naming convention formats should the technician follow?
The best naming convention for making PCs easier to track and identify while in use includes the domain name, location, and asset ID. The domain name allows recognition of which domain the PC is part of, the location helps to physically identify where the PC is situated, and the asset ID uniquely identifies the device among other assets. This combination provides a comprehensive and intuitive method for tracking and identifying PCs effectively.
Which of the following provide the BEST security for a server room? (Choose two.)
The best security options for a server room would focus on controlling access and ensuring that only authorized personnel can enter. A badge reader provides a means of electronic access control, often logging entry and exit, which helps in tracking who entered the room and when. A biometric lock adds an extra layer of security by authenticating an individual's unique physical characteristics, making it harder for unauthorized persons to gain access. Together, these two methods provide a robust security solution for a server room.
Which of the following threats uses personalized information in an attempt at obtaining information?
Spear phishing is a targeted attempt to obtain sensitive information from a specific individual by using personalized information. This method involves researching the victim to make the attack more convincing and effective. Unlike general phishing which targets a large group of people, spear phishing tailors the attack to a single person or organization, increasing the credibility and likelihood of success.
A technician receives an invalid certificate error when visiting a website with port 443 enabled. Other computers on the same LAN do not exhibit this symptom.
Which of the following needs to be adjusted on the workstation to fix the issue?
When accessing secure websites, SSL/TLS certificates are used to verify the website's authenticity. These certificates are only valid within specific date ranges. If the date and time on the workstation are incorrect, the computer may see the certificate as invalid because it falls outside the certificate's validity period. This would not affect other computers on the same LAN that have the correct date and time. Therefore, adjusting the date and time on the affected workstation is likely to resolve the issue.