Answer: B. Encryption is the process of disguising a message or data in what appears to be meaningless data (cipher text) to hide and protect the sensitive data from unauthorized access. Decryption (Answer A) is the process of converting cipher text back to meaningful data. Rights management (Answer D) is a technology that allows you to store documents that can only be accessed by authorized people. Topping (Answer C) has no meaning when discussing security.

Answer: B. A digital signature is a digital code that can be attached to an electronically transmitted message that identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. A digital envelope (Answer A) is a type of security that uses two layers of encryption to protect a message. A digital certificate (Answer C) is an electronic attachment that establishes credentials when doing business or other transactions. It is issued by a certification authority (CA), Answer D. It contains your name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.

Answer: C. A digital certificate is an electronic attachment that establishes credentials when doing business or other transactions. It is issued by a certification authority (CA), Answer D. It contains your name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. A digital signature (Answer B) is a digital code that can be attached to an electronically transmitted message that identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. A digital envelope (Answer A) is a type of security that uses two layers of encryption to protect a message.

Answer: D. A certification authority (CA) issues digital certificates that contain a public key and the identity of the owner. The matching private key is not similarly made available to the public, but kept secret by the end user who generated the key pair. A digital certificate (Answer C) is an electronic attachment that establishes credentials when doing business or other transactions. A digital signature (Answer B) is a digital code that can be attached to an electronically transmitted message that identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. A digital envelope (Answer A) is a type of security that uses two layers of encryption to protect a message.

Answer: A. Symmetric cryptography uses a single key for both encryption and decryption. It is also known as secret key encryption. Asymmetric cryptography (Answer B) uses one key for encryption and another key for decryption. It is often used as part of a public-key infrastructure. A hash function (Answer C) is a one-way encryption that cannot be converted back to its original value. Digital certificates (Answer D) contain a public key but do not actually perform encryption.

Answer: B. Asymmetric cryptography uses one key for encryption and another key for decryption. It is often used as part of a public-key infrastructure. Symmetric cryptography (Answer A) uses a single key for both encryption and decryption. It is also known as secret key encryption. A hash function (Answer C) is a one-way encryption that cannot be converted back to its original value. Digital certificates (Answer D) contain a public key but do not actually perform encryption.

Answer: C. X.509 is the most widely used digital certificate. It contains information that identifies the user, as well as information about the organization that issued the certificate, including the serial number, validity period, issuer name, issuer signature, and subject/user name. X.400 (Answer A) is an email standard. X.200 (Answer B) is part of the OSI model. LDAP (Answer D) is short for Lightweight Directory Access Protocol. It is a directory service based on X.500. Active Directory is based on LDAP.

Answer: D. IPsec, short for IP Security, is a set of protocols that can be used to encrypt data that is sent over the Internet. HTTP (Answer A) is the protocol used to display web pages. A stateful firewall (Answer B) analyzes packets sent through a firewall and determines which packets are allowed back in based on previous packets. EFS (Answer C) is short for Encrypted File System (EFS). EFS is used to encrypt folders and files on an NTFS volume.

Answer: C. IPSec provides secure authentication and encryption of data and headers. IPSec can work in tunneling mode or transport mode. In tunneling mode, the data or payload and message headers are encrypted. Transport mode encrypts only the payload. Encapsulating Security Payload (Answer A) does not exist. S/MIME (Answer B) is used to encrypt email messages. Today’s version of IP is IPv4 or IPv6, not IPv2 (Answer D).

Answer: D. Digital certificates are a major security feature in the Windows 2000, Windows XP, and Windows Vista operating systems. Digital certificates are password-protected, encrypted data files that include data that identifies the transmitting system and can be used to authenticate external users to the network through Virtual Private Networks (VPNs). VPNs use message encryption and other security techniques to ensure that only authorized users can access the message as it passes through public transmission media. In particular, VPNs provide secure Internet communications by establishing encrypted data tunnels across the WAN that cannot be penetrated by others. Remote Access Service (Answer A) is used to provide centralized authentication for remote access. While Remote Access Service can be used to provide VPNs, using modems creates extremely slow links between sites. MS-CHAP (Answer B) is an authentication protocol. VoIP (Answer C), short for Voice over IP, is used to provide phone services over an IP network.

Answer: A. You need to ensure that all confidential information is removed from the hard drive. Therefore, you need to use special software that writes data throughout the entire disk and overwrites all data including data from previous files. You also can use a special magnet that will erase all data on the hard drive. In addition, you can consider destroying hard drives. The RAM and CMOS memory will not hold confidential information.

Answer: D. If a hard disk drive is not going to be reused, it should be damaged to the point where it is physically unusable—not just logically unusable. This can involve opening the outer cover of the drive and physically scarring its disk surfaces: scratching the surface with a sharp implement, hammering the disks, or pouring acid on the disk surfaces. Special software and other tools can be used to recover data from disks that have been reformatted (Answer A), files that have been deleted (Answers C), and operating systems that have been reinstalled (Answer B).

Answer: B. Of the answers available, a low-level format will redraw all of the sectors and tracks. Performing a normal format (considered a high-level format) only erases the file system, but the bits still hold data even though the file allocation table has been erased. With special software, you can still retrieve this data (Answer A). The chkdsk command (Answer C) is used to check for disk errors, not to clean a disk. The defrag command (Answer D) is used to optimize a hard drive.

Answer: B. Besides physically destroying the platters, the U.S. Department of Defense (DoD) also approves certain software packages that write all 0s, followed by writing all 1s, followed by writing all 0s on all bits of a platter for making the data unrecoverable. Performing a normal format (considered a high-level format), Answers A and D, or deleting and re-creating partitions (Answer C) will not truly erase the data on the platters.

Answer: A. A firewall is software, hardware device, or system that prevents unauthorized access to or from a private network or host. All messages or packets entering or leaving through the firewall are examined and the firewall blocks those that do not meet specified security criteria. A certificate server (Answer B) hands out digital certificates. AES (Answer C) is short for Advanced Encryption Standard. It is an encryption standard adopted by the U.S. government and is used by many encryption technologies, including WPA2 wireless encryption. EFS (Answer D) is short for Encrypted File System (EFS). EFS is used to encrypt folders and files on an NTFS volume.

Answer: A. Packet filtering can block packets based on address or by protocol (based on port number). Stateful filtering filters (Answer B) packets based on previous conversations. Stateless filtering (Answer C) technically is packet filtering, but it is not referred to as such. Signature blocking (Answer D) is a technology that blocks packets based on prerecorded signatures that identify unwanted packets.

Answer: B. Stateful filtering creates a table of incoming and outgoing packets so that it knows what conversations are taking place. If it sees that you opened an outgoing conversation with a web server, it allows that packet from the web server. If another web server tries to communicate through the stateful firewall or if a web server tries to start a new conversation at a later time, it is blocked because it is not part of the current conversation. Packet filtering (Answer A) can block packets based on address or by protocol (based on port number). Stateless filtering (Answer C) technically is packet filtering, but it is not referred to as such. Signature blocking (Answer D) is technology that blocks packets based on prerecorded signatures that identify unwanted packets.

Answer: D. Windows Firewall is a packet filtering and stateful firewall. It is included in Windows Vista and Windows XP SP2. Windows Defender (Answer A) is used to detect and block spyware. Chkdsk (Answer B) and Scandisk (Answer C) are used to find and correct disk errors.

Answer: A and C. To connect to the corporate network while at home or traveling, you should use a VPN connection with IPSec. IPSec encrypts data communicating between the computer and the corporate network. You should also use a personal firewall to protect your computer, especially when you are traveling. Using an HTTPS Captive portal (Answer B) is used to display a special web page that shows before a user can access the Internet. It is usually used for authentication, payment, or to display an acceptable use policy. Unfortunately, using an HTTPS Captive portal will not protect your computer. Using a protocol analyzer (Answer D) requires special skills and will only be useful when you are being attacked. 802.1X/PEAP (Answer E) is used for wireless authentication but does not protect you when connecting to other networks.

Answer: C. Windows XP SP2 or SP3 include a Windows firewall. If you need to communicate with a remote host, you need to tell the firewall what to allow to flow through the firewall. Because a firewall is an important tool, you should not uninstall Service Pack 3 (Answer B). Because the firewall is most likely blocking your service, stopping and restarting the service (Answer A), or rebooting the computer (Answer D) will not fix the problem.

Answer: C. Authentication is the ability to verify the identity of a user, system, or system element to make sure there is not unauthorized access. Encryption (Answer A) is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). A hash function (Answer B) is a one-way encryption that cannot be converted back to its original value. Authorization (Answer D) is the process that verifies a user or other identity can access an object or perform an action.

Answer: A. When you use a password to prove who you are, you are proving what you know, which is a username and password. A PIN (Answer B), short for Personal Identification Number, is usually used to access your bank ATM. A finger scan (Answer C), which is part of biometrics, is a form of authentication but is only used on a few computers. Smart cards (Answer D) are small cards that include a digital certificate or other unique identification to prove who you are.

Answer: A. By Microsoft’s definition, a strong password is at least seven characters and includes three of the following: uppercase letters, lowercase letters, numerals, and special characters. Password (Answer B) and HelloThere (Answer D) only have upper-and lowercase letters. John.Smith (Answer C) would be a strong password if it did not contain the user’s name.

Answer: D. Biometrics devices use physical characteristics to identify the user. Therefore, it is used for authentication. Authorization (Answer C) is the process used to verify that a user or other identity can access an object or perform an action. Accountability (Answer A) is used to audit or record actions so that they can be used to prove what was done. Certification (Answer B) is the confirmation that some standard has been achieved.

Answer: D. PIN, short for Personal Identification Number, is a password usually based on digits. Finger scan (Answer A), retina scan (Answer B), and voice recognition (Answer C) are based on who you are. These items are part of you.

Answers: A and B. You should always use a strong password so that it is more difficult to guess. By Microsoft’s definition, a strong password is at least seven characters and includes three of the following: uppercase letters, lowercase letters, numerals, and special characters. You should also change your password often—for example, every 30 to 60 days. You should not choose passwords that are easy to remember because they are easy to guess (Answer C).

Answer: A. Smart cards are used for authentication, and in this example, the smart card authenticated that the owner of the card was the one authorized to use that particular workstation. Confidentiality (Answer B) makes sure that the message or data is only seen by the people for whom it is intended. Integrity (Answer C) makes sure that the message or data is not changed. Non-repudiation (Answer D) is the ability that ensures that certain actions performed by a person on the network or on a system cannot be denied by that person (in other words, he or she cannot say that he or she did not perform those actions).

Answer: D. Biometric scanners—including facial-scanning devices, searchable databases, and supporting application programs—are getting significantly more sophisticated. The biometric authentication device most widely used with PCs is the fingerprint scanner. Some manufacturers offer miniature touchpad versions that sit on the desk and connect to the system though a cable and USB connector. Other fingerprint scanners are built into key fobs that plug directly into the USB port. Some manufacturers even build these devices into the top of the mouse. Installing a retinal scanner (Answer B) on the PC is more costly and more difficult to use than the fingerprint scanner. Employing a Shared Secret login scenario (Answer C) or employing a new encryption algorithm (Answer A) does not really make the system more secure.

Answer: B. When two or more of these access methods are included as a part of the authentication process, you are implementing a multi-factor system. Mutual authentication (Answer A) is a two-way authentication in which the user makes sure the server is also what it says it is. Biometric is a form of authentication based on who you are. It includes finger scan and retinal scan. Digital certificates (Answer D) are authentication based on something you have. The digital certificate has a public key.

Answer: B. Social engineering is a term used to describe the process of circumventing security barriers by persuading authorized users to provide passwords or other sensitive information. When someone asks for help, people often want to help because they have been in the same situation in the past or they can empathize. If an awareness program is implemented in which employees are made aware of social engineering tactics, the employees are more likely to think about them and be more suspect of an attack when someone asks for a favor. With this knowledge, an employee can make a smarter decision. The other answer options (A, C, and D) are not specifically tied to social engineering attacks.

Answer: B. Social engineering is a term used to describe the process of circumventing security barriers by persuading authorized users to provide passwords or other sensitive information. Hostile code (Answer A) is creating a time bomb, a form of malware. IP spoofing (Answer C) is an attempt to access a system or to perform phishing by modifying packets that are sent to make them look like they are coming from someplace else. In a man in the middle attack (Answer D), an attacker takes over a conversation to access a system.

Answer: D. Social engineering is a term used to describe the process of circumventing security barriers by persuading authorized users to provide passwords or other sensitive information. The only preventative measure in dealing with social engineering attacks is to educate your users and staff to never give out passwords and user IDs over the phone, via email, or to anyone who is not positively verified as being who they say they are.

Answer: C. Social engineering is a term used to describe the process of circumventing security barriers by persuading authorized users to provide passwords or other sensitive information. So when security is successfully implemented, the best method to circumvent that security is by using social engineering because most other attacks are blocked by the network security. Logical attacks (Answer A), physical attacks (Answer B), and Trojan horse attacks (Answer D) can be prevented, or at least mitigated, when network security is properly implemented and configured.

Answer: A. MAC is a strict hierarchical mode that is based on classifying data on importance and categorizing it by department. Users receive specific security clearances to access this data. You can think of it as being similar to the military’s use of secret and top secret documents. The other answers (B, C, and D) are not characteristic of MAC.

Answer: C. MAC is a strict hierarchical mode that is based on classifying data on importance and categorizing it by department. Users receive specific security clearances to access this data. You can think of it as being similar to the military’s use of secret and top secret documents. Role-Based Access Control (RBAC—Answer A) is based on being assigned to a role, which has permissions. Discretionary Access Control (DAC—Answer D) is based on owners who control access to their objects. For example, if you create a document, you own it. Because you own the document, you can specify who can access the document. Windows uses DAC. Non-Discretionary Access Control (NDAC) does not exist as an access control method.

Answer: D. Windows permits the owner of an object (such as a process, file, or folder) to manage access control at their own discretion. MAC (Answer C) is a strict hierarchical mode that is based on classifying data on importance and categorizing it by department. Users receive specific security clearances to access this data. You can think of it as being similar to the military’s use of secret and top secret documents. Role-Based Access Control (RBAC—Answer A) is based on being assigned to a role, which has permissions. Answer B, Non-Discretionary Access Control (NDAC), does not exist as an access control method.

Answer: C. Encryption is treated as a file attribute in Windows 2000, Windows XP, and Windows Vista. Therefore, to encrypt a file, you simply need to access a file’s Properties page by right-clicking on it and selecting the Properties option from the pop-up menu. Move to the Advanced Attribute window under the General tab and click the Encrypt Contents to Secure Data check box. The other answer options (A, B, and D) do not describe the correct procedure.

Answer: B. WEP (wired equivalent privacy) requires that both the wireless computer and the WAP (wireless access point) be configured with the same encryption key in order for the two to communicate. If one of the two has the wrong WEP key, communication will not be possible and the network will not be accessible. Therefore, the other answers are incorrect.

Answer: B. While WPA and WPA2 are considered secure encryption protocols for wireless networks, WPA2 provides strong data protection and network access control, and it provides government-grade security by implementing the AES encryption algorithm and 802.1x-based authentication. AES is short for Advanced Encryption Standard, which is an encryption standard adopted by the U.S. government.

Answer: D. If you disable SSID broadcasts, the access point will not show up as an available network. Therefore, novice users will not connect to the network if they do not know it exists. Implementing biometric access control (Answer B) is usually implemented on a workstation and not at the access points. Installing a firewall (Answer A) only blocks certain protocols or certain connections from occurring. Reducing the signal strength (Answer C) limits how far the radio waves can travel, but lowering signal strength might cause certain authorized users not to connect.

Answer: C. Because the Internet is the primary source for virus distribution, you should run a virus scan of your hard drives on a regular basis. Of course, you need to keep your virus scanner up to date. Disabling the use of cookies (Answer A) or certain features of the web browser (Answer B) stops you from using certain websites. Enabling a Windows firewall (Answer D) helps protect your laptop, but you most likely get more security by using a virus checker. You normally disable cookies, disable unused features, or enable a firewall once, but you need to run the anti-virus program on a regular basis. Of course, you can usually schedule the anti-virus program to run an automatic scan regularly.

Answer: B. Viruses are commonly spread through email. Therefore, if you scan all emails and their attachments, you help prevent viruses from spreading. You should not require root or administrator access (Answer A) to run programs because if you run them as root or administrator and you are affected by a virus, it can attack or spread to wherever you have access to. As administrator, you will have access to more data and systems than a standard user. Executing the execution of .vbs files (Answer C) only stops certain files from being executed through your email, but does not stop most viruses, including macro viruses. Installing a host-based IDS system (Answer D) only helps you detect intruders but does not protect against viruses.

Answer: B. Worms reproduce themselves, are self-contained, and do not need a host application to be transported. The Trojan horse program may be installed as part of an installation process. They do not reproduce or self-replicate.

Answer: D. Worms are dangerous because they can enter a system by exploiting a “hole” in an operating system. They don’t need a host or carry file, and they don’t need any user intervention to replicate by themselves. A virus (Answer A) is a program that spreads from computer to computer without your knowledge or permissions and usually does harmful damage. A Trojan horse (Answer B) is a program that enters a system or network under the guise of another program. A Trojan horse might be included as an attachment or as part of an installation program. A logic bomb (Answer C) is a special kind of virus or Trojan horse that is set to go off following a preset time interval or following a preset combination of keyboard strokes.

Answer: C. A logic bomb is a special kind of virus or Trojan horse that is set to go off following a preset time interval or following a preset combination of keyboard strokes. Some unethical advertisers use logic bombs to deliver the right pop-up advertisement following a keystroke, and some disgruntled employees set up logic bombs to go off to sabotage their company’s computers if they feel termination is imminent. A virus (Answer A) is a program that spreads from computer to computer without your knowledge or permission and usually does harmful damage. A back door (Answer B) is an opening left behind on a program that allows a user to bypass the normal security. Worms (Answer D) are dangerous because they can enter a system by exploiting a “hole” in an operating system. They don’t need a host or carry file, and they don’t need any user intervention to replicate by themselves.

Answer: D. Trojan horses can be included as an attachment or as part of an installation program. The Trojan horse can create a back door or replace a valid program during installation. The Trojan horse then accomplishes its mission under the guise of another program. Trojan horses can be used to compromise the security of your system, and can exist on a system for years before they are detected. A logic bomb (Answer B) is a special kind of virus or Trojan horse that is set to go off following a preset time interval or following a preset combination of keyboard strokes. Some unethical advertisers use logic bombs to deliver the right pop-up advertisement following a keystroke, and some disgruntled employees set up logic bombs to go off to sabotage their company’s computers if they feel termination is imminent. A virus (Answer A) is a program that spreads from computer to computer without your knowledge or permission and usually does harmful damage. Worms (Answer C) are dangerous because they can enter a system by exploiting a “hole” in an operating system. They don’t need a host or carry file, and they don’t need any user intervention to replicate by themselves.

Answer: D. A virus is a piece of software designed to infect a computer system. The virus might do nothing more than reside on the computer. But a virus might also damage the data on your hard disk, destroy your operating system, and possibly spread to other systems. A logic bomb (Answer A) is a special kind of virus or Trojan horse that is set to go off following a preset time interval or following a preset combination of keyboard strokes. Some unethical advertisers use logic bombs to deliver the right pop-up advertisement following a keystroke, and some disgruntled employees set up logic bombs to go off to sabotage their company’s computers if they feel termination is imminent. A virus (Answer D) is a program that spreads from computer to computer without your knowledge or permission and usually does harmful damage. Worms (Answer B) are dangerous because they can enter a system by exploiting a “hole” in an operating system. They don’t need a host or carry file, and they don’t need any user intervention to replicate by themselves. Trojan horses (Answer C) can be included as an attachment or as part of an installation program. The Trojan horse can create a back door or replace a valid program during installation. The Trojan horse then accomplishes its mission under the guise of another program. Trojan horses can be used to compromise the security of your system, and they can exist on a system for years before they are detected.

Answer: A and C. To best protect against viruses, you must keep your system up-to-date with the newest security patches. You should also use an up-to-date anti-virus software package. Renaming the administrator account (Answer B) and using NTFS (Answer D) will do nothing to protect against a virus.

Answer: D. Spam is economically viable because it has virtually no operating costs to send except the management of mail lists. There is more spam than legitimate email. People who create electronic spam are called spammers. Trojan horses (Answer B) can be included as an attachment or as part of an installation program. The Trojan horse can create a back door or replace a valid program during installation. The Trojan horse then accomplishes its mission under the guise of another program. Trojan horses can be used to compromise the security of your system, and they can exist on a system for years before they are detected. A virus (Answer C) is a program that spreads from computer to computer without your knowledge or permission and usually does harmful damage. Worms (Answer A) are dangerous because they can enter a system by exploiting a “hole” in an operating system. They don’t need a host or carry file, and they don’t need any user intervention to replicate by themselves.

Answer: C. Under general user accounts, the virus and worms cannot gain access to system-level files (admin rights are required for this). Therefore, give as few users as possible administrative rights. Giving too many people administrator rights (Answer B) gives viruses more opportunity to spread from an administrator account. Changing the administrator account password (Answer A) and putting all the users in any specific security group will not protect a system against viruses.

Answer: A, B, and C. To protect against spam, you should first install spam filtering/blocking software that will help take care of spam before you see it. You should also not respond to suspicious emails. By responding to suspicious email, you will confirm that the email address is valid, which will often lead to receiving more spam. Lastly, do not post your email address on websites so that other people can find them and add them to their mailing lists. Installing Windows Defender (Answer D) will only protect against spyware.

Answer: B. Adware is a software program that will play, display, or download advertisements, usually without your consent. Adware comes by visiting certain websites or by being tricked into loading software. Some types of adware are also spyware (Answer A), which collects information about users without their knowledge. A Trojan horse (Answer C) is malware that appears to be a harmless program, but does harm by deleting, modifying, or corrupting files on your computer or performing some other undesirable actions. Some Trojan horse programs can also be adware and spyware. A macro virus (Answer D) is a virus that is hidden within an embedded code usually within a document such as Microsoft Word or Excel.

Answer: B. Grayware is a classification of applications designed to be annoying or undesirable but are not as serious as destructive viruses. They can contain spyware, adware, dialers, joke programs, or remote access tools, and they affect the overall performance of your program. A Trojan horse (Answer C) is malware that appears to be a harmless program, but does harm by deleting, modifying, or corrupting files on your computer or performing some other undesirable actions. Some Trojan horse programs can also be adware and spyware. A macro virus (Answer D) is a virus that is hidden within an embedded code usually within a document such as Microsoft Word or Excel. There is no such thing as blackware (Answer A).

Answer: C. If you keep a computer under lock and key (in a secure server room or cage), only people with a key can get to it. If you use a BIOS password to boot the computer (Answer B), you will have to provide a password just to boot the computer. While this will prevent someone from booting the computer with a disk that will bypass the operating system security, it is not considered physical security. While NTFS (Answer A) is more secure than FAT32, it will not help protect against physically accessing a computer. For example, a person could boot with a disk or boot with another hard drive and access the content on the hard drive. In addition, share permissions (Answer D) only protect while accessing remote folders, not locally or physically.

Answer: B. Most BIOSes offer a variety of security options that can be set through the BIOS Setup utility. The Supervisory password option establishes a password that must be used to access the CMOS Setup utility (where the User and Supervisory password options are configured). You cannot configure passwords using jumpers (Answer A). You could use passwords in Windows but because some configuration settings are established in the BIOS setup program (Answer C), some of the configuration options can be changed. The Supervisory password would only be used to prevent the user from accessing the BIOS setup program (Answer D). Of course, you can configure the BIOS setup program that will only boot from the hard drive so that someone cannot insert a disk into the system and boot from that disk.

Answer: A. Windows Defender is Microsoft’s antispyware software product that is included with Windows Vista and is available with Windows XP. Windows Firewall (Answer B) protects against unauthorized access to the computer. Windows Security Center (Answer C) is a new tool added to Windows XP SP2 that allows you to manage Windows updates and firewall. While Automatic Updates (Answer D) help keep a PC secure and it might prevent some spyware, it is not made to catch and stop spyware.

Answer: D. Windows Defender is Microsoft’s antispyware software product that is included with Windows Vista and is available with Windows XP. Software Explorer can allow you to monitor specific applications that are running on Windows. Windows Explorer (Answer C) allows you to manage folders and files in Windows. There are no such things as Windows Defender Plus (Answer A) and Defender Explorer (Answer B).

Answer: B. EFS is short for Encrypted File System. It is part of NTFS and allows you to encrypt files and folders. If you encrypt a file and another user tries to copy the file to another system, he or she still might not be able to read it. BitLocker Drive Encryption (Answer C) is a full disk encryption that is included with Windows Ultimate and Enterprise edition of Windows Vista. Windows Firewall (Answer A) is used to protect a system from unauthorized access. Windows Malicious Software Remove Tool (Answer D) is used to check for and remove a small range of malware.

Answer: A. BitLocker Drive Encryption requires a TPM (Trusted Platform Module) be used with Windows Vista to encrypt an entire hard drive. Therefore, if you remove the drive from the system and try to read it in another system, the data could not be read. The TPM is a microchip that is built in to a computer and used to store cryptographic information, such as encryption keys. CA (Answer C), EFS (Answer D), and digital certificates (Answer B) are not needed for BitLocker.

Answer: B. Some systems have an intrusion detection option in the BIOS. When someone opens a computer, the information will be written and seen in the BIOS. Installing software such as Windows Defender (Answer A) or a Service Pack (Answer C) will not detect if a system has been opened. In addition, using fingerprint dust (Answer D) is a very cumbersome process, and it only works under ideal situations.