Live Virtual Machine Lab 6.1: Module 06 Securing an Environment using Mitigating Techniques
Which of the following statements are true for application whitelisting and blacklisting? [Choose all that apply]
An administrator can blacklist or whitelist applications that the users can run using Software Restriction Policies If an application or a specific path that contains the executables is blacklisted, then all executables within the defined path are blacklisted Note: Software restriction policies (SRPs) are a policy-driven mechanism that enables administrators to manage the applications that can run on a Windows computer. With the SRPs, an administrator can blacklist or whitelist applications that the users can run. If an application is whitelisted, the user will be able to run the application. However, if the application or a specific path that contains the executables is blacklisted, then the application executable or all executables within the defined path are blacklisted.
Which mobile device management method allows the employee to purchase a mobile device, but the organization has complete control over the device?
Choose Your Own Device (CYOD) Note: This method allows employees to choose a device. The employee can either purchase the device from the organization or pay rent. However, the organization has complete control over the mobile device.
When implementing segmentation as a proactive measure, which of the following types of segments exist on a network? [Choose all that apply]
Datacenter Users Guests Note: Segmentation can be a proactive or reactive measure. In the proactive approach, the network is divided into different segments. Each segment communicates with the other segments through a firewall. In this approach, the network has three key segments: - Datacenter - Users - Guest It is advisable to have DMZ as a separate segment, which will contain the Internet-facing servers.
If two segments need to talk to each other in a segmented network, which of the following is required?
Firewall Note: Each segment communicates to the other segments through a firewall.
To prevent the spread of an attack, which of the following methods of isolation can be used? [Choose all that apply]
Isolate the affected systems Isolate the attacker Note: Isolating the affected systems would prevent the attack from spreading and infecting other systems or devices. Isolation is a stronger method than segmentation to limit an attack. Two types of isolation can be applied: - Isolating the affected systems - Isolating the attacker
