Ch 6 Securing Hosts and Data
Your organization has a degausser in the basement. What media can you use it to securely destroy? Choose all that apply. Backup tapes CDs and DVDs Hard drives Paper documents SSDs
- Backup tapes - Hard Drives Degaussers are magnets so only erase magnetic media like tapes and hard drives. Optical, flash, and print media are not affected.
What are important security steps on all mobile devices? Choose all that apply. Configuring antivirus software Configuring remote backup features Installing a firewall app Regularly applying operating system updates Using biometric authentication
- Configuring remote backup features - Regularly applying operating system updates Updates and backups are always good ideas, but the others may be unavailable or just not optimal.
What kind of policy governs a user-owned device on the corporate network? Choose the best response. Acceptable Use BYOD MDM Offboarding
BYOD A Bring Your Own Device policy governs user-owned devices, even if the other answers might be involved too.
Which Windows encryption tool can protect the entire system volume? Choose the best response. BitLocker Encrypting File System Both Neither
BitLocker BitLocker is a volume-based encryption solution.
Your company allows you to use the same smartphone for both personal and work purposes, but only if it's one of a half-dozen different models on an approved list. If you don't have an approved device, the company will pay for part of your upgrade. What kind of deployment model does the company use? Choose the best response. BYOD COBO COPE CYOD
CYOD This is an example of Choose Your Own Device.
What security feature makes it more difficult for an attacker to trick you into installing a fraudulent Ethernet driver that reports on your network activities? Choose the best response. Code signing Firewall HIDS Trusted hardware
Code signing
What might protect users from copying sensitive files to external media? FDE DLP HSM TPM
DLP Data Loss Prevention software is used to classify and protect your organization's confidential and critical data.
Your organization has a critical database full of customer PII, and a new employee was just authorized to use it. How would you best describe the role of the system administrator who configures user permissions in the database software? Data custodian Data owner Data steward Privacy officer
Data custodian
Both iOS and Android enable data encryption on most devices by default. True or false?
False iOS 8 and later enable encryption by default, so most iOS devices today are encrypted. Android has long included full encryption as an optional feature, but only some devices enable it by default.
What cryptographic tool is commonly built into a motherboard? FDE DLP HSM TPM
TPM A Trusted Platform Module is typically a chip right on the motherboard.
Both iOS and Android include a built-in feature to find and secure a lost device. True or false?
True Android Device Manager and Find My iPhone let you ring, lock, or erase a lost device if it's still connected to the network.
"Big data" shouldn't be confused with "cloud storage"? True or false?
True Big data is often stored on the cloud, but it actually refers to data sets too large to manage and secure by traditional methods.
A service pack is generally a more major update than a maintenance release. True or false?
True Both are compilations of patches and hot fixes, but a maintenance release is a smaller collection issued between service packs or software releases.
Downgrades are often more difficult than upgrades. True or false?
True Most software is designed for easy upgrades, but downgrading to a past version without introducing problems might be difficult or impossible.
In general, you should leave the Guest account in Windows disabled. True or false?
True While the Guest account has limited permissions, attackers can try to exploit them to gain more.
What connection type is very similar to Bluetooth but used by more specialized devices? ANT GSM NFC SATCOM
ANT
What kind of policy governs removal of sensitive data and credentials when a user device is no longer used for company business? Asset tracking Offboarding Onboarding Storage segmentation
Off-boarding Off-boarding policies govern leaving the network.
What kind of application centrally manages security policy on all company mobile devices? Choose the best answer. Asset tracking BYOD GPS MDM
MDM Mobile Device Management software is used by most organizations.
A company configures workstations only to run software on an approved list. What is this an example of? Choose the best response. Blacklisting Hardening Sandboxing Whitelisting
Whitelisting
What was the first version of Windows to include real-time antivirus scanning? Choose the best response. Windows XP Service Pack 2 Windows Vista Windows 7 Windows 8 Windows 8.1
Windows 8 Before Windows 8, Windows Defender was only anti-spyware.
What potential security risk does an SD card pose that a USB thumb drive does not? Choose the best response. Data exfiltration Malware Photographs of sensitive areas Wireless attacks
Wireless attacks SD cards are very similar to thumb drives, but she have integrated wifi adapters, so there is a risk of wireless attack. Note that some USB wireless adapters look much like thumb drives.