Download Mobile Device Security Controls and more Exams Computer Science in PDF only on Docsity!
401 SEC+EXAM PASS 4 SURE Designed for
Achievement in Every Exam Guaranteed to Boost
Your Grades From Renowned Educators Worldwide
WITH MULTIPLE QUESTIONS AND THE CORRECT
ANSWERS
Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO). A. Tethering B. Screen lock PIN C. Remote wipe D. Email password E. GPS tracking F. Device encryption - - correct ans- - Answer: C,F Explanation: C: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people. F: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO). A. Full device encryption B. Screen locks
C. GPS
D. Asset tracking E. Inventory control - - correct ans- - Answer: A,B Explanation: A: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications. A way to assure data at-rest is secure even in the event of loss or theft is to use: A. Full device encryption. B. Special permissions on the file system. C. Trusted Platform Module integration. D. Access Control Lists. - - correct ans- - Answer: A Explanation: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). A. Steganography images B. Internal memory C. Master boot records D. Removable memory cards
C. Full device encryption D. Remote wiping - - correct ans- - Answer: A Explanation: Screen-lock is a security feature that requires the user to enter a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications. Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete's focus is on equipment recovery. Which of the following BEST addresses his concerns? A. Enforce device passwords. B. Use remote sanitation. C. Enable GPS tracking. D. Encrypt stored data - - correct ans- - Answer: C Explanation: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information After a security incident involving a physical asset, which of the following should be done at the beginning? A. Record every person who was in possession of assets, continuing post-incident. B. Create working images of data in the following order: hard drive then RAM. C. Back up storage devices so work can be performed on the devices immediately.
D. Write a report detailing the incident and mitigation suggestions. - - correct ans- - Answer: A Explanation: Asset tracking is the process of maintaining oversight over inventory, and ensuring that a device is still in the possession of the assigned authorized user. The chief Risk officer is concerned about the new employee BYOD device policy and has requested the security department implement mobile security controls to protect corporate data in the event that a device is lost or stolen. The level of protection must not be compromised even if the communication SIM is removed from the device. Which of the following BEST meets the requirements? (Select TWO) A. Asset tracking B. Screen-locks C. GEO-Tracking D. Device encryption - - correct ans- - Answer: A,D Explanation: A: Asset tracking is the process of maintaining oversight over inventory, and ensuring that a device is still in the possession of the assigned authorized user. D: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. Which of the following technical controls helps to prevent Smartphones from connecting to a corporate network? A. Application white listing B. Remote wiping C. Acceptable use policy D. Mobile device management - - correct ans- - Answer: D
Allowing unauthorized removable devices to connect to computers increases the risk of which of the following? A. Data leakage prevention B. Data exfiltration C. Data classification D. Data deduplication - - correct ans- - Answer: B Explanation: Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system. The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following? A. The risks associated with the large capacity of USB drives and their concealable nature B. The security costs associated with securing the USB drives over time C. The cost associated with distributing a large volume of the USB pens D. The security risks associated with combining USB drives and cell phones on a network - - correct ans- - Answer: A Explanation: USB drive and other USB devices represent a security risk as they can be used to either bring malicious code into a secure system or to copy and remove sensitive data out of the system. Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO). A. Disable the USB root hub within the OS.
B. Install anti-virus software on the USB drives. C. Disable USB within the workstations BIOS. D. Apply the concept of least privilege to USB devices. E. Run spyware detection against all workstations - - correct ans- - Answer: A,C Explanation: A: The USB root hub can be disabled from within the operating system. C: USB can also be configured and disabled in the system BIOS. A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here? A. Separation of duties B. Least privilege C. Same sign-on D. Single sign-on - - correct ans- - Answer: C Explanation: Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally. Prior to leaving for an extended vacation, Joe uses his mobile phone to take a picture of his family in the house living room. Joe posts the picture on a popular social media site together with the message: "Heading to our two weeks vacation to Italy." Upon returning home, Joe discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Joe's home address? A. Joe has enabled the device access control feature on his mobile phone. B. Joe's home address can be easily found using the TRACEROUTE command.
Explanation: Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list. If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing? A. Transitive trust B. Public key trust C. Certificate authority trust D. Domain level trust - - correct ans- - Answer: A Explanation: In transitive trusts, trust between a first party and a third party flows through a second party that is trusted by both the first party and the third party. Which of the following can be performed when an element of the company policy cannot be enforced by technical means? A. Develop a set of standards B. Separation of duties C. Develop a privacy policy D. User training - - correct ans- - Answer: D Explanation: User training is an important aspect of maintaining safety and security. It helps improve users' security awareness in terms of prevention, enforcement, and threats. It is of critical importance when element of the company policy cannot be enforced by technical means.
Which of the following file systems is from Microsoft and was included with their earliest operating systems? A. NTFS B. UFS C. MTFS D. FAT - - correct ans- - Answer: D Explanation: File Allocation Table (FAT) is a file system created by Microsoft and used for its earliest DOS operating systems An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement? A. Implement IIS hardening by restricting service accounts. B. Implement database hardening by applying vendor guidelines. C. Implement perimeter firewall rules to restrict access. D. Implement OS hardening by applying GPOs. - - correct ans- - Answer: D Explanation: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services. This can be implemented using the native security features of an operating system, such as Group Policy Objects (GPOs). Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following? A. Application patch management
D. Anti-spyware software - - correct ans- - Answer: D Explanation: Spyware monitors a user's activity and uses network protocols to reports it to a third party without the user's knowledge. This is usually accomplished using a tracking cookie A security administrator wants to deploy security controls to mitigate the threat of company employees' personal information being captured online. Which of the following would BEST serve this purpose? A. Anti-spyware B. Antivirus C. Host-based firewall D. Web content filter - - correct ans- - Answer: A Explanation: Spyware monitors a user's activity and uses network protocols to reports it to a third party without the user's knowledge. This is usually accomplished using a tracking cookie A user has several random browser windows opening on their computer. Which of the following programs can be installed on his machine to help prevent this from happening? A. Antivirus B. Pop-up blocker C. Spyware blocker D. Anti-spam - - correct ans- - Answer: B Explanation:
Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious code. Which of the following is a vulnerability associated with disabling pop-up blockers? A. An alert message from the administrator may not be visible B. A form submitted by the user may not open C. The help window may not be displayed D. Another browser instance may execute malicious code - - correct ans- - Answer: D Explanation: Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious code. Which of the following encompasses application patch management? A. Configuration management B. Policy management C. Cross-site request forgery D. Fuzzing - - correct ans- - Answer: A Explanation: Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system and its configuration, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.
Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal? A. A host-based intrusion prevention system B. A host-based firewall C. Antivirus update system D. A network-based intrusion detection system - - correct ans- - Answer: B Explanation: A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet Each server on a subnet is configured to only allow SSH access from the administrator's workstation. Which of the following BEST describes this implementation? A. Host-based firewalls B. Network firewalls C. Network proxy D. Host intrusion prevention - - correct ans- - Answer: A Explanation: A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system. Which of the following is an important step in the initial stages of deploying a host-based firewall? A. Selecting identification versus authentication
B. Determining the list of exceptions C. Choosing an encryption algorithm D. Setting time of day restrictions - - correct ans- - Answer: B Explanation: A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system. Which of the following MOST interferes with network-based detection techniques? A. Mime-encoding B. SSL C. FTP D. Anonymous email accounts - - correct ans- - Answer: B Explanation: Secure Sockets Layer (SSL) is used to establish secure TCP communication between two machines by encrypting the communication. Encrypted communications cannot easily be inspected for anomalies by network-based intrusion detection systems (NIDS). Joe, a network security engineer, has visibility to network traffic through network monitoring tools. However, he's concerned that a disgruntled employee may be targeting a server containing the company's financial records. Which of the following security mechanism would be MOST appropriate to confirm Joe's suspicion? A. HIDS B. HIPS
Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. The librarian wants to secure the public Internet kiosk PCs at the back of the library. Which of the following would be the MOST appropriate? (Select TWO). A. Device encryption B. Antivirus C. Privacy screen D. Cable locks E. Remote wipe - - correct ans- - Answer: B,D Explanation: B: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources. Public systems are particularly prone to viruses. D: Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep devices from being easy to steal A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system's services to the list of standard services on the company's system image. This review process depends on: A. MAC filtering. B. System hardening. C. Rogue machine detection. D. Baselining. - - correct ans- - Answer: D Explanation:
Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained. Identifying a list of all approved software on a system is a step in which of the following practices? A. Passively testing security controls B. Application hardening C. Host software baselining D. Client-side targeting - - correct ans- - Answer: C Explanation: Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server? A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application.
