Practice Exam 15 Flashcards
(25 cards)
Which of the terms listed below is used to describe a foundational level of security configurations and settings required to safeguard a system?
Answer: Secure baseline
Concept: Secure Baseline
Quick Explanation:
A secure baseline is a set of foundational security configurations and settings established to protect a system from common threats.
Key Points:
Defines minimum security standards: ensures consistent protection.
Includes configurations: OS settings, application controls, network rules, etc.
Used for: system hardening and compliance.
Helps prevent vulnerabilities: reduces attack surface.
Baseline can evolve: updated regularly to address new threats.
Why the Answer is Correct (Secure Baseline):
The question describes the basic security settings needed to safeguard a system, which aligns with the concept of a secure baseline.
Why It Matters:
Establishing a secure baseline is critical to maintaining system integrity, preventing unauthorized access, and meeting regulatory requirements.
Installing mobile apps from trusted sources (e.g., Apple’s App Store for iOS devices, or Google Play for Android devices) instead of third-party application stores decreases malware-related security risks.
Answer: True
Concept: Trusted App Sources
Quick Explanation:
Installing mobile apps only from official stores like Apple’s App Store or Google Play reduces the risk of malware because these platforms enforce security reviews and vetting.
Key Points:
Trusted sources: have strict app review processes.
Third-party stores: often lack thorough vetting, increasing malware risk.
Reduces risk: of downloading malicious or compromised apps.
Supports updates: official stores push timely security updates.
Best practice: always verify source before installing apps.
Why the Answer is Correct (True):
The question states that using official app stores lowers malware risk, which is a well-established security practice.
Why It Matters:
Using trusted sources protects devices from malware infections, data breaches, and unauthorized access, maintaining user and organizational security.
Data on a lost or stolen mobile device can be erased by:
Answer: Remote wipe
Concept: Remote Wipe
Quick Explanation:
Remote wipe is a security feature that allows an administrator or user to erase all data on a lost or stolen mobile device remotely to prevent unauthorized access.
Key Points:
Erases data remotely: triggered via management console or app.
Protects sensitive information: prevents data breaches from lost devices.
Common in: Mobile Device Management (MDM) solutions.
May include: factory reset and removal of personal and corporate data.
Requires: device to be powered on and connected (internet or cellular).
Why the Answer is Correct (Remote Wipe):
The question asks how to erase data on lost/stolen devices remotely, which is the primary function of remote wipe.
Why It Matters:
Remote wipe helps protect organizational and personal data confidentiality, reducing risks of data theft and compliance violations.
Which of the following answers refers to a mobile security solution that enables separate controls over the user and enterprise data?
Answer: Storage segmentation
Concept: Storage Segmentation
Quick Explanation:
Storage segmentation is a mobile security technique that separates user data from enterprise data on the same device, allowing distinct control and protection for each.
Key Points:
Separates data: keeps personal and corporate data isolated.
Enables distinct policies: different security controls for user and enterprise data.
Protects privacy: personal data remains private, corporate data remains secure.
Common in: BYOD (Bring Your Own Device) environments and Mobile Device Management (MDM).
Facilitates compliance: helps organizations enforce data protection regulations.
Why the Answer is Correct (Storage Segmentation):
The question describes controlling user and enterprise data separately on a mobile device, which defines storage segmentation.
Why It Matters:
Storage segmentation ensures data security without compromising user privacy, supporting safer BYOD practices and regulatory compliance.
Implementing full device encryption is one of the methods for securing sensitive data on a smartphone. When enabled, this type of encryption works in conjunction with the phone’s screen lock, i.e., to decrypt the phone (which stays encrypted whenever the phone is locked), a user must first unlock the screen. On Android devices, the unlocking methods include entering a PIN, password, or drawing a simple pattern with a finger. Apple devices use passcodes, facial recognition (Face ID), and fingerprint (Touch ID).
Answer: True
Concept: Full Device Encryption (FDE) on Smartphones
Quick Explanation:
Full device encryption protects all data on a smartphone by encrypting it when the device is locked, requiring user authentication to decrypt and access data.
Key Points:
Encrypts entire device storage: protects all data at rest.
Works with screen lock: phone remains encrypted until user unlocks it.
Android unlock methods: PIN, password, pattern.
Apple unlock methods: passcode, Face ID, Touch ID.
Prevents unauthorized access: even if device is lost or stolen.
Why the Answer is Correct (True):
The statement accurately describes how FDE operates alongside screen lock mechanisms on both Android and Apple devices.
Why It Matters:
Full device encryption is crucial for protecting sensitive data, ensuring privacy, and complying with security standards in mobile environments.
In the context of MDM, the isolation of corporate applications and data from other parts of the mobile device is referred to as:
Answer: Containerization
Concept: Containerization
Quick Explanation:
Containerization in Mobile Device Management (MDM) isolates corporate apps and data in a secure, separate environment on a mobile device, keeping it distinct from personal apps and data.
Key Points:
Creates a secure “container”: separates corporate data from personal data.
Controls data access and sharing: limits interaction between corporate and personal apps.
Enhances security: protects enterprise info without impacting user privacy.
Supports BYOD: enables use of personal devices for work safely.
Often combined with: encryption and policy enforcement.
Why the Answer is Correct (Containerization):
The question describes isolating corporate apps/data within a mobile device, which defines containerization in MDM.
Why It Matters:
Containerization helps organizations secure sensitive information while respecting user privacy and device usability in mobile environments.
Which of the answers listed below refer to workstation hardening techniques? (Select 3 answers)
Answer: Regularly applying security patches and updates to the OS and installed software, Removing or disabling unnecessary drivers, services, software, and network protocols, and Limiting unauthorized or unauthenticated user access
Concept: Workstation Hardening
Quick Explanation:
Workstation hardening involves strengthening a computer’s security by reducing vulnerabilities through configuration changes and maintenance practices.
Key Points:
Apply patches and updates: keep OS and software up to date to fix security flaws.
Remove/disable unnecessary components: drivers, services, software, and protocols that aren’t needed reduce attack surface.
Limit unauthorized access: enforce strong authentication and restrict user permissions.
Additional techniques: use antivirus, enable firewalls, secure configurations.
Why the Answer is Correct:
All three selected answers describe key methods to secure workstations by minimizing vulnerabilities and controlling access.
Why It Matters:
Hardening workstations prevents exploitation by attackers, reduces risk of malware, and protects sensitive data in an organization.
Which of the following answers refer(s) to (a) router hardening technique(s)? (Select all that apply)
Answer: Changing default credentials, Disabling unused services and ports, and Implementing regular firmware updates
Concept: Router Hardening
Quick Explanation:
Router hardening involves securing routers by minimizing vulnerabilities and controlling access to protect network integrity.
Key Points:
Change default credentials: replace default usernames and passwords to prevent unauthorized access.
Disable unused services and ports: reduce attack surface by turning off unnecessary features.
Regular firmware updates: apply patches to fix security flaws and improve functionality.
Additional steps: enable logging, restrict management access, use strong encryption.
Why the Answer is Correct:
All selected techniques are standard practices to secure routers from common threats.
Why It Matters:
Hardening routers protects the network perimeter, prevents unauthorized access, and mitigates potential attacks.
Which of the answers listed below refers to the process of assessing the physical environment, such as the layout of the building, to identify potential sources of interference and determine the optimal placement of a WAP?
Answer: Site survey
Concept: Site Survey
Quick Explanation:
A site survey is the process of analyzing a physical environment to identify sources of interference and determine the best locations for wireless access points (WAPs).
Key Points:
Evaluates building layout: walls, floors, and obstacles affecting signal.
Identifies interference: from other wireless devices, electronics, or physical barriers.
Helps optimize WAP placement: ensures strong, reliable wireless coverage.
Types: passive, active, and predictive surveys.
Essential for: designing efficient wireless networks.
Why the Answer is Correct (Site Survey):
The question describes assessing the physical space and interference to place WAPs optimally, which defines a site survey.
Why It Matters:
Performing site surveys improves wireless performance, reduces dead zones, and enhances overall network reliability and security.
An administrator needs to adjust the placement of multiple APs to ensure the best wireless signal coverage for the network. Which of the following would be of help in identifying areas of low signal strength?
Answer: Heat map
Concept: Heat Map
Quick Explanation:
A heat map is a visual representation that shows wireless signal strength across an area, helping identify strong and weak coverage zones.
Key Points:
Visualizes signal coverage: colors indicate signal strength (e.g., red = weak, green = strong).
Helps optimize AP placement: by highlighting low coverage or dead spots.
Used during site surveys: to fine-tune wireless network design.
Supports troubleshooting: finds interference or connectivity issues.
Tools: specialized software or apps create heat maps.
Why the Answer is Correct (Heat Map):
The question asks for a tool to identify low wireless signal areas, which is exactly what a heat map provides.
Why It Matters:
Using heat maps improves wireless network performance, user experience, and efficient use of APs.
Which type of software enables centralized administration of mobile devices?
Answer: MDM (Mobile Device Management)
Concept: Mobile Device Management (MDM)
Quick Explanation:
MDM is software that enables centralized administration, monitoring, and management of mobile devices within an organization.
Key Points:
Centralized control: manage policies, apps, and security settings remotely.
Enforces security: enables device encryption, remote wipe, and compliance checks.
Supports BYOD and corporate devices: applies consistent controls.
Allows inventory tracking: monitors devices and their status.
Improves efficiency: simplifies updates and troubleshooting.
Why the Answer is Correct (MDM):
The question describes software for centralized mobile device management, which is the core function of MDM.
Why It Matters:
MDM enhances security and operational control over mobile devices, reducing risks and supporting compliance.
Which of the answers listed below refers to software that facilitates the enforcement of mobile device policies and procedures?
Answer: MDM (Mobile Device Management)
Concept: MDM for Policy Enforcement
Quick Explanation:
MDM software helps organizations enforce security policies and procedures on mobile devices to maintain compliance and protect data.
Key Points:
Enforces security policies: password requirements, encryption, app restrictions.
Monitors compliance: ensures devices follow organizational rules.
Supports remote actions: such as wiping, locking, or updating devices.
Automates policy updates: simplifies management at scale.
Integrates with other security tools: for comprehensive protection.
Why the Answer is Correct (MDM):
MDM specifically enables enforcement of mobile device policies and procedures centrally.
Why It Matters:
Policy enforcement via MDM helps prevent security breaches and data loss by ensuring mobile devices adhere to organizational standards.
A mobile device deployment model that allows employees to use private mobile devices for accessing company’s restricted data and applications is known as:
Answer: BYOD (Bring Your Own Device)
Concept: BYOD (Bring Your Own Device)
Quick Explanation:
BYOD is a deployment model where employees use their personal devices to access company resources, including restricted data and applications.
Key Points:
Uses personal devices: smartphones, tablets, laptops for work.
Requires security controls: like MDM, containerization, encryption.
Benefits: increased flexibility, employee satisfaction, cost savings.
Challenges: managing security risks, data privacy, device compatibility.
Policies essential: to govern usage and protect corporate data.
Why the Answer is Correct (BYOD):
The question describes employees using private devices to access company data, which defines BYOD.
Why It Matters:
BYOD expands access but increases security risks, so proper management is crucial to protect sensitive information.
Which of the answers listed below refers to a mobile device deployment model where organizations provide and own the devices while allowing their personal use?
Answer: COPE (Corporate-Owned Personally Enabled)
Concept: COPE (Corporate-Owned, Personally Enabled)
Quick Explanation:
COPE is a mobile deployment model where the organization provides and owns devices but allows employees to use them for personal purposes.
Key Points:
Organization-owned devices: company controls procurement and management.
Permits personal use: employees can use devices for non-work activities.
Stronger security control: easier to enforce policies compared to BYOD.
Balancing productivity and privacy: company maintains control but respects user convenience.
Common in enterprises: for secure mobile workforce management.
Why the Answer is Correct (COPE):
The question describes devices owned by the organization but used personally by employees, which matches COPE.
Why It Matters:
COPE offers security and control benefits while allowing employee flexibility, reducing risks of data breaches.
What is the name of a mobile device deployment model in which employees select devices for work-related tasks from a company-approved device list?
Answer: CYOD (Choose Your Own Device)
Concept: CYOD (Choose Your Own Device)
Quick Explanation:
CYOD is a deployment model where employees select their work devices from a pre-approved list provided by the organization.
Key Points:
Company-approved devices: employees choose from a curated selection.
Devices are owned and managed by the company.
Balances control and user choice: ensures compatibility and security.
Simplifies support and policy enforcement: standardized device set.
Less risk than BYOD: because devices meet organizational standards.
Why the Answer is Correct (CYOD):
The question describes employees choosing devices from an approved list, which is the core of CYOD.
Why It Matters:
CYOD improves security and management while giving employees some flexibility, reducing IT overhead.
An SSID is a unique identifier (a.k.a. wireless network name) for a WLAN. Wireless networks advertise their presence by regularly broadcasting SSID in a special packet called beacon frame. In wireless networks with disabled security features, knowing the network SSID is enough to get access to the network. SSID also pinpoints the wireless router that acts as a WAP. Wireless routers from the same manufacturer are frequently configured with default (well-known) SSID names. Since multiple devices with the same SSID displayed on the list of available networks create confusion and encourage accidental access by unauthorized users (applies to networks that lack security), changing the default SSID is a recommended practice.
Answer: True
Concept: SSID
Quick Explanation:
SSID is the unique name identifying a wireless network (WLAN) that devices use to connect.
Key Points:
Broadcast via beacon frames: announces network presence regularly.
Default SSIDs: often well-known by manufacturer and can be a security risk.
In unsecured networks: knowing SSID alone can grant access.
Changing default SSID: recommended to reduce confusion and unauthorized access.
SSID helps identify: the specific wireless router or access point.
Why the Answer is Correct (True):
The statement accurately describes what SSID is, how it works, and best practices like changing default names.
Why It Matters:
Proper SSID management helps avoid unauthorized network access and confusion, improving wireless security.
For a wireless client to be able to connect to a network, the security type (e.g., WEP, WPA, WPA2, or WPA3) and encryption type (e.g., TKIP or AES) settings on the connecting host must match the corresponding wireless security settings on a WAP.
Answer: True
Concept: Wireless Security & Encryption Matching
Quick Explanation:
For a wireless client to connect, its security and encryption settings must match those configured on the wireless access point (WAP).
Key Points:
Security types: WEP, WPA, WPA2, WPA3 define authentication methods.
Encryption types: TKIP and AES protect data confidentiality.
Mismatch causes connection failure: client and WAP must align.
WPA3 + AES: most secure modern standard.
Proper configuration: essential for network access and security.
Why the Answer is Correct (True):
The client must match the WAP’s security and encryption settings to successfully authenticate and communicate.
Why It Matters:
Matching settings ensure secure, authorized access and prevent unauthorized users from connecting.
Which of the following answers refers to a security feature used in Bluetooth device pairing?
Answer: PIN (Personal Identification Number)
Concept: Bluetooth Pairing Security — PIN
Quick Explanation:
A PIN (Personal Identification Number) is used during Bluetooth device pairing to authenticate and secure the connection between devices.
Key Points:
PIN acts as a shared secret: ensures both devices authorize the connection.
Prevents unauthorized pairing: reduces risk of eavesdropping or man-in-the-middle attacks.
PIN length varies: typically 4 to 6 digits.
Part of Bluetooth pairing protocols: including legacy and secure simple pairing.
Enhances security in device communication.
Why the Answer is Correct (PIN):
PIN is a core security feature used to authenticate Bluetooth device pairing.
Why It Matters:
Using a PIN helps protect Bluetooth connections from unauthorized access and data interception.
Which of the following solutions would offer the strongest security for a small network that lacks an authentication server?
Answer: WPA3-SAE (Wi-Fi Protected Access 3) + (Simultaneous Authentication of Equals)
Concept: WPA3-SAE (Simultaneous Authentication of Equals)
Quick Explanation:
WPA3-SAE is a Wi-Fi security protocol designed to provide strong encryption and authentication without requiring an authentication server.
Key Points:
Stronger than WPA2: improves protection against password guessing and offline attacks.
SAE is a secure key exchange method: protects against brute force attacks.
Ideal for small networks: no need for a RADIUS or other authentication server.
Provides forward secrecy: past sessions remain secure even if password is compromised later.
Improves overall wireless security posture.
Why the Answer is Correct (WPA3-SAE):
It offers the strongest protection for small networks without an authentication server by enhancing password-based security.
Why It Matters:
Using WPA3-SAE helps secure small wireless networks effectively, protecting against common Wi-Fi attacks.
What are the characteristic features of WPA2/WPA3 Enterprise mode? (Select 3 answers)
Answer: Suitable for large corporate networks, IEEE 802.1X, and Requires RADIUS authentication server
Concept: WPA2/WPA3 Enterprise Mode
Quick Explanation:
Enterprise mode provides advanced wireless security for large organizations by using centralized authentication.
Key Points:
Suitable for large corporate networks: scales well for many users.
Uses IEEE 802.1X protocol: for port-based network access control.
Requires a RADIUS server: to authenticate users and manage credentials.
Stronger authentication: compared to personal modes using just passwords.
Supports dynamic encryption keys: improving security during sessions.
Why the Answer is Correct (Suitable for large networks, 802.1X, RADIUS):
These features define Enterprise mode’s enhanced security and centralized management capabilities.
Why It Matters:
Enterprise mode significantly improves Wi-Fi security in organizations by enforcing user authentication and preventing unauthorized access.
What is the name of the encryption protocol primarily used in Wi-Fi networks implementing the WPA3 security standard?
Answer: AES-GCMP (Advanced Encryption Standard) + (Galois/Counter Mode Protocol)
Concept: AES-GCMP Encryption in WPA3
Quick Explanation:
AES-GCMP (Advanced Encryption Standard with Galois/Counter Mode Protocol) is the primary encryption method used in WPA3 Wi-Fi security.
Key Points:
AES: a strong, symmetric encryption algorithm.
GCMP: provides both encryption and integrity (authentication) of data.
Improves security: over older encryption methods like TKIP.
Used in WPA3: enhances data confidentiality and protection against attacks.
Supports high throughput: efficient for modern high-speed Wi-Fi.
Why the Answer is Correct (AES-GCMP):
WPA3 mandates AES-GCMP as its encryption protocol to ensure robust security.
Why It Matters:
AES-GCMP strengthens Wi-Fi security, protecting data from interception and tampering on modern networks.
Which of the following acronyms refers to a client authentication method used in WPA3 Personal mode?
Answer: SAE (Simultaneous Authentication of Equals)
Concept: SAE in WPA3 Personal Mode
Quick Explanation:
SAE is a secure password-based authentication method used in WPA3 Personal to protect Wi-Fi connections.
Key Points:
Replaces WPA2’s PSK method: more resistant to offline password guessing attacks.
Provides mutual authentication: both client and access point verify each other.
Uses a secure key exchange: preventing eavesdropping and replay attacks.
Enables forward secrecy: past sessions stay secure even if password is compromised later.
Ideal for personal/small networks: no need for authentication servers.
Why the Answer is Correct (SAE):
SAE is the client authentication method specifically designed for WPA3 Personal mode.
Why It Matters:
SAE improves wireless security by enhancing password protection and preventing common Wi-Fi attack vectors.
What are the characteristics of TACACS+? (Select 3 answers)
Answer: Encrypts the entire payload of the access-request packet, Primarily used for device administration, and Separates authentication and authorization
Concept: TACACS+ (Terminal Access Controller Access-Control System Plus)
Quick Explanation:
TACACS+ is a protocol used for AAA (Authentication, Authorization, and Accounting) that provides secure device administration.
Key Points:
Encrypts entire payload: protects all access-request packet data, not just the password.
Primarily used for device administration: routers, switches, firewalls, etc.
Separates authentication and authorization: allows granular control of user permissions.
Centralized AAA management: commonly integrated with RADIUS or LDAP.
More secure and flexible than TACACS or RADIUS for device control.
Why the Answer is Correct (Encrypts payload, device administration, separate auth/authz):
These features are core to TACACS+ and differentiate it from other AAA protocols.
Why It Matters:
TACACS+ ensures secure, fine-grained control over administrative access to network devices, enhancing overall security.
What are the characteristic features of RADIUS? (Select 3 answers)
Answer: Primarily used for network access, Combines authentication and authorization, and Encrypts only the password in the access-request packet
Concept: RADIUS (Remote Authentication Dial-In User Service)
Quick Explanation:
RADIUS is a protocol used for centralized authentication, authorization, and accounting for network access.
Key Points:
Primarily used for network access: authenticates users connecting to network services like VPNs and Wi-Fi.
Combines authentication and authorization: processes both together in a single step.
Encrypts only the password in access-request packets: other data is sent in clear text.
Supports AAA functions: including accounting for tracking user activity.
Widely used in enterprise networks for remote access control.
Why the Answer is Correct (Network access, combines auth/authz, encrypts password only):
These features define RADIUS’s design and differentiate it from TACACS+.
Why It Matters:
Understanding RADIUS helps secure network access and manage user permissions effectively, though it has some security limitations.
