SG: Ch 23: Securing Operating Systems Flashcards

1
Q

A user is in both the Sales group and the Marketing group. The Sales group has full permission at the share level, and the Marketing group has read-only permissions. The files on NTFS are secured with the Modify permission for the Sales group and the Read & Execute permission for the Marketing group. Which permissions will the user have?

A. Full

B. Modify

C. Read-only

D. Read & Execute

A

B. Modify

Because the user is in both groups and the Sales group has full share permissions and the Sales group has modify NTFS permissions, the most restrictive of the two is Modify, so that will be the effective permission for the user. All of the other answers are incorrect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A user is in the Sales group. The Sales group has no permissions at the share level. The files on NTFS are secured with the Modify permission for the Sales group. What permissions with the user have?

A. The user will have the Modify permission when connecting from the network.

B. The user will have the Modify permission when logged in locally to the computer.

C. The user will have no access when logged in locally to the computer.

D. The user will have read-only permissions when connecting from the network.

A

B. The user will have the Modify permission when logged in locally to the computer.

The user will have only the Modify permission when logged in locally to the computer, since the filesystem is not shared with the appropriate permissions. The user will not have the Modify permission when connecting from the network. The user will still have the Modify permission when logged in locally, because of the NTFS permissions. The user will not have read-only permissions when connecting from the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You need to secure your mobile device’s lock screen with the highest level of protection. Which of the following should you use? (Choose the best answer.)

A. Fingerprint lock

B. Face lock

C. Passcode lock

D. Swipe lock

A

A. Fingerprint lock

Fingerprint locks are the most secure of all the lock methods, since fingerprints are hard to duplicate. Face locks have a high number of false positives, which can be used to gain access to the phone. Passcode locks can be cracked or shoulder surfed. Swipe locks can be shoulder surfed and are usually simple.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You need to enforce profile security requirements on mobile devices. Which should you use to achieve this goal?

A. AUP

B. NDA

C. BYOD

D. MDM

A

D. MDM

Mobile device management (MDM) software enables you to enforce profile security requirements on mobile devices. The acceptable use policy (AUP) is a code of ethics your users should follow when dealing with organizational resources. A non-disclosure agreement (NDA) is an agreement between an employee and the organization to protect intellectual property. A bring you own device (BYOD) policy contains how devices should be secured but provides no enforcement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You need to encrypt a single file on a Windows Desktop. Which technology should you use?

A. EFS

B. BitLocker

C. NTFS

D. BitLocker to Go

A

A. EFS

The Encrypted File System (EFS) is a functionality of the Windows NTFS filesystem. EFS can encrypt individual files and folders. BitLocker is a full device encryption technology. NTFS is a filesystem that supports encryption and security, among other functionality. BitLocker to Go is used for full device encryption of removable drives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following has the goal of allowing a username/password combination to be entered once, and then allowing claims to be used for consecutive logins? (Choose the best answer.)

A. Tokens

B. Kerberos

C. Single sign-on

D. Multifactor authentication

A

C. Single sign-on

The goal of single sign-on (SSO) is to allow a username/password combination. Once the combination is entered, claims are used to access additional resources. Tokens are given to the operating system after a user successfully logs in; they allow a user to access rights on the operating system. Kerberos is used (along with Active Directory) to authenticate a user on the Windows operating system. Multifactor authentication is the use of two or more factors to authenticate a user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

By default, when setting up an Android device, what is the relevance to the Google account required?

A. The device requires email setup.

B. The account is used for cloud synchronizations.

C. The account is used for desktop backups.

D. The device requires registration.

A

B. The account is used for cloud synchronizations.

By default, a Google account is required on Android devices; it is used to synchronize data and app purchases to the cloud. The device does not require email to be set up, but the account can be used for the setup. The account is not used for desktop backups. The device does not require registration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a best practice for mitigating the risk of a contractor account that is forgotten about? (Choose the best answer.)

A. Time restrictions

B. Password complexity

C. Account expiration

D. Password expiration

A

C. Account expiration

Account expiration is the best approach to mitigating the risk of a contractor account that is forgotten about. If an expiration for the account is set, it will automatically deny logins after the set time. Time restrictions will limit when the account can be logged into but will not deactivate the account. Password complexity will have no effect on mitigating the risk; it will only require a stronger password. Password expiration will have no effect on mitigating the risk; it will only require the password to be changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What should be implemented to mitigate the risk of a password from being shoulder surfed or keylogged?

A. Antivirus

B. Privacy screens

C. Password complexity

D. Password expiration

A

D. Password expiration

Password expiration is a tactic to mitigate passwords from being shoulder surfed or keylogged. Although it won’t remove the threat completely, requiring passwords to expire makes it less likely that the password could be used over a long period time. Antivirus will not prevent shoulder surfing by other users. Privacy screens would not prevent keyloggers from capturing a password. Password complexity makes it harder to shoulder surf a password but does not mitigate the risk of a keylogger.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

As a best practice, after a set period of inactivity on a Windows workstation, what should happen?

A. The system should shut down.

B. The system should restart.

C. A password-enabled screensaver should automatically start.

D. The system should log out the user.

A

C. A password-enabled screensaver should automatically start.

A screensaver should automatically start after a short period of idle time, and that screensaver should require a password before the user can begin the session again. The system should neither shut down nor restart, since work could still be open. For the same reason, the system should not log out the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You want to follow the rules of good security administration as set by CompTIA and vendors. To do so, which account should be disabled on most Windows operating systems for security reasons?

A. Guest

B. Print Operators

C. Power Users

D. Userone

A

A. Guest

The Guest account should be disabled on the operating system, unless there is good reason to leave the account enabled. Print Operators is a group found on Windows servers. Power Users is a group found on both Windows workstations and servers. Userone is obviously a user account. Unless the user has left the organization, there should be no reason to disable the account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is normally performed when an employee is offboarded?

A. Their user account is deleted.

B. Their user account is unlocked.

C. Their user account is created.

D. Their user account’s password is reset.

A

A. Their user account is deleted.

When an employee is offboarded, their user account is deleted or disabled. A user account is not created, nor is its password reset, during the offboarding process. A user account normally is created during the onboarding process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

James just moved a folder on the same partition. What will happen with the permissions for the folder?

A. The permissions will be the same as they were before the move.

B. The permissions will be inherited from the new parent folder.

C. The permissions will be configured as the root folder for the drive letter.

D. The permissions will be blank until configured.

A

A. The permissions will be the same as they were before the move.

The permissions will be the same as before the move, since you are just moving the files and not creating a new entity. The permissions will not be inherited from the parent folder. The permissions will not be configured the same as the root folder. The permissions will not be blank.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following passwords is a secure password? (Choose the best answer.)

A. serverpassword0ne

B. $erVer1

C. *erverP%ssw#rd

D. serverpassword1

A

C. *erverP%ssw#rd

The password *erverP%ssw#rd uses uppercase and lowercase letters, symbols, and numbers, for a possible character base of 95 combinations per position. The password serverpassword0ne uses only lowercase and numbers, for a character base of 36 combinations per position; although it is longer than *erverP%ssw#rd, the complexity still falls short. The password $erVer1 uses uppercase and lowercase letters, symbols, and numbers, but it is too short. The password serverpassword1 is also long and uses lowercase and numbers, but it only has a character base of 36 combinations per position.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A new app developed for the Android platform has which extension?

A. .sdk

B. .apk

C. .ipa

D. .exe

A

B. .apk

Android apps have an .apk (Android Package Kit) extension. Apps are developed with a software development kit (SDK), but .sdk is not a valid extension. Apple iOS apps use an .ipa (iOS App Store Package) extension. Only the Windows desktop operating system can execute .exe files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which policy would you create to define the minimum specification if an employee wanted to use their own device for email?

A. MDM

B. AUP

C. BYOD

D. NDA

A

C. BYOD

A bring your own device (BYOD) policy defines the minimum specifications for an employee’s device used for work-related access. The mobile device management (MDM) software would usually police these specifications, but it would not define them. The acceptable use policy (AUP) is a code of conduct when dealing with organization resources. The non-disclosure agreement (NDA) is an agreement used when dealing with intellectual property.

17
Q

What kind of mobile app is being used when the owner’s phone displays a message on the screen and emits an extremely loud tone?

A. Failed login restriction

B. Antivirus

C. Locator

D. Remote wipe

A

C. Locator

Locator apps can find the phone and then display a message that can be read even while the phone is locked. Locator apps also often give the user the option to make the phone blare a noise to aid in finding the device. Failed login restrictions will wipe a device if a specific number of wrong passwords are entered. Antivirus apps make sure that your phone does not get a virus, but they offer no way to message or locate the device. Remotely wiping a mobile device is a feature of locator apps, but it is not itself an app that displays messages and produces noises.

18
Q

Your boss is concerned that USB drives could infect the workstation. What can you do to mitigate this risk?

A. Install current updates to the operating system

B. Disable autorun for all media

C. Enable BitLocker

D. Enable BitLocker to Go

A

B. Disable autorun for all media

Disabling autorun for all media will mitigate the risk of a potential virus being automatically run from USB drives. Installing current updates to the operating system will not prevent a USB drive from performing an autorun. Enabling BitLocker will not prevent autorun from launching. Enabling BitLocker to Go will not prevent autorun from launching.

19
Q

Which term refers to copying data between a mobile device and a computer system in order to mirror such things as contacts, programs, pictures, and music?

A. Calibration

B. Remote wipe

C. Pairing

D. Synchronization

A

D. Synchronization

Synchronizing a mobile device with a computer system allows you to mirror personal data between the devices, regardless of which one contains the most current data. Calibration refers to matching the device’s and user’s perceptions of where the user is touching the screen. Remote wipes allow you to remove personal data from a lost or stolen device. Pairing is what must be done in Bluetooth for two Bluetooth devices to connect and communicate.

20
Q

You are trying to delete a file on the local filesystem, but the operating system will not let you. What could be the problem? (Choose the best answer.)

A. The NTFS Modify permission is applied to the file.

B. The share permissions are not set to Full Control.

C. The file attributes are set to Read-only.

D. The file attributes are set to System.

A

C. The file attributes are set to Read-only.

The file attributes are most likely set to Read-only, thus not permitting the file to be deleted. The Modify permission would not hinder the file from being deleted. The share permissions would not have any bearing on the problem, since the local filesystem is being accessed. The file attributes being set to System would not restrict a file from being deleted.