11 - Endpoint Security Flashcards
Question 17 has been omitted for brevity. Explain the security implications of embedded and specialized systems; and given scenarios, assess and use appropriate tools to diagnose and resolve host/application security issues
Charles want to monitor changes to a log file via command line in real time. Which of the following command-line Linux tools will let him see the last lines of a log file as they change?
tail
Naomi has discovered the following TCP ports open on a system she wants to harden. Which ports are used for unsecure services and thus should be disabled to allow their secure equivalents to continue to be used?
[21, 22, 23, 80, and 443]
21, 23, and 80
Frank’s org is preparing to deploy a data loss prevention (DLP) system. What key process should they undertake before they deploy it?
Implement and use a data classification scheme
The company that Theresa works for has deployed IoT sensors that have built-in cellular modems for communication back to a central server. What issue may occur if the devices can be accessed by attackers?
Attackers may steal SIM cards from the devices and use them for their own purposes.
What are the typical security concerns with MFPs?
Multi-function printers (MFP) could expose sensitive data from copies or scans, and act as a reflector and amplifier for network attacks.
Michelle wants to prevent unauthorized applications from being installed on a system. What type of tool can she use to allow only permitted applications to be installed?
An Allow List Application
What term is used to describe tools focused on detecting and responding to suspicious activities occurring on endpoints like desktops, laptops, and mobile devices?
Endpoint Detection and Response (EDR)
Which of the following is not typically part of a SoC?
- A CPU
- A display
- Memory
- I/O
A System on a Chip (SoC) does not have traditional memory
What scripting environment is native to Windows systems?
PowerShell
Amanda is assessing a car’s internal network. What type of b-u-s is she most likely to discover connecting its internal sensors and controllers?
A Controller Area Network (CAN) bus
The company that Hui works for has built a device based on an Arduino and wants to standardize its deployment across the entire org. What type of device has Hui’s org deployed, and where should Hui place her focus on securing it?
A microcontroller, and on physical security
True or False: the avoidance of IP address exhaustion in a subnet is a good reason to use an IP addressing schema in an enterprise.
True
Brian has deployed a system that monitors sensors and uses that data to manage the power distribution for the power company he works for. What term is commonly used to describe this type of control and monitoring system?
Supervisory Control and Data Acquisition (SCADA)
The org that Lynn works for want to deploy an embedded system that needs to process data as it comes in to the device without processing delays or other interruptions. What type of solution does Lynn’s company need to deploy?
A Real-Time Operating System (RTOS)
Which of the following is NOT a common constraint of an embedded system?
- Compute
- Form Factor
- Network
- Authentication
Form Factor