11 - Endpoint Security Flashcards

Question 17 has been omitted for brevity. Explain the security implications of embedded and specialized systems; and given scenarios, assess and use appropriate tools to diagnose and resolve host/application security issues

1
Q

Charles want to monitor changes to a log file via command line in real time. Which of the following command-line Linux tools will let him see the last lines of a log file as they change?

A

tail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Naomi has discovered the following TCP ports open on a system she wants to harden. Which ports are used for unsecure services and thus should be disabled to allow their secure equivalents to continue to be used?

[21, 22, 23, 80, and 443]

A

21, 23, and 80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Frank’s org is preparing to deploy a data loss prevention (DLP) system. What key process should they undertake before they deploy it?

A

Implement and use a data classification scheme

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The company that Theresa works for has deployed IoT sensors that have built-in cellular modems for communication back to a central server. What issue may occur if the devices can be accessed by attackers?

A

Attackers may steal SIM cards from the devices and use them for their own purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the typical security concerns with MFPs?

A

Multi-function printers (MFP) could expose sensitive data from copies or scans, and act as a reflector and amplifier for network attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Michelle wants to prevent unauthorized applications from being installed on a system. What type of tool can she use to allow only permitted applications to be installed?

A

An Allow List Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What term is used to describe tools focused on detecting and responding to suspicious activities occurring on endpoints like desktops, laptops, and mobile devices?

A

Endpoint Detection and Response (EDR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is not typically part of a SoC?

  • A CPU
  • A display
  • Memory
  • I/O
A

A System on a Chip (SoC) does not have traditional memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What scripting environment is native to Windows systems?

A

PowerShell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Amanda is assessing a car’s internal network. What type of b-u-s is she most likely to discover connecting its internal sensors and controllers?

A

A Controller Area Network (CAN) bus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The company that Hui works for has built a device based on an Arduino and wants to standardize its deployment across the entire org. What type of device has Hui’s org deployed, and where should Hui place her focus on securing it?

A

A microcontroller, and on physical security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

True or False: the avoidance of IP address exhaustion in a subnet is a good reason to use an IP addressing schema in an enterprise.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Brian has deployed a system that monitors sensors and uses that data to manage the power distribution for the power company he works for. What term is commonly used to describe this type of control and monitoring system?

A

Supervisory Control and Data Acquisition (SCADA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The org that Lynn works for want to deploy an embedded system that needs to process data as it comes in to the device without processing delays or other interruptions. What type of solution does Lynn’s company need to deploy?

A

A Real-Time Operating System (RTOS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is NOT a common constraint of an embedded system?

  • Compute
  • Form Factor
  • Network
  • Authentication
A

Form Factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Jim configures a Windows machine with the built-in BitLocker full disk encryption tool. When is the machine least vulnerable to having data stolen from it?

A

When the machine is off

17
Q

Lucca is prototyping an embedded system and wants to use a device that can run a full Linux operation system so that he can install and use a firewall and other security software to protect a web service he will run on it. What hardware solution should he use?

A

A Raspberry Pi

18
Q

Chris wants systems that connect to his network to report their boot processes to a server where they can be validated before being permitted to join the network. What tech should he use to do this on the workstation?

A

UEFI/Measured Boot

19
Q

Elaine wants to securely erase the contents of a tape used for backups in her org’s tape library. What is the fastest secure erase method available to her that will allow the tape to be REUSED?

A

Use a degausser (since tapes are magnetic media)