11 Endpoint Security Flashcards

1
Q

What is the importance of using appropriate cryptographic solutions?

A

Ensures data confidentiality, integrity, and authenticity.

Tools include Trusted Platform Module (TPM), Hardware Security Module (HSM), Key Management System, and Secure Enclave.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the types of vulnerabilities?

A

Operating system (OS)-based, Hardware (Firmware, End-of-life, Legacy), Misconfiguration.

Each type presents different risks that need to be managed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of mitigation techniques in securing the enterprise?

A

To reduce risk and enhance security through strategies such as patching, encryption, and configuration enforcement.

Other techniques include decommissioning and hardening techniques.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

List some hardening techniques.

A
  • Encryption
  • Installation of endpoint protection
  • Host-based firewall
  • Host-based intrusion prevention system (HIPS)
  • Disabling ports/protocols
  • Default password changes
  • Removal of unnecessary software

Hardening techniques are critical for securing systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the security implications of different architecture models?

A

Architecture models can affect the security posture of IoT, Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Real-time Operating Systems (RTOS), and Embedded Systems.

Understanding these implications is crucial for security planning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are secure baselines?

A

Establish, Deploy, Maintain.

Secure baselines help ensure consistent security configurations across systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does proper hardware, software, and data asset management entail?

A
  • Acquisition/procurement process
  • Assignment/accounting (Ownership, Classification)
  • Monitoring/asset tracking (Inventory, Enumeration)
  • Disposal/decommissioning (Sanitization, Destruction, Certification, Data retention)

Effective asset management is key to maintaining security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What tools are used for security alerting and monitoring?

A
  • Antivirus
  • Data Loss Prevention (DLP)

These tools help detect and respond to security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is endpoint detection and response (EDR)?

A

A security solution for detecting, investigating, and responding to endpoint threats.

EDR is part of enhancing overall security capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True or False: Endpoints significantly outnumber servers and network devices in most organizations.

A

True

This makes endpoint protection a major task for security professionals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some techniques to secure a system’s boot process?

A

Secure boot, firmware validation, and integrity checks.

These techniques help prevent unauthorized access at startup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fill in the blank: _______ involves the practices of detecting, preventing, and remediating malware infections.

A

Antimalware and antivirus tools

These tools are essential for maintaining system integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What specialized systems are discussed in relation to security requirements?

A

Embedded systems, Real-time Operating Systems (RTOS), SCADA, and Industrial Control Systems (ICS).

They have different security needs compared to traditional systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the role of asset inventories in organizational security?

A

To track and manage assets effectively, ensuring accountability and security compliance.

Asset inventories are critical for security operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a key element in security operations related to operating systems?

A

Properly securing operating systems

This includes workstations, mobile devices, servers, and other types of devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What can be exploited by attackers in operating systems?

A

Vulnerabilities in the operating system itself

This drives the need for ongoing patching.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is meant by minimizing an operating system’s attack footprint?

A

Reducing the number of exposed services that can be targeted

This involves configuring systems appropriately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are potential paths for attackers in operating systems?

A

Defaults like default passwords and insecure settings

Insecure defaults can lead to vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are configuration baselines?

A

Security practices intended to avoid insecure defaults

They help ensure that systems are set up securely from the start.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the difference between configurations and defaults?

A

Configurations are intentional but may be insecure, while defaults are pre-set values

Both can lead to vulnerabilities if not managed properly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What type of security tools can help limit configuration issues?

A

Tools that support mandatory access control

These tools help mitigate potential vulnerabilities introduced by configurations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is misconfiguration?

A

A mistake made in system configuration

It is a common way for attackers to exploit systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What remains a consistent way for attackers to overcome security measures?

A

Human error

Misconfiguration often results from mistakes made by individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What does the Security+ exam outline say about operating system-based vulnerabilities?

A

It is vague and just lists ‘OS-based’

This requires deeper understanding during study.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What factors impact an organization's security regarding operating systems?
Choice of operating system, its defaults, security configuration, and support model ## Footnote Each of these elements plays a crucial role in overall security.
26
What are hardware vulnerabilities?
Hardware vulnerabilities are weaknesses in hardware components that can be exploited, affecting security designs.
27
What are compensating controls?
Compensating controls are alternative security measures implemented to mitigate the impact of vulnerabilities.
28
What types of vulnerabilities should test takers explain according to the Security+ exam outline?
Hardware vulnerabilities related to firmware, end-of-life hardware, and legacy hardware.
29
What is firmware?
Firmware is the embedded software that allows devices to function, closely tied to hardware.
30
Can firmware be updated?
Firmware can often be updated but may require manual updates depending on device design.
31
What are some paths through which firmware attacks may occur?
* Executable updates * User downloads of malicious firmware * Remote network-enabled updates
32
Why are firmware vulnerabilities particularly concerning?
Malicious firmware persists even after reinstalling the operating system or other software.
33
What is an example of a firmware attack?
2022's MoonBounce malware targets a computer's Serial Peripheral Interface (SPI) flash memory.
34
What is the significance of firmware validation?
Firmware validation is crucial for security practitioners to ensure the integrity of device firmware.
35
What does 'end-of-life' hardware indicate?
End-of-life hardware is no longer sold but may still receive support for a limited time.
36
What is meant by 'end of support'?
End of support is the last date on which the vendor provides support or updates for a product.
37
Define 'end of sales'.
End of sales is the last date a specific model or device will be sold, though it may still be available through resellers.
38
What does the term 'legacy' refer to?
Legacy describes hardware, software, or devices that are no longer supported.
39
Fill in the blank: Firmware attacks may occur through _______.
[any path that allows access to the firmware]
40
True or False: Firmware attacks can be removed by reinstalling the operating system.
False
41
What is a critical security control mentioned for firmware protection?
Trusted boot.
42
What is meant by the term 'endpoints' in a network?
Endpoints refer to devices like desktops, mobile devices, and servers that are the endpoints of a network.
43
What are the two techniques modern UEFI firmware uses to ensure boot integrity?
* Secure Boot * Measured Boot
44
What is the purpose of Secure Boot?
Secure Boot ensures that the system boots using only software that the original equipment manufacturer (OEM) trusts.
45
What does Measured Boot do?
Measured Boot measures each component of the boot process and relies on UEFI firmware to hash firmware, bootloader, and drivers.
46
What is the role of the Trusted Platform Module (TPM) in boot integrity?
TPM stores the data gathered from the boot process and allows validation of the boot state remotely.
47
What are the three major functions of TPM chips?
* Remote attestation * Binding * Sealing
48
What are hardware security modules (HSMs) used for?
HSMs are used to create, store, and manage digital keys for cryptographic functions and authentication.
49
What is a key management service (KMS)?
KMS is a service used to manage cryptographic keys and secrets centrally.
50
What methods do antimalware tools use to detect malware?
* Signature-based detection * Heuristic-based detection * AI and machine learning
51
What is sandboxing in the context of antimalware tools?
Sandboxing is an isolated environment where potentially dangerous software can be run to observe its actions.
52
True or False: Allow lists are more secure than deny lists.
True
53
What is the main function of Endpoint Detection and Response (EDR) tools?
EDR tools monitor endpoint devices and systems to collect, correlate, and analyze events for suspicious activity.
54
What distinguishes Extended Detection and Response (XDR) from EDR?
XDR takes a broader perspective, considering the entire technology stack of an organization, not just endpoints.
55
What are key elements of Data Loss Prevention (DLP) systems?
* Data classification * Data labeling/tagging * Policy management and enforcement * Monitoring and reporting
56
Fill in the blank: A _______ is a list of software that is allowed to run on a system.
[allow list]
57
What is the primary purpose of host-based firewalls?
Host-based firewalls protect endpoints from unwanted network traffic.
58
What challenge do organizations face when maintaining allow lists and deny lists?
The effort required to maintain the lists is a significant challenge.
59
What is the function of the hardware root of trust?
The hardware root of trust contains cryptographic keys that secure the boot process.
60
List two examples of secure elements similar to TPM.
* Apple's Secure Enclave * Google's Titan M
61
What is the primary goal of DLP systems?
To protect organizational data from theft and inadvertent exposure.
62
What is the significance of policy management in DLP systems?
Policy management ensures that data handling meets organizational standards.
63
True or False: EDR tools do not provide capabilities for manual investigation.
False
64
What feature of EDR systems helps in detecting suspicious data?
The ability to search and explore collected data.
65
What does EDR stand for?
Endpoint Detection and Response ## Footnote EDR is a security solution that helps organizations detect and respond to threats on endpoints.
66
What is the purpose of XDR?
Extended Detection and Response ## Footnote XDR integrates multiple security products into a cohesive system for improved threat detection and response.
67
What significant threats have led to the adoption of EDR and XDR?
Ransomware and other malicious software
68
What does DLP stand for?
Data Loss Prevention ## Footnote DLP tools are used to ensure sensitive data does not leave the organization.
69
What is a host-based firewall?
A firewall built into most modern operating systems that stops unwanted traffic.
70
How do host-based firewalls typically operate?
They block or allow specific applications, services, ports, or protocols.
71
What is the function of a host intrusion prevention system (HIPS)?
Analyzes traffic before services or applications process it and can take action on that traffic.
72
What can a HIPS do with malicious traffic?
Filter out malicious traffic or block specific elements of the data received.
73
What problem can occur if a HIPS misidentifies legitimate traffic?
It can block legitimate traffic, potentially causing an outage.
74
What incident occurred when a HIPS was deployed in a datacenter?
The HIPS blocked backend traffic due to unrecognized protocol changes from a Windows update.
75
What is the main difference between a host-based intrusion detection system (HIDS) and a HIPS?
A HIDS can only report and alert on issues, while a HIPS can take action to block traffic.
76
What is a key consideration before deploying HIPS or HIDS?
How to manage them and what would happen if problems occurred.
77
What role do granular controls play in security?
They are an important part of a zero-trust design.
78
What can prevent network security devices from seeing traffic?
Network switches that allow traffic to move from system to system.
79
What is a potential issue with using a HIDS in real-time security?
It has a limited use for real-time security due to its inability to block traffic.
80
Fill in the blank: A HIPS can analyze traffic _______ services or applications process it.
before
81
What is hardening in the context of systems and applications?
Changing settings on the system to increase overall security and reduce vulnerability to attack. ## Footnote The concept of a system's attack surface is important when performing system hardening.
82
What are common organizations that provide hardening guides?
* Center for Internet Security (CIS) * National Institute of Standards and Technology (NIST) ## Footnote Guides are available for operating systems, browsers, and various other hardening targets.
83
What are key hardening items listed in the Security+ exam outline?
* Encryption * Installing endpoint protection * Host-based firewalls * Host-based intrusion prevention systems * Disabling ports and protocols * Changing default passwords * Removing unnecessary software ## Footnote These are essential concepts to understand for the exam.
84
How can the attack surface of a system be decreased?
By reducing the number of open ports and services. ## Footnote Disabling unnecessary ports and protocols makes it harder for attackers to exploit systems.
85
What is the purpose of port scanners in security?
To quickly assess which ports are open on systems on a network. ## Footnote This allows security practitioners to identify and prioritize hardening targets.
86
What is the rule of thumb for hardening services and ports?
Only services and ports that must be available should be open, limited to necessary networks or systems. ## Footnote This minimizes potential attack vectors.
87
Which port is commonly used for Secure Shell (SSH) in Linux systems?
22/TCP. ## Footnote SSH is more common in Linux than in Windows.
88
Which command in Ubuntu can check which services are running?
service --status-all. ## Footnote This command helps identify services for starting or stopping.
89
What is a common technique used in hardening networks?
Using VLANs (virtual local area networks) to segment different trust levels or user groups. ## Footnote This practice helps protect vulnerable devices and manage network security.
90
Why is changing default passwords important in hardening practices?
Default passwords are often documented and publicly available, creating significant risk. ## Footnote Databases of default passwords can be found online.
91
What is a key practice in hardening efforts regarding software?
Removing unnecessary software. ## Footnote This reduces potential vulnerabilities and the need for patching.
92
What is a challenge with mobile devices in terms of hardening?
Vendor-supplied tools can create vulnerabilities. ## Footnote Mobile device management platforms can help address these issues.
93
Fill in the blank: The best option for unneeded services is to ______ them entirely.
disable. ## Footnote This is preferable to merely blocking them using a firewall.
94
True or False: You need to know OS-specific commands for the Security+ exam.
False. ## Footnote Understanding the concept of disabling services is sufficient.
95
What is the primary purpose of operating system hardening?
To reduce the attack surface for your operating system.
96
What benchmarks can be used for hardening operating systems?
Center for Internet Security (CIS) benchmarks.
97
What is the recommended password history setting according to CIS benchmarks for Windows?
Remember 24 or more passwords.
98
What is the maximum password age recommended by CIS benchmarks?
365 or fewer days, but not 0.
99
What is the minimum password length recommended by CIS benchmarks?
14 or more characters.
100
What type of encryption should be disabled according to CIS benchmarks?
Reversible encryption for password storage.
101
What is the Windows Registry's role in the operating system?
It tracks system activities and configurations.
102
What is one method to harden the Windows Registry?
Disallow remote Registry access if not required.
103
What is a Group Policy Object (GPO)?
A tool to control settings in Windows systems and domains.
104
What does the Security Compliance Toolkit (SCT) do?
Works with security configuration baselines for Windows and other Microsoft applications.
105
What is SELinux?
A Linux kernel-based security module providing additional security capabilities.
106
What type of access control does SELinux enforce?
Mandatory access control (MAC).
107
What is AppArmor in relation to Linux hardening?
Another tool implementing mandatory access controls for Linux.
108
What is the first phase of a baseline's life cycle in configuration management?
Establishing a baseline.
109
What is the importance of patch management?
To ensure systems and software are up to date and secure.
110
What is full-disk encryption (FDE)?
Encryption that protects the entire disk and requires a decryption key for access.
111
What is a common risk associated with patching systems?
Patches may introduce new flaws.
112
What is the common practice regarding patch installation after release?
Delay installation for a few days to assess potential issues.
113
What happens if the encryption key for a disk is lost?
The data on the drive will likely be unrecoverable.
114
What is the advantage of self-encrypting drives (SED)?
Implement encryption capabilities in hardware and firmware.
115
Fill in the blank: The process of managing configurations in an enterprise environment is called _______.
Configuration management.
116
True or False: The CIS benchmarks provide a single, unmodifiable standard for all organizations.
False.
117
What is the role of configuration management tools?
To enforce standards, manage systems, and report on security settings.
118
What is the impact of disk encryption on lost or stolen systems?
It can be treated as a loss of the system rather than a data breach.
119
What is one key feature of enterprise patch management?
The ability to force updates to be installed.
120
What is the primary purpose of operating system hardening?
To reduce the attack surface for your operating system.
121
What benchmarks can be used for hardening operating systems?
Center for Internet Security (CIS) benchmarks.
122
What is the recommended password history setting according to CIS benchmarks for Windows?
Remember 24 or more passwords.
123
What is the maximum password age recommended by CIS benchmarks?
365 or fewer days, but not 0.
124
What is the minimum password length recommended by CIS benchmarks?
14 or more characters.
125
What type of encryption should be disabled according to CIS benchmarks?
Reversible encryption for password storage.
126
What is the Windows Registry's role in the operating system?
It tracks system activities and configurations.
127
What is one method to harden the Windows Registry?
Disallow remote Registry access if not required.
128
What is a Group Policy Object (GPO)?
A tool to control settings in Windows systems and domains.
129
What does the Security Compliance Toolkit (SCT) do?
Works with security configuration baselines for Windows and other Microsoft applications.
130
What is SELinux?
A Linux kernel-based security module providing additional security capabilities.
131
What type of access control does SELinux enforce?
Mandatory access control (MAC).
132
What is AppArmor in relation to Linux hardening?
Another tool implementing mandatory access controls for Linux.
133
What is the first phase of a baseline's life cycle in configuration management?
Establishing a baseline.
134
What is the importance of patch management?
To ensure systems and software are up to date and secure.
135
What is full-disk encryption (FDE)?
Encryption that protects the entire disk and requires a decryption key for access.
136
What is a common risk associated with patching systems?
Patches may introduce new flaws.
137
What is the common practice regarding patch installation after release?
Delay installation for a few days to assess potential issues.
138
What happens if the encryption key for a disk is lost?
The data on the drive will likely be unrecoverable.
139
What is the advantage of self-encrypting drives (SED)?
Implement encryption capabilities in hardware and firmware.
140
Fill in the blank: The process of managing configurations in an enterprise environment is called _______.
Configuration management.
141
True or False: The CIS benchmarks provide a single, unmodifiable standard for all organizations.
False.
142
What is the role of configuration management tools?
To enforce standards, manage systems, and report on security settings.
143
What is the impact of disk encryption on lost or stolen systems?
It can be treated as a loss of the system rather than a data breach.
144
What is one key feature of enterprise patch management?
The ability to force updates to be installed.
145
What are embedded systems?
Computer systems built into other devices, often specialized and with specific functions.
146
What is a real-time operating system (RTOS)?
An operating system that processes data as it comes in without waiting for other tasks.
147
What is the primary purpose of assessing embedded systems?
To ensure they remain secure and usable without causing malfunctions.
148
List the steps involved in assessing embedded systems.
* Identify the manufacturer and acquire documentation * Determine how it interfaces with the world * Identify services and secure connections * Learn about updates and patching cycles * Document response to security issues
149
What types of devices can include embedded systems?
* Medical systems * Smart meters * Vehicles * Drones and autonomous vehicles * VoIP systems * Printers * Surveillance systems
150
What does SCADA stand for?
Supervisory Control and Data Acquisition
151
What are the components commonly found in SCADA systems?
* Remote telemetry units (RTUs) * Programmable logic controllers (PLCs) * System control and monitoring interfaces
152
True or False: SCADA systems are designed with security as a primary consideration.
False
153
What are some common security concerns for IoT devices?
* Poor security practices * Short support lifespans * Vendor data-handling practices
154
Fill in the blank: Many embedded systems operate using _______ connectivity.
[cellular]
155
What is a significant risk associated with fitness trackers in sensitive areas?
They can reveal GPS data and routes used by personnel.
156
What is the role of the subscriber identity module (SIM) in cellular-enabled devices?
It provides identity and connectivity for the device.
157
What are Zigbee and Z-Wave?
Network protocols designed for personal area networks and home automation.
158
What are some constraints of embedded systems that impact security?
* Limited computational power * Potential lack of network connectivity * Low memory and storage capacity
159
What is the risk of using default configurations in specialized systems?
They may contain vulnerabilities that can be exploited.
160
What is the importance of documenting findings when assessing embedded systems?
To ensure appropriate practices are included in operational procedures.
161
What does the acronym RTU stand for?
Remote Terminal Unit, Remote Telemetry Unit, or Remote Telecontrol Unit.
162
What is a critical security measure for vehicles connected to the Internet?
Encrypting command-and-control channels.
163
What security challenges do low-power, specialized devices present?
They may not receive patches or support and can have long lifespans.
164
What is a common usage for SCADA systems?
Monitoring and controlling industrial processes.
165
Fill in the blank: ICS stands for _______.
[Industrial Control Systems]
166
What is a potential consequence of a compromised vehicle?
Shutting down safety features or taking control of the vehicle.
167
What is a significant concern when securing IoT devices?
Weak default settings and lack of network security.
168
How can printers be a security risk in a network?
They can act as access points to protected networks and may leak data.
169
What issues may arise due to limited connectivity in embedded systems?
Inability to patch, monitor, or maintain devices remotely ## Footnote Embedded systems are often deployed in areas with limited connectivity, affecting their management.
170
What factors can prevent authentication to an embedded system?
Lack of network connectivity, CPU and memory capacity ## Footnote Authentication may also be undesirable for safety or usability reasons.
171
What types of devices commonly utilize embedded systems?
* Industrial machinery * Sensors and monitoring systems * Household appliances ## Footnote These devices often operate without traditional network connectivity.
172
Why might replacing a vulnerable embedded device be challenging?
It is often a component in a larger specialized device ## Footnote This necessitates compensating controls or special design decisions.
173
What does implied trust in embedded devices refer to?
Presumption that operators interacting with the device are trusted ## Footnote Physical access is viewed as authorization to use or modify the device.
174
What security implications arise from the implied trust model in embedded devices?
Potential vulnerability for organizations ## Footnote This model must be reviewed and designed for before deployment.
175
True or False: Embedded systems are always connected to a traditional network.
False ## Footnote Many embedded systems are deployed outside of traditional networks.
176
Fill in the blank: Without authentication, other _______ need to be identified for embedded systems.
[security models] ## Footnote This is crucial to ensure authorized changes to the system.
177
What are the consequences of deploying embedded devices without considering their security?
They may become a potential vulnerability for organizations ## Footnote Security design considerations are essential during deployment.
178
What is the primary purpose of asset management?
To ensure the security of assets throughout their life cycle ## Footnote This includes hardware, software, and data.
179
What should acquisition and procurement processes include?
Security best practices and assessment ## Footnote Ensures appropriate security controls and practices.
180
What is the significance of asset inventories?
They help track assets through their lifespan and ensure security ## Footnote Includes identifying owners and classifying sensitive data.
181
What does enumeration typically involve?
Scanning to identify assets ## Footnote Some organizations use port and vulnerability scans.
182
True or False: Maintaining asset inventories helps organizations understand their assets.
True ## Footnote Lack of inventories can lead to uncontrolled risks.
183
What is decommissioning in asset management?
The process of removing a device or system from service and inventory ## Footnote Ensures no sensitive data remains on the system.
184
What are the two processes for sanitizing drives or media?
* Wiping the data * Destroying the media ## Footnote Both methods are important for secure disposal.
185
How does a degausser work?
Exposes magnetic media to strong electromagnetic fields to scramble data ## Footnote It is used to wipe tapes and similar magnetic media.
186
What is data remanence?
Data still present on a disk after an attempted wipe ## Footnote Particularly concerning with SSDs due to wear-leveling algorithms.
187
What is a recommended method for ensuring data is not recoverable on SSDs?
Use full-disk encryption and discard the encryption key ## Footnote This prevents data recovery even by advanced threats.
188
What is one popular option for organizations wanting to eliminate the risk of data exposure?
Destroying drives by shredding, pulverizing, or incinerating ## Footnote Third-party vendors often provide these services.
189
What is the purpose of certification processes in asset management?
To document that assets were decommissioned properly ## Footnote Certificates of destruction provide proof of disposal.
190
Fill in the blank: If drives aren't wiped, sensitive data may remain _______.
[on the system] ## Footnote This can lead to significant security incidents.
191
What are common reasons for data retention in organizations?
* Legal purposes * Business purposes * Compliance or audit components ## Footnote Retention periods can be determined by law.
192
What should disposal processes be aware of?
Retention policies and procedures ## Footnote Ensures compliance with legal and organizational requirements.
193
What risks can arise from retaining assets longer than necessary?
* Data breaches * Increased data availability during legal cases ## Footnote Proper disposal is critical to mitigate these risks.
194
195
196
197
What is the port number for FTP?
21
198
What is the port number for SSH?
22
199
What is the port number for Telnet?
23
200
What is the port number for HTTP?
80
201
What is the port number for HTTPS?
443
202
Which services are considered secure options for remote shell access?
* SSH (Port 22) * HTTPS (Port 443)
203
True or False: HTTPS can be used for secure file transfer.
True
204
Naomi's best option is to disable which three likely unsecure protocols?
* FTP (port 21) * Telnet (port 23) * HTTP (port 80)
205
Fill in the blank: Secure mode FTP is also known as _______.
[FTP/S]
206
What is the primary concern regarding FTP, Telnet, and HTTP?
They are likely unsecure protocols.