Chapter 9 Enterprise Mobility and Endpoint Security

Question 1

Some executives from an organization attend an industry conference. Using mobile devices and wireless headsets, they are able to stay in touch with colleagues back at the workplace. What may present a security concern in this situation?

A. Tethering
B. WPA3
C. Device Certificates
D. Bluetooth

Answer 1

D. Bluetooth

Question 2

Some marketing executives from an organization attend an international trade exhibition and must connect to the company email by using their mobile devices during the event. The CISO is concerned this may represent a risk. What would best mitigate this risk?

A. NFC
B. A split tunnel VPN
C. Geofencing
D. Always on VPN Settings

Answer 2

D. Always on VPN Settings

Question 3

What function should be disabled to ensure scientists cannot use their mobile devices to bridge the corporations network with a cellular operators network?

A. Tethering
B. WPA3
C. Device Certificates
D. Bluetooth

Answer 3

A. Tethering

Question 4

What should be implemented to ensure only company approved applications can be installed on company devices?

A. Containerization
B. Token based access
C. A patch repository
D. Whitelisting

Answer 4

D. Whitelisting

Question 5

A user calls the service desk because her Samsung smart phone is prompting her to install updates that the vendor says will offer more functionality and security. What is this an example of?

A. MFA requirements
B. Token based access
C. A patch repo
D. Firmware over the air

Answer 5

D. Firmware over the air

Question 6

An employee’s company mobile device is reported as stolen 24 hours after the event. Sensitive data has been posted online by hackers. What would have mitigated this risk if the report had been made earlier?

A. MFA requirements
B. A remote wipe
C. A patch repo
D. Firmware over the air

Answer 6

B. A remote wipe

Question 7

What type of setting will ensure mobile devices will only be able to access WiFi when they connect securely to the company WLAN?

A. WPA3 SAE
B. Device certificates
C. Device profiles
D. Bluetooth

Answer 7

C. Device profiles

Question 8

An employee has noticed several suspicious payments made from a company debit card via Google Pay on their company smartphone. They recently attended a busy trade conference.. What technology was likely used to make the payments?

A. NFC
B. Peripherals
C. Geofencing
D. VPN settings

Answer 8

A. NFC

Question 9

How can we prevent certain mobile applications from being accessible when employees take COPE devices out of the warehouse?

A. NFC
B. MFA
C. Geofencing
D. VPN settings

Answer 9

C. Geofencing

Question 10

The service desk receives a call from a senior manager. She is concerned that spyware may be installed on her smartphone. Recent news, traffic, and weather updates have been targeted specifically for her location. What is the most likely reason for this activity?

A. Airplane mode
B. Location services
C. NFC
D. Geofencing

Answer 10

B. Location services

Question 11

A user is concerned that DNS lookups may be logged by government agencies. The user would like to protect their privacy. What would be the best method to protect privacy during name resolution?

A. Geofencing
B. VPN Settings
C. DNS over HTTPS (DoH)
D. Containerization

Answer 11

C. DNS over HTTPS (DoH)

Question 12

A nation state sends a security team to scope out a military site in California in the United States. They use mobile devices to gather images, map the locations of communications equipment and record detailed information about troop movements. What are they performing?

A. Geotagging
B. Geofencing
C. Physical recon
D. Personal data theft

Answer 12

C. Physical recon

Question 13

A personal device has many applications installed that are not available through the Apple App Store. The device subsequently fails compliance checks. What has likely made the device fail to be compliant with the security policies?

A. Jailbreaking
B. Sideloading
C. Containerization
D. An unauthorized application store

Answer 13

A. Jailbreaking

Question 14

A senior employee has followed a QC link and installed a mobile application used to order food and beverages at a local restaurant. The application is not available on the Google play store. Acceptable use policy states that applications can only be downloaded from the official vendor store. What best describes what has allowed this application to be installed?

A. Supply chain issues
B. Sideloading
C. Containerization
D. An unauthorized application store

Answer 14

D. An unauthorized application store

Question 15

Developers need to test mobile applications on a variety of hardware before making them available on official application stores. How can they install the applications locally on mobile devices?

A. Update the supply chain
B. Use sideloading
C. Use containerization
D. Use an unauthorized application store

Answer 15

B. Use sideloading

Question 16

A sales director would like to allow sales employees to use their personal devices for accessing company applications and data as part of an effort to reduce business costs. What would be the best control to mitigate the risk of employees co mingling personal and company data?

A. Geotagging
B. Geofencing
C. Containerization
D. Remote wipes

Answer 16

C. Containerization

Question 17

When on a business trip, a CEO was detained for several hours at border control. When he was eventually reunited with his mobile phone, it had physical evidence of tampering. He powered on the device and input the correct pin, but found that all of the company applications and data were inaccessible.. What has led to this situation?

A. Geofencing
B. Containerization
C. Remote wipes
D. eFuse

Answer 17

D. eFuse

Question 18

A user has been able to run an unmanaged Linux operating system alongside a managed Windows 10 build on a company laptop. What actions would allow security professionals to prevent this issue from reoccurring?

A. Removing end of support devices
B. Using local drive encryption
C. Disabling CPU virtualization support
D. Enforcing secure encrypted enclaves and SME

Answer 18

C. Disabling CPU virtualization support

Question 19

Security administrators have deployed SELinux in enforcing mode. All unnecessary services have been removed. In a further attempt to enforce security, a number of commands including vmstat and grep have been blocked from some user accounts. What best describes this action?

A. Whitelisting
B. Shell restrictions
C. ASLR
D. Memory Encryption

Answer 19

B. Shell restrictions

Question 20

The CISO is meeting with software engineers to better understand some of the challenges that they face. He is asking if there are any setting that can be incorporated into build images that will help to prevent attacks against the system memory. What two features should be chosen?

A. ASLR
B. Patching
C. Firmware
D. NX/XN

Answer 20

A. ASLR
D. NX/XN

Question 21

What is deployed to mitigate the risk of privilege elevation and the misuse of applications on Android mobile devices?

A. SELinux
B. TPM Technology
C. SEAndroid
D. Attestation services

Answer 21

C. SEAndroid

Question 22

What build in module stores PCR values and enforces integrity on a hardware platform?

A. The TPM module
B. Secure Boot Mode
C. UEFI
D. The BIOS

Answer 22

A. The TPM module

Question 23

What would be the best choice of technical control to block a fast spreading worm that targets a well known NetBIOS port?

A. UEBA
B. A host based firewall
C. A HIDS
D. Redundant hardware

Answer 23

B. A host based firewall

Question 24

A reporting tool has alerted the administrator that Joe who is leaving the company in 4 weeks has uploaded a large number of PDF document to his personal cloud storage. What has likely triggered this event?

A. UEBA
B. A host based firewall
C. EDR Software
D. Self healing hardware

Answer 24

A. UEBA