JAMF 170 - Practice Exam Flashcards
Practice Exam Questions
What is the purpose of the Boot ROM?
A. To ensure Setup Assistant runs on all new Apple devices
B. To ensure only trusted operating system software from Apple loads at startup
C. To perform a hardware check at startup
D. To store saved passwords
B
Turning on/off FileVault in System Settings requires administrator credentials.
A. True
B. False
A
In Jamf Pro, where can an administrator check who viewed a FileVault recovery key and when they viewed it?
A. Admin Log
B. Audit Log
C. System Log
D. Security Log
B
Apps available outside the App Store can be opened with the default Gatekeeper settings if they are signed with an Apple-issued Developer ID and __________.
A. Free
B. Paid
C. Notarized
D. In .app format
C
In the MITRE ATT&CK Matrix, what is a technique?
A. The goal of a malicious actor
B. The action or method used to achieve a tactical goal
C. A real-world example of a technique in action
D. The outcome of installing malware
B
Which MITRE ATT&CK Matrix details techniques used by malicious actors before attempting to compromise a system?
A. PRE Matrix
B. macOS Matrix
C. Technique Matrix
D.Scout Matrix
A
The CIS Benchmark for macOS contain three levels of profiles.
A.True
B. False
B
Which section of a profile in the CIS Benchmarks details what may happen if the profile is not implemented?
A. Description
B. Rationale
C. Impact
D. Audit
C
Which section of a profile in the CIS Benchmark for macOS contains the workflow to ensure a Mac is in compliance?
A. Rationale
B. Remediation
C. Impact
D. Audit
B
When working with the macOS Security Compliance Project, which option is used to enable tailoring when running the generate_baseline.py script?
A. -e
B. -g
C. -k
D. -t
D
When working with the macOS Security Compliance Project, which option is used to generate a compliance script when running the generate_guidance.py script?
A. -H
B. -l
C. -p
D. -s
D
When working with the macOS Security Compliance Project, it is recommended to always work off the main branch.
A. True
B. False
B
Which page in Jamf Protect contains rules that align with the MITRE ATT&CK Matrix to detect unwanted behavior on macOS?
A. Analytics
B. Plans
C. Actions
D. Threat Prevention
A
What must be paired with a plan to control the storage and collection of data from computers?
A. Alerts
B. Jamf Protect API
C. Threat prevention
D. Action configuration
D
What setting in a Jamf Protect plan controls the amount of data sent to the macOS Unified Log?
A. Communication protocol
B. Log level
C. Log type
D. Telemetry
B