JAMF 170 - Practice Exam

Question 1

What is the purpose of the Boot ROM?

A. To ensure Setup Assistant runs on all new Apple devices

B. To ensure only trusted operating system software from Apple loads at startup

C. To perform a hardware check at startup

D. To store saved passwords

Answer 1

B

Question 2

Turning on/off FileVault in System Settings requires administrator credentials.

A. True

B. False

Answer 2

A

Question 3

In Jamf Pro, where can an administrator check who viewed a FileVault recovery key and when they viewed it?

A. Admin Log

B. Audit Log

C. System Log

D. Security Log

Answer 3

B

Question 4

Apps available outside the App Store can be opened with the default Gatekeeper settings if they are signed with an Apple-issued Developer ID and __________.

A. Free

B. Paid

C. Notarized

D. In .app format

Answer 4

C

Question 5

In the MITRE ATT&CK Matrix, what is a technique?

A. The goal of a malicious actor

B. The action or method used to achieve a tactical goal

C. A real-world example of a technique in action

D. The outcome of installing malware

Answer 5

B

Question 6

Which MITRE ATT&CK Matrix details techniques used by malicious actors before attempting to compromise a system?

A. PRE Matrix

B. macOS Matrix

C. Technique Matrix

D.Scout Matrix

Answer 6

A

Question 7

The CIS Benchmark for macOS contain three levels of profiles.

A.True

B. False

Answer 7

B

Question 8

Which section of a profile in the CIS Benchmarks details what may happen if the profile is not implemented?

A. Description

B. Rationale

C. Impact

D. Audit

Answer 8

C

Question 9

Which section of a profile in the CIS Benchmark for macOS contains the workflow to ensure a Mac is in compliance?

A. Rationale

B. Remediation

C. Impact

D. Audit

Answer 9

B

Question 10

When working with the macOS Security Compliance Project, which option is used to enable tailoring when running the generate_baseline.py script?

A. -e

B. -g

C. -k

D. -t

Answer 10

D

Question 11

When working with the macOS Security Compliance Project, which option is used to generate a compliance script when running the generate_guidance.py script?

A. -H

B. -l

C. -p

D. -s

Answer 11

D

Question 12

When working with the macOS Security Compliance Project, it is recommended to always work off the main branch.

A. True

B. False

Answer 12

B

Question 13

Which page in Jamf Protect contains rules that align with the MITRE ATT&CK Matrix to detect unwanted behavior on macOS?

A. Analytics

B. Plans

C. Actions

D. Threat Prevention

Answer 13

A

Question 14

What must be paired with a plan to control the storage and collection of data from computers?

A. Alerts

B. Jamf Protect API

C. Threat prevention

D. Action configuration

Answer 14

D

Question 15

What setting in a Jamf Protect plan controls the amount of data sent to the macOS Unified Log?

A. Communication protocol

B. Log level

C. Log type

D. Telemetry

Answer 15

B

Question 16

Which setting in a Jamf Protect plan controls what information is collected from a Mac during check-in?

A. Communication protocol

B. Log level

C. Insight collection

D. Endpoint information collection

Answer 16

D

Question 17

Which setting in a Jamf Protect plan controls how the protect agent communicates with Jamf Protect?

A. Automatic update

B. Log level

C. Communication protocol

D. Communication language

Answer 17

C

Question 18

What is the lowest level severity of alerts?

A. Educational

B. Identifiable

C. Informational

D. Minimal

Answer 18

C

Question 19

When a file is placed into quarantine by Jamf Protect, it is automatically deleted.

A. True

B. False

Answer 19

B

Question 20

Which feature in Jamf Protect can be used to block specific files or processes from running?

A. Custom prevent lists

B. Insights

C. Analytics

D. Telemetry

Answer 20

A