JAMF 170 - Practice Exam Flashcards

Practice Exam Questions

1
Q

What is the purpose of the Boot ROM?

A. To ensure Setup Assistant runs on all new Apple devices

B. To ensure only trusted operating system software from Apple loads at startup

C. To perform a hardware check at startup

D. To store saved passwords

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Turning on/off FileVault in System Settings requires administrator credentials.

A. True

B. False

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In Jamf Pro, where can an administrator check who viewed a FileVault recovery key and when they viewed it?

A. Admin Log

B. Audit Log

C. System Log

D. Security Log

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Apps available outside the App Store can be opened with the default Gatekeeper settings if they are signed with an Apple-issued Developer ID and __________.

A. Free

B. Paid

C. Notarized

D. In .app format

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In the MITRE ATT&CK Matrix, what is a technique?

A. The goal of a malicious actor

B. The action or method used to achieve a tactical goal

C. A real-world example of a technique in action

D. The outcome of installing malware

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which MITRE ATT&CK Matrix details techniques used by malicious actors before attempting to compromise a system?

A. PRE Matrix

B. macOS Matrix

C. Technique Matrix

D.Scout Matrix

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The CIS Benchmark for macOS contain three levels of profiles.

A.True

B. False

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which section of a profile in the CIS Benchmarks details what may happen if the profile is not implemented?

A. Description

B. Rationale

C. Impact

D. Audit

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which section of a profile in the CIS Benchmark for macOS contains the workflow to ensure a Mac is in compliance?

A. Rationale

B. Remediation

C. Impact

D. Audit

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When working with the macOS Security Compliance Project, which option is used to enable tailoring when running the generate_baseline.py script?

A. -e

B. -g

C. -k

D. -t

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When working with the macOS Security Compliance Project, which option is used to generate a compliance script when running the generate_guidance.py script?

A. -H

B. -l

C. -p

D. -s

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When working with the macOS Security Compliance Project, it is recommended to always work off the main branch.

A. True

B. False

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which page in Jamf Protect contains rules that align with the MITRE ATT&CK Matrix to detect unwanted behavior on macOS?

A. Analytics

B. Plans

C. Actions

D. Threat Prevention

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What must be paired with a plan to control the storage and collection of data from computers?

A. Alerts

B. Jamf Protect API

C. Threat prevention

D. Action configuration

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What setting in a Jamf Protect plan controls the amount of data sent to the macOS Unified Log?

A. Communication protocol

B. Log level

C. Log type

D. Telemetry

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which setting in a Jamf Protect plan controls what information is collected from a Mac during check-in?

A. Communication protocol

B. Log level

C. Insight collection

D. Endpoint information collection

A

D

17
Q

Which setting in a Jamf Protect plan controls how the protect agent communicates with Jamf Protect?

A. Automatic update

B. Log level

C. Communication protocol

D. Communication language

A

C

18
Q

What is the lowest level severity of alerts?

A. Educational

B. Identifiable

C. Informational

D. Minimal

A

C

19
Q

When a file is placed into quarantine by Jamf Protect, it is automatically deleted.

A. True

B. False

A

B

20
Q

Which feature in Jamf Protect can be used to block specific files or processes from running?

A. Custom prevent lists

B. Insights

C. Analytics

D. Telemetry

A

A