Lesson 8 - Chapter 2: Workstation and Mobile Device Security Flashcards
What are the 9 best practices for creating strong passwords?
- Don’t use dictionary words
- Don’t use names or places
- Set a minimum length
- Use a variety of character types
- Characters should not be in a predictable order (capital at front, numbers at end)
- Don’t use the names of things meaningful to you
- Don’t use any serial or memorable key sequences (keyboard closeness)
- Don’t use the same password at more than one account or website
- Use a password management app
What’s a dictionary attack?
A password-guessing app guesses every word in the dictionary
Passwords should be a minimum length of?
12 characters, preferably longer
What is serial/memorable key sequences?
sequences that appear together on a keyboard (close to each other in sequence)
like QWERTY, zxcvb, asdfg
What is local security policy?
A system admin can use this policy to set up workstations to require certain password policies
What’s the snap-in called for Local Security Policy?
secpol.msc
snap-in = individual utilities in MMC
What is enforce password history?
the maximum number of unique passwords used for your account before you’re able to use a previously used password
(Microsoft recommends 24 unique password changes before an old one can be used)
What is minimum password age?
the maximum number of days a password must be used before it can be changed again
0 = user can change the password anytime
What is minimum password length audit?
turns on an audit function that creates a log file entry each time a user creates a password less than a certain value
(<12, any passwords less than 12 characters will have a log file entry)
What is Relax Minimum Length Limits?
allow/disallows the minimum password length to be greater than 14 characters
What is store passwords using reversible encryption? What should you make sure to do with this setting?
The password stored with reversible encryption can be exposed by an attacker using advanced methods so MAKE SURE THIS SETTING IS DISABLED (disabled by default)
How do you set policies for multiple PCs at once?
use Active Directory Group policy
What is a boot password?
used on the motherboard’s firmware (BIOS/UEFI) setup utility to prevent booting the system by unauthorized folks
What is a supervisor password?
a password for the mobo firmware setup utility that prevents unauthorized users changing the settings
Can you boot directly into UEFI setup?
No for security reasons, but you can access it by triggering a special reboot that dumps you into the UEFI setup utility
What’s the difference between accessing the UEFI firmware and BIOS firmware?
Accessing UEFI starts from within Windows, accessing the BIOS is an external process (during boot)
What are the 5 possibilities of keys to press to access BIOS setup utility during bootup? (depends on the manufacturer of the motherboard)
- Del
- F2
- Esc
- F10
- F12
Encourage users to do what when they are going to step away from their PC?
Locking their desktop
How do you manually lock the desktop? (2)
Start > Signed-in User > Lock
CTRL + Alt + L (didn’t work for me)
How do you automatically trigger a lock after a certain amount of idle time? What is it called? 5 steps
It’s called a screen saver lock
- Settings > Find > Type Screen saver
- Turn the screen saver on/off
- “On resume, display logon screen” check
- Set the wait value
- (Optional) Choose a screen saver from the drop-down list
Windows 10/11 include 2 features to automatically open or execute the content of an optical disc when inserted. Which are they?
- AutoRun
- AutoPlay
Of AutoRun and AutoPlay, which gives control to the user?
AutoPlay, it displays a a dialog box that lists the options available to the user. AutoRun automatically starts content (USB, movies, discs)
How do you disable AutoRun/AutoPlay?
Settings > Devices > Autoplay > Disable
Users should not use an ___ account for every day work
admin
(more damage can be done if hacked or exposed to malware)
The permissions that govern what a particular user account is allowed to do in Windows are called?
policies
What is local security policy?
the app you use to do account management in setting user permissions
(restricts actions of group or account)
Which Windows client has a Local Security Policy?
Every Windows client except Home
What’s an easy way to set the same policies for many workstations?
Use the user and group management features in Active Directory on the domain controller
What do you type in search when you’re trying to open Local Security Policy?
secpol
In Local Security Policy, how do you see the current policies and the groups affected?
Local Policies tree > User Rights Assignment (and scroll through list)
How do you learn more about a policy?
Double-click it and click the Explain tab
How do you prevent a group from performing a task?
Local Security Setting tab > Click the group > Remove > Apply
What is an account lockout duration?
creates a delay of certain minutes after the Account lockout threshold of wrong guesses has been met
(stops brute-force or dictionary attacks from going on endlessly)
What do you use to set up logon time restrictions for specific users? (besides Local Security Policy) [2]
group policy on a domain controller
or
using the net user elevated prompt command on a workgroup/individual PC
What are the 5 best security practices for account management?
- Restrict user permissions
- Restrict logon times
- Disable the Guest account
- Using failed attempts lockout
- Using timeout/screen lock
What is the app called that provides a convenient one-stop panel for a variety of workstation security settings?
Windows Security
How do you access the Windows Security app?
Settings > Search ‘security’ > Windows Security
What is dynamic lock?
it automatically locks your PC when you step away from it by tracking the proximity of the phone to the PC via Bluetooth
(out of range = it locks)
[Under account protection in Windows Security]
Can there be more than 1 type of firewall?
Yes, more than would may be required if the network’s isn’t robust enough. (software firewall, domain, private network, public, etc)
What is reputation-based protection? (Windows Security App and Browser Control)
Helps block unwanted apps, files, and websites
(they use publicly available information about each website’s reputation to see if they’re safe)
What is exploit protection? (Windows Security, App and Browser Control)
includes a variety of system settings for protecting the system from malware
What is device security in the Windows Security app?
virtualization-based security. Main setting is memory integrity which prevents attacks from inserting malicious codes into high-security processes
(can refuse to turn on if your drivers are incompatible)
What is mobile device management? (MDM) What does it help organizations do?
enables an organization to manage/monitor the use of mobile devices that connect to the internal network
How is MDM implemented?
implemented through an entire domain through server software
What is one of MDM’s main objectives?
limit the loss of proprietary data
What’s a benefit of MDM that reduces workload?
allows IT admins to automate device management processes (remotely)
