Lesson 8 - Chapter 2: Workstation and Mobile Device Security

Question 1

What are the 9 best practices for creating strong passwords?

Answer 1

1. Don’t use dictionary words
2. Don’t use names or places
3. Set a minimum length
4. Use a variety of character types
5. Characters should not be in a predictable order (capital at front, numbers at end)
6. Don’t use the names of things meaningful to you
7. Don’t use any serial or memorable key sequences (keyboard closeness)
8. Don’t use the same password at more than one account or website
9. Use a password management app

Question 2

What’s a dictionary attack?

Answer 2

A password-guessing app guesses every word in the dictionary

Question 3

Passwords should be a minimum length of?

Answer 3

12 characters, preferably longer

Question 4

What is serial/memorable key sequences?

Answer 4

sequences that appear together on a keyboard (close to each other in sequence)

like QWERTY, zxcvb, asdfg

Question 5

What is local security policy?

Answer 5

A system admin can use this policy to set up workstations to require certain password policies

Question 6

What’s the snap-in called for Local Security Policy?

Answer 6

secpol.msc

snap-in = individual utilities in MMC

Question 7

What is enforce password history?

Answer 7

the maximum number of unique passwords used for your account before you’re able to use a previously used password

(Microsoft recommends 24 unique password changes before an old one can be used)

Question 8

What is minimum password age?

Answer 8

the maximum number of days a password must be used before it can be changed again

0 = user can change the password anytime

Question 9

What is minimum password length audit?

Answer 9

turns on an audit function that creates a log file entry each time a user creates a password less than a certain value

(<12, any passwords less than 12 characters will have a log file entry)

Question 10

What is Relax Minimum Length Limits?

Answer 10

allow/disallows the minimum password length to be greater than 14 characters

Question 11

What is store passwords using reversible encryption? What should you make sure to do with this setting?

Answer 11

The password stored with reversible encryption can be exposed by an attacker using advanced methods so MAKE SURE THIS SETTING IS DISABLED (disabled by default)

Question 12

How do you set policies for multiple PCs at once?

Answer 12

use Active Directory Group policy

Question 13

What is a boot password?

Answer 13

used on the motherboard’s firmware (BIOS/UEFI) setup utility to prevent booting the system by unauthorized folks

Question 14

What is a supervisor password?

Answer 14

a password for the mobo firmware setup utility that prevents unauthorized users changing the settings

Question 15

Can you boot directly into UEFI setup?

Answer 15

No for security reasons, but you can access it by triggering a special reboot that dumps you into the UEFI setup utility

Question 16

What’s the difference between accessing the UEFI firmware and BIOS firmware?

Answer 16

Accessing UEFI starts from within Windows, accessing the BIOS is an external process (during boot)

Question 17

What are the 5 possibilities of keys to press to access BIOS setup utility during bootup? (depends on the manufacturer of the motherboard)

Answer 17

1. Del
2. F2
3. Esc
4. F10
5. F12

Question 18

Encourage users to do what when they are going to step away from their PC?

Answer 18

Locking their desktop

Question 19

How do you manually lock the desktop? (2)

Answer 19

Start > Signed-in User > Lock

CTRL + Alt + L (didn’t work for me)

Question 20

How do you automatically trigger a lock after a certain amount of idle time? What is it called? 5 steps

Answer 20

It’s called a screen saver lock

1. Settings > Find > Type Screen saver
2. Turn the screen saver on/off
3. “On resume, display logon screen” check
4. Set the wait value
5. (Optional) Choose a screen saver from the drop-down list

Question 21

Windows 10/11 include 2 features to automatically open or execute the content of an optical disc when inserted. Which are they?

Answer 21

1. AutoRun
2. AutoPlay

Question 22

Of AutoRun and AutoPlay, which gives control to the user?

Answer 22

AutoPlay, it displays a a dialog box that lists the options available to the user. AutoRun automatically starts content (USB, movies, discs)

Question 23

How do you disable AutoRun/AutoPlay?

Answer 23

Settings > Devices > Autoplay > Disable

Question 24

Users should not use an ___ account for every day work

Answer 24

admin

(more damage can be done if hacked or exposed to malware)

Question 25

The permissions that govern what a particular user account is allowed to do in Windows are called?

Answer 25

policies

Question 26

What is local security policy?

Answer 26

the app you use to do account management in setting user permissions

(restricts actions of group or account)

Question 27

Which Windows client has a Local Security Policy?

Answer 27

Every Windows client except Home

Question 28

What’s an easy way to set the same policies for many workstations?

Answer 28

Use the user and group management features in Active Directory on the domain controller

Question 29

What do you type in search when you’re trying to open Local Security Policy?

Answer 29

secpol

Question 30

In Local Security Policy, how do you see the current policies and the groups affected?

Answer 30

Local Policies tree > User Rights Assignment (and scroll through list)

Question 31

How do you learn more about a policy?

Answer 31

Double-click it and click the Explain tab

Question 32

How do you prevent a group from performing a task?

Answer 32

Local Security Setting tab > Click the group > Remove > Apply

Question 33

What is an account lockout duration?

Answer 33

creates a delay of certain minutes after the Account lockout threshold of wrong guesses has been met

(stops brute-force or dictionary attacks from going on endlessly)

Question 34

What do you use to set up logon time restrictions for specific users? (besides Local Security Policy) [2]

Answer 34

group policy on a domain controller
or
using the net user elevated prompt command on a workgroup/individual PC

Question 35

What are the 5 best security practices for account management?

Answer 35

1. Restrict user permissions
2. Restrict logon times
3. Disable the Guest account
4. Using failed attempts lockout
5. Using timeout/screen lock

Question 36

What is the app called that provides a convenient one-stop panel for a variety of workstation security settings?

Answer 36

Windows Security

Question 37

How do you access the Windows Security app?

Answer 37

Settings > Search ‘security’ > Windows Security

Question 38

What is dynamic lock?

Answer 38

it automatically locks your PC when you step away from it by tracking the proximity of the phone to the PC via Bluetooth

(out of range = it locks)

[Under account protection in Windows Security]

Question 39

Can there be more than 1 type of firewall?

Answer 39

Yes, more than would may be required if the network’s isn’t robust enough. (software firewall, domain, private network, public, etc)

Question 40

What is reputation-based protection? (Windows Security App and Browser Control)

Answer 40

Helps block unwanted apps, files, and websites

(they use publicly available information about each website’s reputation to see if they’re safe)

Question 41

What is exploit protection? (Windows Security, App and Browser Control)

Answer 41

includes a variety of system settings for protecting the system from malware

Question 42

What is device security in the Windows Security app?

Answer 42

virtualization-based security. Main setting is memory integrity which prevents attacks from inserting malicious codes into high-security processes

(can refuse to turn on if your drivers are incompatible)

Question 43

What is mobile device management? (MDM) What does it help organizations do?

Answer 43

enables an organization to manage/monitor the use of mobile devices that connect to the internal network

Question 44

How is MDM implemented?

Answer 44

implemented through an entire domain through server software

Question 45

What is one of MDM’s main objectives?

Answer 45

limit the loss of proprietary data

Question 46

What’s a benefit of MDM that reduces workload?

Answer 46

allows IT admins to automate device management processes (remotely)