Lesson 8A Configure Workstation Security

Question 1

Password Best Practices

Answer 1

Effective user security depends on strong credential management, effective account policies, and best practice end-user behavior.

Question 2

Password Rules

Answer 2

Make passwords sufficiently long-12+ character length is suitable for an ordinary account user.
Administrative passwords should be longer.

Choose a memorable phrase, but do not use any personal information- Anything that a threat actor could discover or guess should not be used in a password.

Question 3

Complexity Requirements
Expiration Requirements

Answer 3

Complexity requirements-Rules designed to enforce best-practice password selection, such as minimum length and use of multiple character types.
Expiration Requirements- Rules designed to enforce best-practice password use by forcing regular selection of new passwords.

Question 4

BIOS/UEFI Passwords

Answer 4

Passwords set in system firmware to prevent unauthorized booting of a computer (user password) or changes to system setup (supervisor password).

Question 5

End User Best Practices

Question 6

Log off when not in use

Answer 6

A lunchtime attack is where a threat actor is able to access a computer has been unlocked.

Question 7

Secure/protect critical hardware (such as laptops)

Answer 7

Users must also be alert to the risk of physical theft of devices. Portable computers can be secured to a desk using a cable lock.

Question 8

Secure personally identifiable information (PII) and passwords

Answer 8

Paper copies of personal and confidential data must not be left where they could be read or stolen. A clean desk policy ensures that all such information is not left in plain sight.

Question 9

Account Management

Answer 9

Policies are used to determine what rights and privileges each employee should be assigned. These policies should be guided by the principle of least privilege.

Question 10

Restrict User Permission(2 types)

Answer 10

File permissions control whether a user can read or modify a data file or folder, either on the local PC or across the network.(Permissions are only modified by data owners or file server administrator.
Rights or privilege control what system configurations changes a user can make to a PC.

Question 11

Change Default Administrator Account and Password

Answer 11

The new password must be treated with highest level of security available. Any use of the default administrator account must be logged and accounted for. Using this account for sign-in should be an unusual event that generates an alert.

Question 12

Disable Guest Account

Answer 12

A guest account allows unauthenticated access to the computer and may provide some sort of network access too.
only enabled to facilitate passwordless file sharing in a Windows workgroup

Question 13

Account Policies

Answer 13

Enforcing requirements as controls imposed by the OS. Which can be enforced via Security Policy snap-in(secpol.msc)

Question 14

Restrict Log-in Time

Answer 14

Used to prevent an account from logging in at an unusual time of day or night, or during the weekend.

Question 15

Failed Attempt Lockout

Answer 15

Allows a maximum amount of attempts prior to the computer locking out.

Question 16

Concurrent Logins

Answer 16

Determines how many computers an individual should be allowed to log in at a time.

Question 17

Use timeout/screenlock

Answer 17

Locks the Desktop whenever the system detects no user-activity.

Question 18

Execution Control

Answer 18

Process of determining what additional software may be installed on a client or server beyond its baseline to prevent the use of unauthorized software.

Question 19

Trusted/Untrusted Software Sources

Answer 19

restrict the ability of users to run unapproved program code, especially code that can modify the OS, such as an application installer.
Administrator and Standard user accounts, along with User Account Control (UAC) and system policies, to enforce these restrictions.

Question 20

AutoRun and AutoPlay

Answer 20

-when an optical disc is inserted or a USB drive is attached, Windows would automatically run commands defined in an autorun.inf
-Windows mechanisms for automatic actions to occur when a peripheral storage device is attached.

Question 21

Windows Defender Antivirus

Answer 21

Security scanner installed and enabled by default in Windows that provides protection against general malware types.

Question 22

Windows Defender Firewall

Answer 22

Implements a personal/host firewall to filter inbound and outbound network traffic.
Port Security
Application Security
Address

Question 23

Port Security

Answer 23

triggers are based on the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port number used by the application protocol.

Question 24

Application security

Answer 24

triggers are based on the process that listens for connections.

Question 25

Address triggers

Answer 25

Are based on the IP or FQDN of the server or client hosts

Question 26

Firewall can be accessed via:

Answer 26

wf.msc the firewall can be turned on or turned off, and you can switch the default policyfor inbound and outbound traffic.
Allow or Block

Question 27

Encrypting File Systems

Answer 27

Microsoft’s file-level encryption feature available for use on NTFS.
To apply encryption: Open the file’s/folder’s properties sheet and select advanced. Check the encrypt content box.

Question 28

Windows Bitlocker

Answer 28

BitLocker can be used with any volumes on fixed (internal) drives. It can also be used with removable drives in its BitLocker To Go form.

Question 29

Windows Bit Locker cont.

Answer 29

When the data is encrypted, the user must have access to the encryption key to access it. BitLocker can make use of a trusted platform module (TPM) chip in the computer to tie use of a fixed disk to a particular motherboard.