Manage Security and Privacy Flashcards
• Describe password types and use. • Manage secrets in Keychain. • Manage Secure Setup Utility. • Enable and manage iCloud Keychain. • Obtain User Approved MDM enrollment. • Manage system-wide security and user privacy. • Approve Kernel Extension Loading.
What are the different types of passwords you use to secure a Mac?
The different types of passwords you use to secure a Mac are listed below:
a. Local user account password—Used to log in to your Mac.
b. Apple ID and password—For iCloud, iTunes, and the App Store.
c. Keychain passwords—To protect authentication assets in encrypted keychain files.
d. Resource passwords—Such as email, websites, file servers, apps, and encrypted disk images.
e. Firmware password—Prevents your Mac from starting up from any disk other than your designated
startup disk.
What types of items can you store in a keychain?
u use keychains to securely store resource passwords, certificates, keys, website forms, Safari
AutoFill information, and secure text notes.
How does Keychain Access help protect your information?
Keychain Access manages encrypted files that are used to securely save your items. They are
impenetrable unless you know the keychain password. If you forget the keychain password, you lose
the file contents forever.
Where are keychain files stored?
Keychain files are stored throughout macOS for different users and resources.
a. Local login keychains are stored in /Users/username/Library/Keychain/login.keychain.
b. Other local keychains are stored in /Users/username/Library/Keychains/others.keychain.
c. iCloud keychains are stored in /Users/username/Library/Keychains/UUID/.
d. System keychains are stored in /Library/Keychains/System.keychain.
e. System Root keychains for trusted networks do not appear by default, but they can be located here:
/System/Library/Keychains/
f. Other keychains can be found throughout macOS. You should leave these files alone unless you’re
instructed by a trusted source to resolve an issue.
What app should you use to manage keychain settings?
You should use Keychain Access to view and modify most keychain items.
How does two-factor authentication provide added security to your Apple ID?
ith two-factor authentication, your Apple ID account can be accessed only on devices you trust, such
as your iPhone, iPad, or Mac.
When and why would you use iCloud Security Code?
iCloud Security Code is a separate technology used to further protect your secrets in iCloud Keychain.
It is used when you enable iCloud Keychain with an Apple ID without two-factor authentication enabled.
When two-factor authentication is not enabled, macOS prompts you to either enter or create your
iCloud Security Code so you can trust the device. You can also use the iCloud Security Code to grant
access to use your Apple ID on additional devices.
Which three macOS functions require management of security-sensitive settings and enrollment with
User-Approved MDM enrollment?
The following macOS functions require management of security-sensitive settings and enrollment with User Approved MDM enrollment: • Kernel extension loading policy • Autonomous single-app mode • User consent for data access
In what three ways can you obtain User Approved MDM enrollment?
Three ways to obtain User-Approved MDM enrollment are listed below:
a. Use Apple Business Manager or Apple School Manager to automatically enroll your Mac in an MDM
solution. Its enrollment is equivalent to User Approved.
b. Install macOS 10.13.4 or newer. If a Mac was enrolled in non-User Approved MDM before its update to
macOS 10.13.4 or newer, it will be converted to a User Approved MDM enrollment.
c. Follow the prompts in System Preferences to enroll in MDM. Download or email yourself an enrollment
profile and double-click the enrollment profile.
Which macOS System-wide and personal settings can you manage in Security and Privacy?
macOS system-wide and personal settings that can be managed in Security and Privacy are listed
below:
a. General Settings—Provides the option to choose to require a password to wake a Mac from sleep or
screen saver mode and to define a delay before this requirement sets in. Also allows you to configure
a custom message to show at the login window or when the screen is locked.
b. Advanced Settings—Provides the option to choose to require users to automatically log out of
accounts after a certain amount of inactivity and to require an administrator password to access
system-wide preferences
c. FileVault Settings—Provides the option to enable and configure FileVault.
d. Firewall Settings—Provides the option to enable and configure personal network firewall settings.
Which feature can you enable to find a lost Mac?
iCloud Find My Mac helps you find a lost Mac by allowing you to remotely access the Mac computer’s
Location Services service.
How can you limit the use of Location Services?
You can use the Privacy pane of Security & Privacy preferences to configure app access to Location
Services, Contacts, Calendars, Reminders, and social network services. When a new app requests
information that is considered personal, macOS asks you for permission.
How can you ensure that audio recordings used for Dictation service remain private?
To ensure that your voice recordings remain private, you can manage your Enhanced Dictation settings
manually. The Enhanced Dictation option is enabled by default. When you use Enhanced Dictation, your
Mac immediately converts what you say into text without sending your dictated speech to Apple. If you
turn Enhanced Dictation off or use Siri, then things you say and dictate will be recorded and sent to
Apple to be converted to text. Along with this, Apple tracks other information such as your name,
nickname, location and much of your user data sent from your device.
Which three categories do kernel extensions (KEXTs) typically belong to?
The three categories that kernel extensions (KEXTs) typically belong to are listed below:
a. Low-level device drivers
b. Network filters
c. File system
