Managing Apple Device Security

Question 1

Some apps install ____, or kexts—a kind of system extension that works using older methods that aren’t as secure or reliable as modern alternatives

Answer 1

kernel extensions

Question 2

On your Mac, where can you find application permission settings for Full Disk Access, Camera access, and other privacy-related settings?

Answer 2

Settings > Privacy & Security

Question 3

What Terminal command opens the manual for tccutil?

Answer 3

man tccutil

Question 4

The ____ Terminal command manages the privacy database, which stores decisions the user has made about whether apps may access personal data

Answer 4

tccutil

TCC means Transparency, Consent, and Control

Question 5

In Terminal, you can use ____ to determine the bundle identifier for an application

Answer 5

codesign

You can use codesign to create, check, and display code signatures and inquire into the dynamic status of signed code in macOS

Question 7

What Terminal command opens the manual for codesign?

Answer 7

man codesign

Question 8

Scenario: After typing codesign -d -r - /Applications/Webex.app to determine the bundle identifier, Cisco-Systems.Spark, what Terminal command do you type next to reset privacy settings for the said app?

Answer 8

tccutil reset All Cisco-Systems.Spark

Question 9

Which Terminal command resets privacy settings for all applications on your Mac?

Answer 9

tccutil reset All

Question 10

How do you remove an application’s access to the camera in the Privacy section of Privacy & Security settings?

A. Click the application from the list in Camera settings and click the minus button.

B. Turn off the application from the Camera settings list.

C. Click the application and click Disable Camera Access.

D. Enter an administrator account password, then delete the application from Camera settings.

Answer 10

B. Turn off the application from the Camera settings list.

You turn off applications to remove their access.

Question 11

What do privacy settings help users do?

A. Prevent unauthorized applications from opening

B. Control what applications can or can’t do with a Mac

C. Secure data on their disk by encrypting the contents automatically

Answer 11

B. Control what applications can or can’t do with a Mac

Users can update camera, microphone, and screen recording settings to control what applications can or can’t do with a Mac.

Question 12

Which privacy setting allows applications to monitor input from the user’s keyboard even while they’re using other applications?

A. Accessibility

B. Automation

C. Bluetooth

D. Input Monitoring

Answer 12

D. Input Monitoring

Input Monitoring grants applications access to a user’s input devices

Question 13

What Terminal command should you type to sign application Terminal.app with a signing identity named “authority”?

Answer 13

codesign -s authority Terminal.app

Question 14

Which option causes codesign to replace any existing signature on the path(s) given. Without this option, existing signatures will not be replaced, and the signing operation fails.

Answer 14

-f

f means force

Question 15

What Terminal command should you type to verify the dynamic validity of process 666

Answer 15

codesign –verify 666

Question 16

What Terminal command should you type to display all information about Terminal.app’s code signature?

Answer 16

codesign –display –verbose=4 Terminal.app

-d is also display

Question 17

____ is a security technology designed to help prevent potentially malicious software from modifying protected files and folders on your Mac. It restricts the root user account and limits the actions that the root user can perform on protected parts of the Mac operating system.

Answer 17

System Integrity Protection

Question 18

System Integrity Protection includes protection for which parts of the system?

Answer 18

• /System
• /usr
• /bin
• /sbin
• /var
• Apps that are pre-installed with the Mac operating system

Question 19

Which Paths and apps can third-party apps and installers continue to write to?

Answer 19

• /Applications
• /Library
• /usr/local

Question 20

Apps that you download from the App Store already work with System Integrity Protection

A. True
B. False

Answer 20

A. True

Question 21

MacOS malware defenses are structured in which three layers?

Answer 21

1. Prevent launch or execution of malware: App Store, or Gatekeeper combined with Notarization
2. Block malware from running on customer systems: Gatekeeper, Notarization, and XProtect
3. Remediate malware that has executed: XProtect

Question 22

____ is a malware scanning service provided by Apple. Developers who want to distribute apps for macOS outside the App Store submit their apps for scanning as part of the distribution process

Answer 22

Notarization

Question 23

MacOS includes built-in antivirus technology called ____ for the signature-based detection and removal of malware

Answer 23

XProtect

Question 24

Which conditions prompt XProtect to check for known malicious content?

Answer 24

• An app is first launched
• An app has been changed (in the file system)
• XProtect signatures are updated

Question 25

MacOS includes a security technology called ____, which is designed to help ensure that only trusted software runs on a user’s Mac

Answer 25

Gatekeeper

Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn’t been tricked into running executable code they believed to simply be a data file

Question 26

____ deliver important security improvements between software updates—for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist “in the wild.”

Answer 26

Rapid Security Responses

Rapid Security Responses deliver important security improvements between software updates.

Question 27

Where do you check if your device automatically applies Rapid Security Responses?

Answer 27

• iPhone or iPad: Go to Settings > General > Software Update > Automatic Updates, then make sure that “Security Responses & System Files” is turned on
• Mac: Choose Apple menu > System Settings > General > Software Update. Click the Show Detail button (i button) next to Automatic Updates, then make sure that “Install Security Responses and system files” is turned on

Question 28

____ is an optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats

Answer 28

Lockdown Mode

Lockdown Mode helps protect devices against extremely rare and highly sophisticated cyber attacks.

Question 29

How do you turn on Lockdown mode on your iPhone or iPad?

Answer 29

Settings > Privacy & Security > Lockdown Mode > Turn On Lockdown Mode

You will need to enter your device passcode

Question 30

How do you turn on Lockdown mode on your Mac?

Answer 30

System Settings > Privacy & Security > Lockdown Mode > Turn On Lockdown Mode

Question 31

How do you exclude an app or edit your excluded websites on your iPhone while in Lockdown Mode?

Answer 31

Settings > Privacy & Security > Lockdown Mode > Configure Web Browsing > Turn off selected apps

To edit your excluded websites, tap Excluded Safari Websites > Edit.

Question 32

How do you exclude websites on your Mac while in Lockdown Mode?

(Safari)

Answer 32

Safari menu > Settings for [website] > deselect the Enable Lockdown Mode checkbox

To edit your excluded websites:
Safari menu > Settings > Websites > in sidebar click Lockdown Mode > From the menu next to a configured website, turn Lockdown Mode on or off

Question 33

If a device is in Lockdown Mode, new configuration profiles can be installed, and the device can be enrolled in Mobile Device Management or device supervision

A. True
B. False

Answer 33

B. False

Question 34

You can’t have both Screen Sharing and Remote Management on at the same time

A. True
B. False

Answer 34

A. True

Question 35

On your Mac, where can you find security settings for Screen Sharing such as password or control permissions?

Answer 35

System Settings > General > Sharing > Screen Sharing > click Info button (i)

Question 36

If you forget your login password or need to reset it, ____ won’t let you access your encrypted files

Answer 36

FileVault

Question 37

How do you turn on FileVault on your Mac?

Answer 37

Settings > Privacy & Security > FileVault > Turn On >follow onscreen instructions

Question 38

What should you do after you turn on FileVault?

A. Continue to use your Mac as you normally do.

B. Wait until FileVault encryption is complete.

C. Quit all applications.

D. Log out of your user account.

Answer 38

A. Continue to use your Mac as you normally do.

You can use your Mac normally because encryption is nearly immediate for Mac computers with Apple silicon or the T2 chip, and it proceeds safely in the background on other Mac computers.

Question 39

You’ve forgotten your login password or it’s locked from too many failed attempts to log in.

What’s the alternative method to unlock FileVault and reset your password?

A. Call AppleCare to create a new account recovery key.

B. Use iCloud Account Recovery.

C. Create a new personal recovery key.

Answer 39

B. Use iCloud Account Recovery.

Instead of using a personal recovery key, you can set up FileVault to use your iCloud account to reset the password and access your user account and files.