Review 3 Flashcards
week 19
Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications.
True—The hardening of an operating system is the act of configuring it securely, updating it, creating rules and policies, removing unnecessary applications, and stopping unnecessary services.
To turn off services, you would access the Programs and Features section of the Control Panel.
False—Services can be shut off within the services section of Computer Management or within the command line. The Programs and Features section of the Control Panel is where you would uninstall unnecessary programs.
The net stop commands disable services in Windows.
False—The net stop commands stop a service in Windows. To disable a service in the command line, you need to use the sc config command.
A service pack is a group of updates, bug fixes, updated drivers, and security fixes.
True—A service pack is one downloadable package that includes a group of updates (hotfixes), bug fixes, updated drivers, and security fixes.
The Windows Update program can be accessed by clicking Start > All Programs.
True—Windows Update can be accessed by navigating to Start > All Programs
The option Never Check for Updates is recommended by Microsoft.
False—Never Check for Updates is not recommended by Microsoft because it can be a security risk. One of the three other options should be selected.
The systeminfo commands show a list of hot fixes that have been installed to the operating system.
True—Systeminfo is a command used to list the hot fixes that have previously been installed to Windows.
The second step in a patch management strategy is testing.
True—The four steps of a patch management strategy include planning, testing, implementing, and auditing.
To open the Local Group Policy Editor console window, a user should type MMC in the Run prompt.
False—To open the Local Group Policy Editor console window, a user should type gpedit.msc. MMC opens a new Microsoft Management Console.
The convert command converts an NTFS drive to FAT32.37
NTFS.
False—The convert command converts FAT32 partitions to NTFS
Which of the following should be done to maintain and harden a hard disk? (Select the two best answers.) A. Defragment the drive. B. Consider a whole disk encryption. C. Install third-party applications. D. Sanitize the drive.
A and B. Defragmenting the hard drive is a good way to maintain the drive. Using whole disk encryption can harden the hard disk. It is unknown whether third-party applications can help to maintain or harden a hard disk; chances are they will do neither. Sanitizing the drive is the act of removing all the data.
Which of the following should you implement to keep a well-maintained computer? (Select the three best answers.) A. Update the firewall. B. Update the BIOS. C. Use a surge protector. D. Remove the unnecessary firewall.
A, B, and C. To keep a well-maintained computer, a user should use a surge protector or UPS, update the BIOS, update Windows, update antimalware, update the firewall, and maintain the disks. It is extremely rare that there will be an unnecessary firewall.
Which of the following are examples of virtualization? (Select the three best answers.) A. Microsoft Virtual PC B. Microsoft Virtual Server C. VMware D. Microsoft Visio
A, B, and C. Microsoft Virtual PC, Microsoft Virtual Server, and VMware are all examples of virtualization. Microsoft Visio is a program within the Microsoft Office suite used to create diagrams and flow charts.
Of the following, which can be a security benefit when using virtualization?
A. Patching a computer patches all virtual machines running on the computer.
B. If one virtual machine is compromised, none of the other virtual machines can be compromised.
C. If a virtual machine is compromised, the adverse effects can be compartmentalized.
D. Virtual machines cannot be affected by hacking techniques.
C. By using a virtual machine (which is one example of a virtual instance), any ill effects can be compartmentalized to that particular virtual machine, usually without any ill effects to the main operating system on the computer. Patching a computer does not automatically patch virtual machines existing on the computer. Other virtual machines can be compromised, especially if nothing is done about the problem. Finally, virtual machines can definitely be affected by hacking techniques. Be sure to secure them!
. What is the best option to use to isolate an operating system?
A. Host-based intrusion detection system
B. Network-based intrusion detection system
C. Antivirus software
D. Virtualization software
Virtualization software should be used to isolate operating systems from attacks and other types of threats. The other three answers help to protect an operating system but do not isolate it completely.