Securing Devices and Data

Question 1

Encrypting File System (EFS)

Answer 1

A file system which allows encryption of individual drives and folders on any NTFS volume.

Question 2

BitLocker-To-Go

Answer 2

A BitLocker component used to protect removable drives, such as USB flash drives.

Question 3

BitLocker

Answer 3

An entire volume encryption feature included with Windows Vista and Windows 7 Ultimate and Enterprise editions, and Windows 8 and higher Professional and Enterprise editions.

Question 4

Trusted Platform Module (TPM)

Answer 4

A microchip installed on the motherboard of desktop and portable computers, which stores critical encryption keys in hardware inaccessible to the operating system or most attackers.

Question 5

Degausser

Answer 5

A device which uses powerful electromagnets to destroy all data on magnetic media like tapes and hard drives, but not optical or flash storage.

Question 6

Event Viewer

Answer 6

A tool used to detect and diagnose unusual system behavior.

Question 7

Rescue disk

Answer 7

A combination of antimalware and system repair tools on a bootable disc or flash drive.

Question 8

Encryption tools: EFS (Encrypting File System)

Answer 8

Encrypting File System allows encryption of individual drives and folders on any NTFS volume. It is included with Business/Professional/Enterprise/Ultimate editions of Windows, as well as all editions of Windows Server.

Question 9

Encryption tools: BitLocker

Answer 9

Encrypts entire NTFS volumes, including the system drive. It is available on Enterprise and Ultimate Editions of Windows Vista and 7, Pro and Enterprise versions of Windows 8 and later, and all editions of Windows Server 2008 and later.

Question 10

Encryption tools: BitLocker-To-Go

Answer 10

A BitLocker component used to protect removable drives, such as USB flash drives. It can encrypt drives formatted as FAT16, FAT32, and ExFAT as well as NTFS. It is included in Windows 7 and later systems which include BitLocker.

Question 11

What is used to encrypt files on your USB drive?

Answer 11

BitLocker-To-Go

Question 12

Trusted Platform Module (TPM) is a microchip installed on the motherboard of desktop and portable computers, which stores critical encryption keys in hardware inaccessible to the operating system or most attackers. True or False?

Answer 12

True

Question 13

What allows encryption of individual drives and folders on any NTFS volume?

Answer 13

EFS

Question 14

BitLocker: It is an entire volume encryption feature included with Windows Vista and Windows 7 Ultimate and Enterprise editions. True or False?

Answer 14

True

Question 15

BitLocker: It uses a MDM which is a microchip installed on the motherboard of desktop and portable computers. True or False?

Answer 15

False

Question 16

BitLocker: It can encrypt the NTFS volumes including the system volume. True or False?

Answer 16

True

Question 17

BitLocker: It requires a smaller boot volume with at least 20 MB of free space in order to perform the decryption routines. True or False?

Answer 17

False

Question 18

BitLocker: BitLocker Drive Encryption is compatible with EFS. True or False?

Answer 18

True

Question 19

Screen lock options: Swipe screen

Answer 19

Swipe a finger across the screen, or a certain part of the screen, to unlock. This doesn’t offer any security against intrusion at all: at best, it prevents accidental input.

Question 20

Screen lock options: Password

Answer 20

A strong password provides very strong authentication, but it’s more trouble to enter on a touchscreen keyboard than a physical one, especially if it includes mixed cases and special characters.

Question 21

Screen lock options: Passcode/PIN

Answer 21

Unlock the device with a numeric passcode. Not as strong as a password, but easier to enter, and even a four-digit PIN allows for 10,000 combinations

Question 22

Screen lock options: Pattern

Answer 22

Unlock the device by drawing a predefined pattern over points on the screen. This can be easier than a passcode, but choosing a pattern that’s both easy to enter and hard to guess might be challenging.

Question 23

Screen lock options: Fingerprint

Answer 23

A biometric device with a fingerprint scanner isn’t entirely foolproof—it’s not just spy movie stuff for a clever hacker make a “fake finger” from some glue and an existing fingerprint smudge on the screen. That said, it’s strong protection against most intruders.

Question 24

Screen lock options: Face

Answer 24

Uses the device camera and face recognition software. Can potentially be fooled by using a photo, but newer versions add additional measures like requiring the user to blink. Cameras with infrared (IR) sensitivity are especially effective for facial recognition under varying light conditions.

Question 25

Mobile device policies: Permitted devices

Answer 25

Required features, operating systems, or models for a device to be allowed under the policy.

Question 26

Mobile device policies: Support

Answer 26

Who supports what aspects of device functions. IT may not have the time or training to support everything that can go wrong on a wide range of user devices.

Question 27

Mobile device policies: App and data ownership

Answer 27

Policies should clearly specify what apps and data are company property, for example work email messages and corporate documents. Mobile containerization technologies can even allow part of an employee-owned device’s memory and storage to be securely set aside for corporate purposes, or vice-versa.

Question 28

Mobile device policies: Privacy

Answer 28

Employees should expect some privacy with personal activities and data on their own devices, but at the same time it might be limited during work hours or on company networks. The policy should spell out employee privacy expectations.

Question 29

Mobile device policies: Network access

Answer 29

Some workplaces may choose to limit personal devices to limited access or guest networks. This can limit their usefulness, but makes it easier to secure them.

Question 30

Mobile device policies: Onboarding and offboarding

Answer 30

There should be a set process for how an employee needs to prepare a device to join the program, and another for what happens when an employee leaves or just stops using a particular device for work. Offboarding should also address what happens with devices subsidized by the company.

Question 31

Mobile device management (MDM) is a type of security software used by an IT department to monitor, manage, and secure employees’ mobile devices. True or False?

Answer 31

True

Question 32

What kind of policy governs a user-owned device on the corporate network?

Answer 32

BYOD (Bring-your-own-device)

Question 33

Common malware symptoms: File alteration

Answer 33

Any unexpected alteration to files can be indicative of malware. They might be renamed or deleted suddenly, or vanish gradually over time.

Question 34

Common malware symptoms: Unfamiliar programs

Answer 34

Programs that shouldn’t be installed can indicate malware, either because they were installed by existing malware or because a user carelessly installed a compromised application.

Question 35

Common malware symptoms: Security alerts

Answer 35

If your antivirus scanner occasionally detects and quarantines threats you should review the log to see what they were. Frequent alerts could represent network vulnerabilities, or some other, undetected malware that’s opened a backdoor into the system.

Question 36

Common malware symptoms: Browser oddities

Answer 36

Malware frequently attacks or affects web browsers. This might manifest as something as simple as excessive or unusual pop-up ads, or new toolbars and add-ons in the browser.

Question 37

Common malware symptoms: Email issues

Answer 37

Receiving excessive spam isn’t necessarily a sign of malware, but it can increase the risk of contracting it: consider client protection and spam filtering if it’s a problem.

Question 38

Common malware symptoms: Stability and performance

Answer 38

Malware can cause all sorts of problems with overall system performance: application crashes, operating system lockups or reboots, network connectivity problems, or just performance slowdown.

Question 39

Common malware symptoms: Failed updates

Answer 39

To prevent detection or removal, malware will frequently disable tools that can fight it. Operating system updates can fail, or refuse to launch.

Question 40

Malware removal tools: Antivirus scanner

Answer 40

Real-time, scheduled, and manual anti-virus scans are the first line of defense against malware. If one product can’t find the infection you can always try another.

Question 41

Malware removal tools: Antimalware software

Answer 41

Apart from traditional antivirus scanners, some products specialize in detecting a broader range of threats, such as changes made by spyware, adware, or rootkits. Other tools are designed to remove specific threats.

Question 42

Malware removal tools: Event Viewer

Answer 42

Used to detect and diagnose unusual system behavior. System logging software won’t remove malware, but it might show you how it was contracted or what changes were made.

Question 43

Malware removal tools: System Restore

Answer 43

Saves and restores system files and settings, allowing you to recover from some harmful changes—even those you might accidentally cause in the cleanup process.

Question 44

Malware removal tools: System backups

Answer 44

Restoring from data backups can recover data lost to malware, and restoring from a complete system image is even a valid form of malware removal.

Question 45

Malware removal tools: Terminal

Answer 45

As useful as GUI tools, some troubleshooting is easier when you’re familiar with command-line tools. Sometimes you might even have to boot to a command prompt to salvage a damaged system.

Question 46

Malware removal tools: MSCONFIG

Answer 46

Allows you to change boot options. Malware frequently changes boot settings, or adds malicious programs or services to the startup process. MSCONFIG also is one way to enter safe mode or other controlled startup environments.

Question 47

Malware removal tools: Installation media

Answer 47

If system files are missing or damaged, you might be able to restore them from an operating system installation disc or flash drive.

Question 48

Malware removal tools: Recovery environment

Answer 48

If the computer won’t boot or if malware has compromised the operating system enough to prevent repair, you’ll need an alternate boot environment.

Question 49

Malware removal tools: Rescue disk

Answer 49

A combination of antimalware and system repair tools on a bootable disc or flash drive. There are many free preconfigured products, some from antivirus vendors: they include PC Tools’ Alternate Operating System Scanner, Kaspersky Rescue Disk, and Microsoft’s Windows Defender Offline.

Question 50

Mobile security symptoms: Device and network performance

Answer 50

Heavy resource utilization, slow network speeds, and rapid battery drain can suggest either malware or just a misbehaving application.

Question 51

Mobile security symptoms: Exceeded data limits

Answer 51

Most mobile plans have monthly limits for data use. Even when they don’t, providers and devices can monitor data usage.

Question 52

Mobile security symptoms: Unexpected feature activation

Answer 52

Some mobile features, while very useful, can consume battery life and compromise security or privacy. It’s easy and good practice to turn some of these off when you don’t need them, such as Wi-Fi, Bluetooth, or location tracking.

Question 53

Mobile security symptoms: Surveillance risks

Answer 53

Mobile devices make perfect surveillance devices in the hands of a malicious or unwary users. Even if features like cameras, microphones, and location tracking aren’t turned on by malware, it’s easy to leak sensitive data using these features in normal applications.

Question 54

Mobile security symptoms: Changed app permissions

Answer 54

For security reasons mobile apps should only be given permissions they need to function. For example you shouldn’t give an app access to the camera or ability to place calls unless you trust it and it actually needs that capability.

Question 55

Mobile security symptoms: Unintended Wi-Fi access

Answer 55

Joining an untrusted Wi-Fi network is a security risk. Unencrypted Wi-Fi networks can leave your network communications open to eavesdropping, and even a “secure” hotspot run by a malicious party might be used to steal data or perform network attacks.

Question 56

Mobile security symptoms: Unintended Bluetooth pairings

Answer 56

Whether caused by malware or not, pairing with an unfamiliar or unintended Bluetooth device can endanger security. Review paired Bluetooth devices and investigate any unexpected entries.

Question 57

Mobile security symptoms: Unauthorized root access

Answer 57

Not only can malware force root access, but a device jailbroken or rooted by a legitimate user can be more vulnerable to malware.

Question 58

Mobile security symptoms: Suspicious apps

Answer 58

Apps the user doesn’t know about, or that come from third-party appstores or websites, might be a security risk. With so many available apps it can be hard to tell what’s unusual, but investigate anything that sticks out.

Question 59

Mobile security symptoms: Unauthorized account access

Answer 59

On network-centric mobile devices, there can be many signs of unauthorized access from outside sources.

Question 60

Mobile security symptoms: Leaked data

Answer 60

Mobile devices are easy ways to leak personal or business data. Not only can it be stolen from the device itself or a cloud backup, the device can be used to smuggle data from inside a secure enterprise network.

Question 61

Mobile security Tools: Antimalware

Answer 61

Just like on the desktop, you can use anti-malware software to monitor the system or actively scan for signs of malware. Apple claims that iOS devices are not vulnerable to malware and does not allow malware scanners in its App Store, but a variety are available for Android and Windows Phone.

Question 62

Mobile security Tools: App scanner

Answer 62

Other scanners don’t look specifically for malware such as for app problems or changes. They can help notice unusual activities even if they’re not strictly malware.

Question 63

Mobile security Tools: Wireless analyzer

Answer 63

To verify signal problems, you can just try moving the device. You can also use a Wi-Fi analyzer or cell tower analyzer, either as a specialized appliance or an app on another mobile device.

Question 64

Mobile security Tools: App control features

Answer 64

If you think an app is having a problem, you can force stop it from within the operating system, or uninstall and reinstall it. You can even uninstall apps remotely from iTunes or the Google Play Store.

Question 65

Mobile security Tools: Backup and restore

Answer 65

Not only can you backup and restore mobile data and settings to and from your desktop, you can also store it using cloud services like Google Sync, iCloud, or OneDrive.

Question 66

Mobile security Tools: Factory resets

Answer 66

Mobile devices are easy to reset to a freshly installed state, deleting user data, installed apps, and, hopefully, any installed malware.

Question 67

What is the order for the malware removal process in windows?

Answer 67

1. Identify Symptoms
2. Quarantine the system
3. Disable system restore
4. Repair the system
5. Update the system
6. Enable system restore
7. Educate the end user

Question 68

The Event Viewer is used to detect and diagnose unusual system behavior. True or False?

Answer 68

True

Question 69

What is used to monitor a system or actively scan for signs of malware?

Answer 69

Antimalware software

Question 70

What is the function of the Event Viewer tool?

Answer 70

It is used to detect and diagnose unusual system behavior.

Question 71

Which of the following allows encryption of individual drives and folders on any NTFS volume?

Answer 71

EFS

Question 72

Which is a software that allows IT administrators to control, secure, and enforce policies on smartphones, tablets, and other endpoints?

Answer 72

MDM

Question 73

Which screen lock option does not offer any security against intrusion at all?

Answer 73

Swipe screen

Question 74

Which tool is used when system files are missing or damaged?

Answer 74

Installation media

Question 75

Which tool is used to notice unusual activities in a device even if they’re not strictly malware?

Answer 75

App scanner

Question 76

Which mode of BitLocker authentication allows the user to start up the computer and log into Windows as normal?

Answer 76

Transparent operation