Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA A+ Complete Study Guide: Exam 220-1002, Fourth Edition > Securing Operations Systems > Flashcards

Securing Operations Systems Flashcards

1
Q

Which policy would you create to define the minimum specification if an employee wanted to use their own device for email?

AUP

BYOD

NDA

A

BYOD

A bring your own device (BYOD) policy defines the minimum specifications for an employee’s device used for work-related access. The mobile device management (MDM) software would usually police these specifications, but it would not define them. The acceptable use policy (AUP) is a code of conduct when dealing with organization resources. The non-disclosure agreement (NDA) is an agreement used when dealing with intellectual property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which term refers to copyright data between a mobile device and a computer system in order to mirror such things as contacts, programs, pictures and music?

Remote wipe

Pairing

Synchronization

A

Synchronization

Synchronizing a mobile device with a computer system allows you to mirror personal data between the devices, regardless of which one contains the most current data. Calibration refers to matching the device’s and user’s perceptions of where the user is touching the screen. Remote wipes allow you to remove personal data from a lost or stolen device. Pairing is what must be done in Bluetooth for two Bluetooth devices to connect and communicate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You want to follow the rules of good security administration as set by CompTIA and venders. To do so which account should be disabled on most Windows operating systems for security reasons?

Guest

Power user

Userone

A

Guest

The Guest account should be disabled on the operating system, unless there is good reason to leave the account enabled. Print Operators is a group found on Windows servers. Power Users is a group found on both Windows workstations and servers. Userone is obviously a user account. Unless the user has left the organization, there should be no reason to disable the account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What kind of mobile app is being used when the owner’s phone displays a message on the screen and emits an extremely loud tone?

Antivirus

Locator

Remote wipe

A

Locator

Locator apps can find the phone and then display a message that can be read even while the phone is locked. Locator apps also often give the user the option to make the phone blare a noise to aid in finding the device. Failed login restrictions will wipe a device if a specific number of wrong passwords are entered. Antivirus apps make sure that your phone does not get a virus, but they offer no way to message or locate the device. Remotely wiping a mobile device is a feature of locator apps, but it is not itself an app that displays messages and produces noises

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

As a best practise, after a set period of inactivity on a Windows workstation, what should happen?

The system should shutdown

The system should restart

A password enabled screensaver should automatically start

A

A password enabled screensaver should automatically start

A screensaver should automatically start after a short period of idle time, and that screensaver should require a password before the user can begin the session again. The system should neither shut down nor restart, since work could still be open. For the same reason, the system should not log out the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A new app developed for the Android and platform has which extension?

.sdk

.apk

.ipa

A

.apk

Android apps have an .apk (Android Package Kit) extension. Apps are developed with a software development kit (SDK), but .sdk is not a valid extension. Apple iOS apps use an .ipa (iOS App Store Package) extension. Only the Windows desktop operating system can execute .exe files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following has the goal of allowing a username/password combination to be entered once, and then allowing claims to be used for consecutive logins?

Tokens

Kerberos

Single-sign-on

A

Single-sign-on

The goal of single sign-on (SSO) is to allow a username/password combination. Once the combination is entered, claims are used to access additional resources. Tokens are given to the operating system after a user successfully logs in; they allow a user to access rights on the operating system. Kerberos is used (along with Active Directory) to authenticate a user on the Windows operating system. Multifactor authentication is the use of two or more factors to authenticate a user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following passwords is a secure password?

severpasswordOne

*erverP%ssw#rd

serverpassword1

A

*erverP%ssw#rd

The password *erverP%ssw#rd uses uppercase and lowercase letters, symbols, and numbers, for a possible character base of 95 combinations per position. The password serverpassword0ne uses only lowercase and numbers, for a character base of 36 combinations per position; although it is longer than *erverP%ssw#rd, the complexity still falls short. The password $erVer1 uses uppercase and lowercase letters, symbols, and numbers, but it is too short. The password serverpassword1 is also long and uses lowercase and numbers, but it only has a character base of 36 combinations per position

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What should be implemented to mitigate the risk of a password from being shoulder surfed or keylogged?

Privacy screens

Password complexity

Password expiration

A

Password expiration

Password expiration is a tactic to mitigate passwords from being shoulder surfed or keylogged. Although it won’t remove the threat completely, requiring passwords to expire makes it less likely that the password could be used over a long period of time. Antivirus will not prevent shoulder surfing by other users. Privacy screens would not prevent keyloggers from capturing a password. Password complexity makes it harder to shoulder surf a password but does not mitigate the risk of a keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the best practise for mitigating the risk of a contractor account that is forgotten about?

Time restrictions

Password complexity

Account expiration

A

Account expiration

Account expiration is the best approach to mitigating the risk of a contractor account that is forgotten about. If an expiration for the account is set, it will automatically deny logins after the set time. Time restrictions will limit when the account can be logged into but will not deactivate the account. Password complexity will have no effect on mitigating the risk; it will only require a stronger password. Password expiration will have no effect on mitigating the risk; it will only require the password to be changed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Your boss is concerned that USB drives could infect the workstation. What can you do to mitigate this risk?

Install current updates to the operating system

Disable autorun for all media

Enable BitLocker

A

Disable autorun for all media

Disabling autorun for all media will mitigate the risk of a potential virus being automatically run from USB drives. Installing current updates to the operating system will not prevent a USB drive from performing an autorun. Enabling BitLocker will not prevent autorun from launching. Enabling BitLocker to Go will not prevent autorun from launching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is normally performed when an employee is offboarded?

Their user account is deleted

Their user account is unlocked

Their user account is created

A

Their user account is deleted

When an employee is offboarded, their user account is deleted or disabled. A user account is not created, nor is its password reset, during the offboarding process. A user account normally is created during the onboarding process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

By default, when setting up an Android device, what is the new relevance to the Goggle account required?

The device requires email setup

The account is used for cloud synchronization

The account is used for desktop backups

A

The account is used for cloud synchronization

By default, a Google account is required on Android devices; it is used to synchronize data and app purchases to the cloud. The device does not require email to be set up, but the account can be used for the setup. The account is not used for desktop backups. The device does not require registration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You need to secure your mobile device’s lock screen with the highest level of protection. Which of the following should you use?

Fingerprint lock

Face lock

Password lock

A

Fingerprint lock

Fingerprint locks are the most secure of all the lock methods, since fingerprints are hard to duplicate. Face locks have a high number of false positives, which can be used to gain access to the phone. Passcode locks can be cracked or shoulder surfed. Swipe locks can be shoulder surfed and are usually simple

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You need to encrypt a single file on a Windows Desktop. Which technology should you use?

EFS

BitLocker

NTFS

A

EFS

The Encrypted File System (EFS) is a functionality of the Windows NTFS filesystem. EFS can encrypt individual files and folders. BitLocker is a full device encryption technology. NTFS is a filesystem that supports encryption and security, among other functionality. BitLocker to Go is used for full device encryption of removable drives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A user is in both the Sales group and the Marketing group. The Sales group has full permission at the share level, and the Marketing group has read-only permissions. The files on NTFS are secured with the Modify permission for the Sales group and the Read & Execute permission for the Marketing group. Which permissions with the user have?

Full

Modify

Read-only

A

Modify

Because the user is in both groups and the Sales group has full share permissions and the Sales group has modify NTFS permissions, the most restrictive of the two is Modify, so that will be the effective permission for the user. All of the other answers are incorrect

17
Q

James just moved a folder on the same platform. What will happen with the permissions for the folder?

The permissions will be the same as they were before the move

The permissions will be inherited from the new parent folder

The permissions will be blank until configured

A

The permissions will be the same as they were before the move

The permissions will be the same as before the move, since you are just moving the files and not creating a new entity. The permissions will not be inherited from the parent folder. The permissions will not be configured the same as the root folder. The permissions will not be blank

18
Q

A user is in Sales group. The Sales group has no permissions at the share level. the files on NTFS are secured with the Modify permission for the Sales group. What permissions with the user have?

The user will have the Modify permission when connecting from the network

The user will have the Modify permission when logged in locally to the computer

The user will have read-only permissions when connecting from the network

A

The user will have the Modify permission when logged in locally to the computer

The user will have only the Modify permission when logged in locally to the computer, since the filesystem is not shared with the appropriate permissions. The user will not have the Modify permission when connecting from the network. The user will still have the Modify permission when logged in locally, because of the NTFS permissions. The user will not have read-only permissions when connecting from the network

19
Q

You are trying to delete a file on the local filesystem, but the operating system will not let you. What could be the problem?

The share permissions are not set to Full Control

The file attributes are set to Read-only

The file attributes are set to System

A

The file attributes are set to Read-only

The file attributes are most likely set to Read-only, thus not permitting the file to be deleted. The Modify permission would not hinder the file from being deleted. The share permissions would not have any bearing on the problem, since the local filesystem is being accessed. The file attributes being set to System would not restrict a file from being deleted

20
Q

You need to enforce profile security requirements on mobile devices. Which should you use to achieve this goal?

NDA

BYOD

MDM

A

MDM

Mobile device management (MDM) software enables you to enforce profile security requirements on mobile devices. The acceptable use policy (AUP) is a code of ethics your users should follow when dealing with organizational resources. A non-disclosure agreement (NDA) is an agreement between an employee and the organization to protect intellectual property. A bring you own device (BYOD) policy contains how devices should be secured but provides no enforcement

CompTIA A+ Complete Study Guide: Exam 220-1002, Fourth Edition (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions