ANSWERS GRADED A+
●● The Windows Firewall (WF) provides a popup when a new service
attempts to listen on your machine. Which of the following should you
train users to select from a security perspective if they are unsure of
which option to select?
(Keep Blocking) (Increase Security Level) (Safe Mode) (Send Request
to Administrator).
Answer: Keep Blocking
( Explanation )
The three available options for Windows Firewall are Keep Blocking,
Unblock and Ask Me Later. Keep Block does not allow the program to
acquire a listening port. You should train your users to choose this option
when there is any doubt as to what they should do. There are no Safe
Mode or Send Request to Admin options.
●● Which Threat will be reduced when avoiding system calls from
within a web app?.
Answer: OS command injection
( Explanation )
,The primary way to avoid OS command injection attacks is to avoid
system calls from your web application, especially when the system call
is built based on user input. In most cases, you should be able to find a
function or library within your programming language that can perform
the same action.
●● How often by default does Windows Group Policy check for updated
policies?
(Once a day) (Within 30 minutes of an applied policy change) (Every
quarter hour) (Every 90-120 minutes)
INCORRECT ON PT.
Answer: Every 90-120 minutes
( Explanation )
When a computer boots up, it downloads the GPO's assigned to it and
executes them automatically. Every 90-120 minutes thereafter, the
computer checks that none of the GPO's assigned to it have changed, if
any have, those are downloaded and run automatically even if the
computer has not rebooted. 0-30minutes, 30-60 minutes and 120-180
minutes are durations a group policy could possibly be modified to use,
the standard duration used by Group Policy is 90-120 minutes.
●● Which of the following best describes Defense-in-Depth?
,Layered controls - Separation of duties - Hardened perimeter security -
Risk management.
Answer: Layered controls
( Explanation )
Defense-in-depth is best characterized by layered defenses. The idea is
that any layer of defense may eventually fail, but a Layered Defense
offers better protection. Risk management, separation of duties, and
hardened perimeters are part of a layered defense but do not describe the
full concept of DiD.
●● Which of the following is considered a recommended practice but
not a business requirement?
Guideline - Standard - Baseline - Procedure
INCORRECT ON PT.
Answer: Guideline
( Explanation )
Guidelines, unlike standards and policies, are not mandatory. Guidelines
are more of a recommendation of how something should be done.
, ●● Which of the following is a characteristic of Quality Updates for
Windows?
Are released less frequently than Feature Updates - Support deferring
installation on Home edition devices - Include bug fixes and security
patches - Increment the version of Windows.
Answer: Include bug fixes and security patches
( Explanation )
Quality Updates are smaller improvements to already existing software
on Windows systems, and include bug fixes and security fixes. They are
released about every 30 days, whereas Feature Updates are released a
couple of times a year and increment the Windows version. Installation
of Quality Updates may be deferred for up to 30 days, except on Home
edition devices.
●● When does applying an encryption algorithm multiple times provide
additional security?
When the algorithm is a group - When the algorithm is not a group - The
algorithm uses xor - The algorithm is weak
INCORRECT ON PT.
Answer: When the algorithm is not a group