3.3.10 Check Your Understanding – Defending Systems and Devices

Aug 1, 2024 Last Updated: Aug 1, 2024 Network Support and Security No Comments
Tweet Share Pin it

1. Which characteristic describes Fileless malware?

  • It uses legitimate programs to infect a computer.
  • It displays an advertisement or popup that looks like an actual Windows warning.
  • It records keystrokes to access passwords, confidential information, and spyware.
  • It uses the IP addresses of known phishing websites.

Explanation: Fileless malware uses legitimate programs to infect a computer. Going straight into memory, this type of malware doesn’t rely on files, so it leaves no footprint.

2. True or False:
A host intrusion detection system cannot monitor network traffic that does not reach the host system.

  • True
  • False

Explanation: A host intrusion detection system cannot monitor network traffic that does not reach the host system, but it does monitor operating system and critical system processes specific to that host.

3. Which host based network security device combines a traditional firewall with other network-device-filtering functions like DPI?

  • EDR
  • HIDS
  • NGFW
  • HIPS

Explanation: NGFW is a network security device that combines a traditional firewall with other network-device-filtering functions like Deep Packet Inspection (DPI).

4. Which Microsoft tool can be used to encrypt removable drives without the use of a TPM chip?

  • BitLocker To Go
  • MRT
  • BitLocker
  • XProtect

Explanation: BitLocker To Go is a Microsoft tool that encrypts removable drives. It does not use a TPM chip, but still encrypts the data. It requires a password to decrypt the data.

5. What is the purpose of the TPM chip on the motherboard?

  • It stores information about the host system, such as encryption keys, digital certificates and passwords.
  • It is used to encrypt the entire contents of a drive (including temporary files and memory).
  • It is used to scan for keylogging malware installed on the system.
  • It is used to detect fileless viruses using scripting languages such as Windows PowerShell.

Explanation: The TPM is a specialized chip on the motherboard that stores information about the host system, such as encryption keys, digital certificates and passwords.

6. Which Apple security feature protects low-level hardware and only allows genuine and unaltered Apple OS software to run?

  • Secure Boot
  • MRT
  • XProtect
  • Gatekeeper

Explanation: Secure Boot -The Boot ROM protects low-level hardware and only allows genuine and unaltered Apple OS software to run.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments