CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [248]
3. Choose the option Scan a computer.
4. The default computer to scan will be the one you are sitting at, but you can change this to another on the network by specifying either the computer’s name or IP address.
5. Click Start Scan.
6. View the report that is given when the scan finishes. The report will include information on missing security updates, and service packs for the operating system as well as Microsoft applications. It will also identify any user accounts that have blank or simple passwords, firewall status, the number of local administrators configured, unnecessary services.
Review Questions
1. Which policy includes all aspects of an organization’s security?
a. Security management policy
b. Information security policy
c. Physical security policy
d. Information classification policy
2. You’re assisting with a policy review to make certain your company has in place all the policies it should. One of your fellow administrators mentions that he has never seen anything detailing information sensitivity and usage. Which policy would cover this topic?
a. Security policy
b. Information classification policy
c. Use policy
d. Configuration management policy
3. Which policy identifies the software and hardware components that can be used in an organization?
a. Backup policy
b. Configuration management policy
c. Inventory policy
d. Use policy
4. Which of the following involves keeping records about how your network or organization changes over time?
a. Change documentation
b. Use policy
c. Systems architecture
d. BIA
5. The process of ensuring that all policies, procedures, and standards are met is a function of which process?
a. Education
b. Enforcement
c. Responsibility
d. Change management
6. Mercury Technical Services is formulating a set of guidelines that outline the components of effective security management. After these have been tried and tested at the Anderson branch, they will be rolled out to all other divisions. What is this set of guidelines called?
a. Best practices
b. Forensics
c. Chain of evidence
d. Use policy
7. Which policy identifies the files and data that must be archived?
a. Information classification policy
b. Use policy
c. Logs and inventories policy
d. Information retention policy
8. Which policy defines upgrade and systems requirements?
a. Configuration management policy
b. Use policy
c. Logs and inventory policy
d. Backup policy
9. A policy review is under way. The new head of HR wants to show that a formal policy exists for every aspect of IT. You’ve been assigned the role of producing whatever information he asks for. Which policy dictates the processes used to create archival copies of records?
a. Backup policy
b. Security policy
c. Use policy
d. User management policy
10. Which topic would not normally be covered in a user-oriented security-awareness program?
a. Security management policy
b. Use policy
c. Network technology and administration
d. Account and password criteria
11. You’re a new hire at SMT. One of your job responsibilities is to provide monthly training sessions on security topics over lunch. You want to prioritize the presentations and first give those that are the most important. Which group would most benefit from an overall briefing on security threats and issues?
a. Management
b. Users
c. Developers
d. Network administrators
12. Thanks to the awarding of a grant, you’ll now be able to replace all the outdated workstations with newer models. Many of those workstations will be coming from the business office. Which of the following should occur when a computer system becomes surplus?
a. All files should be erased.
b. Disk drives should be initialized.
c. Disk drives should be formatted.
d. Computer screens should be degaussed.
13. BIOS-based