1
Q
Non-compliant systems
A
- A constant challenge
– There are always changes and updates - Standard operating environments (SOE)
– A set of tested and approved
hardware/software systems
– Often a standard operating system image - Operating system and application updates
– Must have patches to be in compliance
– OS updates, anti-virus signatures
– Can be checked and verified before access is given
2
Q
Protecting against non-compliant systems
A
- Operating system control
– Apply policies that will prevent
non-compliant software - Monitor the network for application traffic
– Next-generation firewalls with application visibility - Perform periodic scans
– Login systems can scan for non-compliance
– Require correction before the system is given access
3
Q
Unpatched systems
A
- Microsoft Patch Tuesday
– Second Tuesday of each month (10:00 AM PST) - Suddenly, systems are vulnerable to security flaws
– Patch the operating system and applications - An organization might have thousands of systems
– Some of those are major services - One forgotten system may be the weakest link
– This happens quite a bit - Patch management is a critical practice
– Test, prioritize, and deploy
4
Q
Unprotected systems
A
- Security issues are often roadblocks
– Applications may not work properly without
additional configurations - Some troubleshooting tasks can be insecure
– Disable antivirus and try again
– Disable the firewall and try again - Permanently disabling security isn’t the answer
– You don’t fix a bad door lock by removing the door
– Become an expert in application troubleshooting
5
Q
Product support lifetime
A
- End of life (EOL) operating systems
– Manufacturer stops selling an OS
– May continue supporting the OS
– Important for security patches and updates - End of service life (EOSL)
– Manufacturer stops selling an OS
– Support is no longer available
– No ongoing security patches or updates
– May have a premium-cost support option - Technology EOSL is a significant concern
– Security patches are part of normal operation
6
Q
BYOD
A
- Bring Your Own Device / Bring Your Own Technology
- Employee owns the device
– Need to meet the company’s requirements - Difficult to secure
– It’s both a home device and a work device
– How is data protected?
– What happens to the data when a device is
sold or traded in?
– An infected device could disclose proprietary
company information
Comptia A+ Core 2
flashcards
Decks in class (69)
# Cards
-
1.1 An Overview of Windows8
-
1.1 - Windows Features8
-
1.1 - Windows Upgrades5
-
1.2 - Windows Command Line Tools15
-
1.2 - The Windows Network Command Line8
-
1.3 - Task Manager7
-
1.3 - The Microsoft Management Console9
-
1.3 - Additional Windows Tools6
-
1.4 - The Windows Control Panel15
-
1.5 - Windows Settings11
-
1.6 - Windows Network Technologies8
-
1.6 - Configuring Windows Firewall3
-
1.6 - Windows IP Address Configuration3
-
1.6 - Windows Network Connections5
-
1.7 - Installing Applications10
-
1.8 - Operating System Overview10
-
1.8 - Filesystems5
-
1.9 - Installing Operating Systems7
-
1.9 - Upgrading Windows5
-
1.10 - macOS Overview6
-
1.10 - macOS System Preferences7
-
1.10 - macOS Features12
-
1.11 - Linux Commands20
-
1.11 - Linux Features4
-
2.1 - Physical Security9
-
2.1 - Physical Security for Staff8
-
2.1 - Logical Security7
-
2.1 - Active Directory8
-
2.2 - Wireless Encryption8
-
2.2 - Authentication Methods5
-
2.3 - Malware10
-
2.3 - Anti-Malware Tools7
-
2.4 - Social Engineering10
-
2.4 - Denial of Service4
-
2.4 - Zero-Day Attacks2
-
2.4 - On-Path Attacks3
-
2.4 - Password Attacks5
-
2.4 - Insider Threats2
-
2.4 - SQL Injection2
-
2.4 - Cross-site Scripting5
-
2.4 - Security Vulnerabilities6
-
2.5 - Defender Antivirus3
-
2.5 - Windows Firewall3
-
2.5 - Windows Security Settings9
-
2.6 - Security Best Practices10
-
2.7 - Mobile Device Security9
-
2.8 - Data Destruction5
-
2.9 - Securing a SOHO Network15
-
2.10 - Browser Security11
-
3.1 - Troubleshooting Windows11
-
3.1 - Troubleshooting Solutions14
-
3.2 - Troubleshooting Security Issues6
-
3.3 - Removing Malware9
-
3.4 - Troubleshooting Mobile Devices8
-
3.5 - Troubleshooting Mobile Device Security12
-
4.1 - Ticketing Systems6
-
4.1 - Asset Management3
-
4.1 - Document Types9
-
4.2 - Change Management11
-
4.3 - Managing Backups10
-
4.4 - Managing Electrostatic Discharge4
-
4.4 - Safety Procedures4
-
4.5 - Environmental Impacts7
-
4.6 - Privacy, Licensing, and Policies13
-
4.7 - Communication6
-
4.7 - Professionalism5
-
4.8 - Scripting Languages7
-
4.8 - Scripting Use Cases8
-
4.9 - Remote Access12
