Workstation A workstation is any device that allows a user to interact with data. Workstations are how users typically connect to the IT infrastructure and include desktop computers, laptop computers, and any device that connects to the network. 1.) Which of the following would not be considered a workstation? a. Smartphone b. Fax Machine c. Router d. Printer Physical Security According to the 2011 Verizon Breach Report, physical attacks account for 10% of all reported data breaches. In order to prevent physical security breaches strong passwords should be used as well protecting your workstation monitor from unintended viewing by unauthorized parties. 2.) Fill in the blanks about strong password policy: A strong password should be _____ characters minimum, have at least _____ number character, and should not contain ______. 3.) True or False: You should always lock your computer when you leave, even if you plan to only be gone for a second. Often, discarded documents or documents left on copiers, printers, etc. can be a rich source of information. When documents are no longer needed they should properly be disposed of to prevent physical security breaches. 4.) Which of the following is the most practical method of destroying an unneeded document? a. Throwing it in the trash b. Shredding it c. Burning it d. Mixing it with the cafeteria’s Tuesday lunch “surprise” Malware Malware, also known as malicious code, refers to a program that is covertly inserted into another program with the intent to destroy data, run destructive or intrusive programs, or otherwise compromise the confidentiality, integrity, or availability of the victim’s data, applications, or operating system. 5.) True or False: Malware is a common external threat to hosts. 6.) Which of the following is NOT a type of malware a. Virus b. Worm c. Spear Phish d. Trojan Horse 7.) A _______ is a self-replicating, self-contained program that execute itself without user intervention. Angela is an average user at the company. Angela often communicates with outside clients to arrange meetings and sales and so has a highly visible external email address and often receives legitimate but unexpected inquiry emails from external parties. 8.) Angela receives a document in an email from an unfamiliar source claiming to contain pictures of cute kittens. She ignores her awareness training and opens the email attachment. Sadly, the document contained malware and attempts to infect her machine. Angela has just been victim of a ______________ attack. 9.) If Angela has keeps her _____________ _______________ up to date, the infection could be detected and possibly eliminated. Jim is a user who often travels on behalf of the organization and carries a laptop that contains sensitive data as well as his own personal files. For the sensitive data, the major threat that the organization needs to mitigate is unauthorized disclosure of data from the loss or theft of the laptop. 10.) The organization can protect the data by implementing ______ ______ encryption on the laptop and requiring pre-boot ______. Suppose Jim’s organization alters their security policy to force all laptops to be dual-boot, one OS for sensitive information and one for user data, and prohibits storing personal files on the organization OS. 11.) If under the new configuration encryption is only supported at the OS level, which of the following would be best for storing sensitive data: a. Install a file/folder encryption solution on the sensitive OS. b. Hide sensitive data on the user OS where no one will think to look. c. Wipe the sensitive OS regularly to reduce the amount of data which could be compromised. d. Use the OS access control features to strictly limit where the user can save files. Virtualization Virtualization is the simulation of the software and/or hardware upon which other software runs. This simulated environment is called a virtual machine (VM). In full virtualization, one or more operating systems (OSs) and the applications they contain are run on top of virtual hardware. Each instance of an OS and its applications runs in a separate VM called a guest operating system. 12.) The guest OSs on a host are managed by the _________ which controls the flow of instructions between the guest OSs and the physical hardware. 13.) Malicious attackers may attempt to break out of a guest OS to access underlying structures. This places the all other guest OSs and the underlying host OS at risk and is known as a(n) a. Sandbox attack b. Leak c. Side-channel attack d. Escape Bios The system BIOS is the first piece of software executed on the main central processing unit (CPU) when a computer is powered-on. While the system BIOS was originally responsible for providing operating systems access to hardware, its primary role on modern machines is to initialize and test hardware components and load the operating system. In addition, the BIOS loads and initializes important system management functions. 14.) The primary function of the system BIOS is to initialize important hardware components and to load the operating system. This process is known as Booting. What is the last step of the boot process? a. Select Boot Device b. Load Operating System c. Initialize and Test Low-Level Hardware d. Execute Core Root of Trust e. Load and Execute Additional Firmware Modules 15.) True or False: The BIOS is typically implicitly trusted 16.) True or False: BIOS level malware is simple to detect because anti-malware products can easily scan the BIOS before boot.