CompTIA Security+ Question L-11

Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?

A. Deploy a HIDS suite on the users’ computers to prevent application installation.
B. Maintain the baseline posture at the highest OS patch level.
C. Enable the pop-up blockers on the users’ browsers to prevent malware.
D. Create an approved application list and block anything not on it.

Answer: D

You can use Software Restriction Policy or its successor AppLocker to prevent unauthorized applications from running or being installed on computers. Software Restriction Policies (SRP) is Group Policy-based feature that identifies software programs running on computers in a domain, and controls the ability of those programs to run. Software restriction policies are part of the Microsoft security and management strategy to assist enterprises in increasing the reliability, integrity, and manageability of their computers. You can use AppLocker as part of your overall security strategy for the following scenarios: Help prevent malicious software (malware) and unsupported applications from affecting computers in your environment. Prevent users from installing and using unauthorized applications. Implement application control policy to satisfy portions of your security policy or compliance requirements in your organization.