Ann was reviewing her company’s event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue?
A. Enabling time of day restrictions B. Disabling unnecessary services C. Disabling unnecessary accounts D. Rogue machine detection
Explanation: User account control is a very important part of operating system hardening. It is important that only active accounts be operational and that they be properly managed. This means disabling unnecessary accounts. Enabled accounts that are not needed on a system provide a door through which attackers can gain access. You should disable all accounts that are not needed immediately—on servers and workstations alike. Here are some types of accounts that you should disable: Employees Who Have Left the Company: Be sure to disable immediately accounts for any employee who has left the company. This should be done the minute employment is terminated. Temporary Employees: It is not uncommon to create short-term accounts for brief periods of time for access by temporary employees. These also need to be disabled the moment they are no longer needed. Default Guest Accounts: In many operating systems, a guest account is created during installation and intended for use by those needing only limited access and lacking their own account on the system. This account presents a door into the system that should not be there, and all who have worked with the operating system knows of its existence, thus making it a likely target for attackers.
A security technician received notification of a remotely exploitable vulnerability affecting all multifunction printers firmware installed throughout the organization. The vulnerability allows a malicious user to review all the documents processed by the affected printers. Which of the following compensating controls can the security technician to mitigate the security risk of a sensitive document leak?
A. Create a separate printer network B. Perform penetration testing to rule out false positives C. Install patches on the print server D. Run a full vulnerability scan of all the printers
Which of the following assets is MOST likely considered for DLP?
A. Application server content B. USB mass storage devices C. Reverse proxy D. Print server
Explanation: Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. A USB presents the most likely device to be used to steal data because of its physical size.
A technician has just updated a users PC to Windows 7 and connected to a network printer through a print server. After finishing, the user reports that the printer will not print. Which of the following is the MOST likely reason for this issue?
A. The PCs network connection is down. B. The print server does not have the proper driver. C. The printer is not installed on the print server. D. The server is using PCL instead of PostScript.
A 2,000 line per minute parallel impact printer is being installed in a room that is 100 feet (30.48 meters) from the print server. Once connected it does not print reliably. Which of the following is the cause?
A. The cable was installed next to florescent lighting. B. The cable length has exceeded the limit of the standard. C. The printer should have been a USB model. D. The printer I/O logic is faulty and must be replaced.
After migrating a network-based print queue to a new server, users are reporting that documents are not printing correctly and print jobs will error out or print garbled text. Which of the following actions will BEST resolve this issue for the affected users?
A. Install the correct drivers on the server. B. Delete and reconnect to the print queue on the client machine. C. Restart the print queues on the print server. D. Reinstall the printer drivers on the client desktops.
A user has a wireless home office and would like to add file storage and print server to the domain. The user has only enough funds to upgrade one feature on the server. Which of the following would be the MOST beneficial upgrade for this PC role?
A. Add a second multi-core processor for faster computations B. Add a Gigabit Ethernet card for fast file transfers. C. Replace Windows XP Professional with the newer Windows 7 Home Premium D. Add an additional hard drive to create a RAID 0