10 Endpoint Security – EGCERT Security Plus Study

Question 1 of 10

A hospital's IT department discovers that medical workstations deployed six months ago now have inconsistent security settings, with some having disabled firewalls and others running unauthorized software. The team needs to ensure all new deployments start from a standardized, secure state and prevent future deviations. What solution should they implement to establish consistent security configurations across all endpoints and prevent configuration drift?

Hardened system images based on CIS benchmarks

Manual configuration checklists applied by technicians during setup

Individual system hardening performed after each device is deployed

Automated scripts that only check compliance without enforcing standards

Question 2 of 10

A financial analyst's laptop containing sensitive customer data is stolen from their vehicle during a business trip. The organization needs to ensure that even if the hard drive is removed and accessed externally, the data remains inaccessible to unauthorized users. Which security control should have been implemented?

Full Disk Encryption

File-level encryption for documents marked as confidential

BIOS passwords to prevent unauthorized booting of the system

Remote wipe capabilities

Question 3 of 10

A manufacturing company's workstations are running outdated operating system versions with known vulnerabilities, but the IT team is hesitant to deploy updates during operational hours due to fear of disrupting critical processes. They need a systematic approach to handle updates that minimizes risk. What strategy should they implement to manage OS and application updates effectively?

Update once a year and apply all accumulated updates at once

Manual patching only

Immediately deploy all available updates to production systems without testing

Automated patch deployment with testing environments and scheduled maintenance windows

Question 4 of 10

During a security audit of a corporate accounting department, assessors discover multiple unauthorized gaming applications, legacy browsers, and administrative tools installed on workstations. These applications have known vulnerabilities and create potential entry points for attackers. Which hardening practice should the organization enforce to minimize these risks?

Removal of unnecessary software

Installing additional antivirus software to monitor the unauthorized applications

Creating network segmentation rules that block traffic from these specific applications

Requiring users to sign policies to agree not to install software

Question 5 of 10

A company's traditional signature-based antivirus solution failed to detect a sophisticated ransomware attack that encrypted files across multiple endpoints. The security team needs a solution that detects threats in real-time. Which technology should they deploy to replace their legacy antivirus and provide automated response capabilities?

EDR

IDS

DLP

Manual incident response procedures requiring administrator intervention

Question 6 of 10

An organization notices that its staff continue to download and install a popular game at work. Administrators block the web address where the game is available for download, but the company that produces the game changes the URL regularly. What is the BEST approach to prevent installation of this game?

A firewall rule blocking all inbound traffic on port 443

A content filter rule banning the download URL

Application deny listing

Application allow listing

Question 7 of 10

A cybersecurity team for a technology company specializes in developing mobile applications for various industries. The team is working on a new app that utilizes location services to provide users with real-time updates on nearby events and activities, based on their location. However, the project stakeholders have expressed concerns about certain aspects of location services. What is the PRIMARY concern surrounding location services in mobile devices?

Battery consumption

Lack of accuracy

Privacy

Limited availability

Question 8 of 10

A contractor's compromised credentials are used to access sensitive databases at 3 AM from an unusual geographic location, downloading large amounts of data in patterns that differ significantly from the user's normal baseline. Traditional security tools show successful authentication and authorized access. Which technology would best identify this anomalous activity?

UEBA

RBAC

DLP

Geographic IP blocking

Question 9 of 10

A Windows enterprise environment needs to enforce strict security requirements including complex password policies, disabling USB storage devices, preventing installation of unauthorized software, and standardizing registry settings across thousands of domain-joined workstations. Which technology provides this centralized management and policy enforcement capability?

SELinux security policies applied to each workstation

GPO deployed through AD

Local security policies configured individually on each machine

Manual registry edits distributed via batch scripts or PowerShell

Question 10 of 10

A company wants to provide mobile devices to sales representatives who need to install personal applications for travel and entertainment, while ensuring IT can enforce encryption, remotely wipe only corporate data if the device is lost, and prevent backups to personal cloud accounts. Which deployment model and solution combination supports these requirements?

COPE devices managed through MDM with containerization

BYOD devices with full device wipe capabilities

COBO devices restricting all personal application installation

BYOD without MDM

Endpoint Security

You scored out of