Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Exam CS0-002 topic 1 question 43 discussion

Actual exam question from CompTIA's CS0-002
Question #: 43
Topic #: 1
[All CS0-002 Questions]

Bootloader malware was recently discovered on several company workstations. All the workstations run Windows and are current models with UEFI capability.
Which of the following UEFI settings is the MOST likely cause of the infections?

  • A. Compatibility mode
  • B. Secure boot mode
  • C. Native mode
  • D. Fast boot mode
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
I_heart_shuffle_girls
Highly Voted 1 year, 7 months ago
I believe A is correct here. https://media.defense.gov/2019/Jul/16/2002158058/-1/-1/0/CSI-BOOT-SECURITY-MODES-AND-RECOMMENDATIONS.PDF
upvoted 15 times
Obi_Wan_Jacoby
1 year, 6 months ago
concur with A
upvoted 6 times
...
Davar39
4 months, 1 week ago
Even though compatibility mode is less secure than UEFI, it is not a setting. You have to choose compatibility/bios or UEFI. That being said, the only setting that would affect the security is B (disabled secure boot mode).
upvoted 4 times
...
...
John199506
Highly Voted 8 months, 2 weeks ago
Selected Answer: B
The only UEFFI setting you can find in BIOS settings is => Secure boot which has two MODES: enabled and disabled ( which refer to put the system in a state that is compatible with other old OS and blah blah). In this case, the answer could be B, because the cause of infection is that the Secure boot mode is : DISABLED !
upvoted 7 times
...
Adonist
Most Recent 1 week, 2 days ago
Definitely A. Secure Boot is configured to actually prevent this. Compatibility Mode is a setting that allows legacy BIOS. In this mode UEFI works as BIOS instead of UEFI.
upvoted 1 times
...
miabe
2 weeks, 6 days ago
Selected Answer: B
looks good to me
upvoted 1 times
...
barkokodru
4 weeks ago
Selected Answer: B
opting for b as the question asks which "uefi settings" in specific cause the infections
upvoted 2 times
...
HappyG
4 weeks, 1 day ago
Selected Answer: A
Secure Boot is a security feature available on most modern hardware with UEFI firmware to provide a secure environment to start Windows and prevent malware from hijacking the system during the boot process. So A.
upvoted 1 times
...
king777
1 month, 2 weeks ago
Selected Answer: B
Source from official Comptia book according to these the answer is B for sure : Secure boot is a security system offered by UEFI. It is designed to prevent a computer from being hijacked by a malicious OS. Under secure boot, UEFI is configured with digital certificates from valid OS vendors. The system firmware checks the operating system boot loader using the stored certificate to ensure that it has been digitally signed by the OS vendor. This prevents a boot loader that has been changed by malware (or an OS installed without authorization) from being used.
upvoted 1 times
...
EVE12
1 month, 3 weeks ago
Selected Answer: B
Most modern computers use a version of the Unified Extensible Firmware Interface (UEFI). UEFI provides for the ability to secure boot, which will load only drivers and operating system loaders that have been signed using an accepted digital signature. Since these keys have to be loaded into the UEFI firmware, UEFI security has been somewhat contentious, particularly with the open source community. UEFI remains one way to provide additional security if your organization needs to have a greater level of trust in the software a system is loading
upvoted 1 times
...
thegreatnivram
4 months ago
Selected Answer: A
Secure boot mode would not allow bootloader, useing UEFI on compatibibilty mode means act as a regular BIOS, so yuo can also get innfected with bootloader
upvoted 2 times
...
InfoSecGuy93
4 months ago
Selected Answer: A
A is the right Ans. Compatibility mode makes it so that you can use legacy versions of a software. Secure boot is more secure
upvoted 3 times
...
MicYunk
4 months, 4 weeks ago
It would have to be A... Compatibility mode reduces security and increases probability of introducing malware because it degrades the device to work better with things.
upvoted 2 times
...
lionleo
5 months, 1 week ago
the correct answer is A, if it was B the problem won't exist at all, Secure boot blocks unassigned applications and OS from the boot.
upvoted 1 times
...
BigJohnGuyLol
5 months, 2 weeks ago
Selected Answer: A
How is B the correct answer? Secure boot makes rootkit malware more difficult to be infected with. It's A. C and D have no effect on attack surface/make no sense.
upvoted 4 times
...
Charlieb123
5 months, 2 weeks ago
Selected Answer: B
B. Secure Boot Mode has been turned off
upvoted 3 times
...
glenpharmd
6 months ago
B IS CORRECT. Secure boot is an attempt by Microsoft and BIOS vendors to ensure drivers loaded at boot time have not been tampered with or replaced by "malware" or bad software. With secure boot enabled only drivers signed with a Microsoft certificate will load
upvoted 2 times
...
Splunker
8 months, 2 weeks ago
Oh the article also stated: Machines running legacy BIOS or Compatibility Support Module (CSM) should be migrated to UEFI native mode. This tells me that Compatibility mode is not UEFI. The question is asking for a 'UEFI setting' which would be secure boot mode.
upvoted 4 times
...
Splunker
8 months, 2 weeks ago
Here is a link to the pdf so you can make an informed decision: https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-Secure-Boot-Customization-UOO168873-20.PDF
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...