ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1002 All Questions

View all questions & answers for the 220-1002 exam
Go to Exam

Exam 220-1002 topic 1 question 502 discussion

Actual exam question from CompTIA's 220-1002
Question #: 502
Topic #: 1
[All 220-1002 Questions]

A company recently experienced a security incident in which an unauthorized user was able to insert a USB flash drive into a kiosk, launch a non-native OS, and deliver malicious payloads across the network.
Which of the following security measures would have been BEST to prevent the attack from being executed in the first place? (Choose two.)

  • A. Using a host-based antivirus with real-time scanning
  • B. Implementing automatic screen locks after 60 seconds of inactivity
  • C. Creating a strong BIOS/UEFI password
  • D. Disabling AutoRun for USB devices
  • E. Enabling the Secure Boot option
  • F. Changing the default administrator credentials
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by iLikeBeagButt at May 11, 2022, 6:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
iLikeBeagButt
Highly Voted 3 years, 1 month ago
Definitely D, but not so sure about C. I'm leaning more towards B and D. EXAM TIP    Account management security policy best practices dictate that you should implement restrictive user permissions, login time restrictions, account lockout based on failed attempts, and disable the operating system’s built-in AutoRun or AutoPlay features. Finally, you should always change default system user names and passwords where possible. -Mike Meyers ebook
upvoted 5 times
...
alforg03
Most Recent 1 year, 4 months ago
CE are the right answer, Autorun is a microsoft function and deactivating itwould not prevent boot from a device. Secure boot preventivo from booting from external drive and set a strong password would prevent anyone to make any change in the uefi / bios.
upvoted 1 times
...
ZioPier
1 year, 12 months ago
Selected Answer: CE
Autorun is a microsoft function and deactivating itwould not prevent boot from a device. Secure boot preventivo from booting from external drive and set a strong password would prevent anyone to make any change in the uefi / bios. What I don't like of C us that doesn't specify if is user or administrator
upvoted 1 times
...
moneymoney1995
2 years, 9 months ago
I checked on atleast 4 different websites and they show A and B as the right answer which clearly don't make sense at all. D is surely an answer here
upvoted 1 times
...
zach
2 years, 9 months ago
Selected Answer: DF
"an unauthorized user(f. using default admin creds to launch non-native OS) was able to insert a USB flash drive into a kiosk(d. disable usb autorun), launch a non-native OS, and deliver malicious payloads"
upvoted 1 times
...
Passngrass
2 years, 10 months ago
Default credentials and autorun
upvoted 1 times
...
Z_186
3 years ago
I think C is correct, in order to not allow anyone to change the boot order to boot from USB. So C D sounds about right. Secure boot keeps rootkits from attaching to the OS and unsigned drivers out, not helpful so much in this case I think.
upvoted 2 times
...
MagnusCarleson
3 years ago
D, E maybe? wouldn't secure boot prevent the OS from running?
upvoted 2 times
Weta14
2 years, 8 months ago
yup, D & E are correct. Anyone could just to boot startup via USB. Enabling Secure Boot will definitely disable boot to USB. Back in my previous job, we always disable Secure Boot in order to boot via USB.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel