A technician is setting up a new laptop. The company's security policy states that users cannot install virtual machines. Which of the following should the technician implement to prevent users from enabling virtual technology on their laptops?
to know you got it right or wrong, they give you a sheet of paper once your test is done which is your result sheet and that includes where you need to improve and such so if that paper didnt list out any of the objectives that mean you got it all right or vice versa.
You could enable secure boot but if you dont have a UEFI password, the user could just disable it. Having a UEFI password and disabling AMD-V and Hyper V is the most logical solution to prevent virtualization.
Surface Unified Extensible Firmware Interface (UEFI) replaces the standard basic input/output system (BIOS) with new features including faster startup and improved security. You can use Surface UEFI to manage the firmware features on your Surface.
To prevent users from enabling virtual technology on their laptops, particularly from accessing the BIOS/UEFI settings where virtualization options are typically found, the technician should set up a UEFI/BIOS password. This password will restrict unauthorized users from making changes to the BIOS/UEFI settings.
The correct answer is:
A. UEFI password
UEFI password: A password that prevents unauthorized users from accessing or changing the UEFI (Unified Extensible Firmware Interface) settings, which are the modern replacement for BIOS (Basic Input/Output System) settings2.
Secure boot: A feature of UEFI that prevents malware from infecting the boot process by verifying that each component is trusted before using it.
A. UEFI password. This is because setting a UEFI password will prevent users from enabling virtual technology on their laptops by blocking them from accessing the UEFI settings where they can change the virtualization options. The other options are either irrelevant or insufficient for this purpose.
B. Secure boot
Secure boot is a feature available in modern computer systems that ensures only trusted operating systems and software components are loaded during the boot process. It helps protect the system against unauthorized modifications and malware. By enabling secure boot, the system verifies the integrity of the boot process and prevents the execution of unauthorized or unsigned code.
B. Secure boot should be implemented to prevent users from enabling virtual technology on their laptops. Secure boot is a UEFI (Unified Extensible Firmware Interface) feature that ensures the integrity of the boot process by only allowing trusted software to run during startup. This can help prevent unauthorized software, such as virtual machines, from being installed and run on the laptop. While a UEFI password, account lockout, and restricted user permissions can also provide some level of security, they may not specifically prevent virtual technology from being enabled on the laptop.
The best solution to prevent users from enabling virtual technology on their laptops would be to implement B. Secure Boot.
Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that ensures the system boots using only software trusted by the PC manufacturer. It helps protect the system against malware and other unauthorized changes to the boot process. By enabling Secure Boot, the technician can prevent the laptop from booting into unauthorized environments, such as virtual machines.
UEFI password (A) would prevent unauthorized access to the system's UEFI settings but would not necessarily prevent the user from enabling virtual technology.
Option A, UEFI (Unified Extensible Firmware Interface) password, is a security feature that prevents unauthorized users from accessing and modifying the UEFI/BIOS settings. While it can provide an additional layer of security, it does not directly prevent users from installing or running virtual machines on their laptops.
Option D, restricted user permissions, is the better choice because it directly addresses the concern of users installing virtual machines. By limiting user permissions, a technician can prevent users from installing new software, including virtualization software, or modifying system settings that could enable virtualization features. This approach aligns with the company's security policy and effectively prevents users from enabling virtual technology on their laptops.
definitely A, block the user from accessing bios, parameters to your liking like ask password if boot on bios not on booting OS, disable virtualization, solve.
this is like mdm on a mobile device, restrict rooting, and installing third-party application, You do that by not letting the user to enable developer options settings.
To prevent users from enabling virtual technology on their laptops, the technician should implement Secure Boot.
Secure Boot is a feature available in most modern UEFI (Unified Extensible Firmware Interface) firmware that ensures only trusted software is executed on the system during bootup. This helps prevent malicious software, such as rootkits and bootkits, from running on the system.
Secure Boot can also be used to prevent users from enabling virtualization technology. Virtualization requires software to run at a low level of the system, which can be blocked by Secure Boot. By enabling Secure Boot and configuring it to only allow trusted software to run, the technician can prevent users from enabling virtualization technology.
UEFI passwords, account lockout, and restricted user permissions are security measures that can help protect the laptop from unauthorized access, but they do not specifically address the issue of virtualization.
but that doesn't mean the user won't be able to access bios and turn it off, then turn on svm or virtualization setting on bios. So setting up uefi password on bios restricting user trying to go to bios all he can do is boot up the os, which solves the default disabled virtualization that can only be turn on by administrator or anyone who put the password on uefi.
B. Secure Boot
UEFI password, account lockout, and restricted user permissions can also be used to enhance security, but they are not directly related to preventing users from enabling virtual technology on their laptops. An UEFI password can protect the UEFI settings from unauthorized access, but it does not prevent the installation of virtual machine software. Account lockout can prevent unauthorized access to user accounts, but it does not prevent the installation of virtual machine software. Restricted user permissions can limit the actions that users can perform on their laptops, but it does not specifically prevent the installation of virtual machine software.
This section is not available anymore. Please use the main Exam Page.220-1102 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
oatmealturkey
Highly Voted 1 year, 2 months agoAde319
1 year, 2 months agoZalounfathom
10 months, 3 weeks agoMango7
9 months, 1 week agoDandyAndy
Highly Voted 1 year, 2 months agoRaffaelloo
Most Recent 6 months, 3 weeks agoMozzy83
7 months, 3 weeks agoalexkeung
10 months, 1 week agoglenpharmd
10 months, 2 weeks agoNabilrrhmn
11 months, 2 weeks agosolaWONDER
12 months agoDelawasp
1 year agoLeRoux
1 year, 2 months ago[Removed]
1 year, 2 months agorah555
1 year, 2 months agolordcheekklappur
1 year, 2 months ago[Removed]
1 year, 3 months ago[Removed]
1 year, 2 months agojambreaker
1 year, 3 months ago[Removed]
1 year, 3 months agoBoats
1 year, 3 months agoexamreviewer
1 year, 3 months ago