site_logo

Previous Next


  1. A+ Core 2 Practice Tests
  2. A+ Lab Simulator
  3. A+ LabSim w/ ExamSim
  4. A+ Core2 Cram Notes

A+ Core 2 Certification Cram Notes : Security

2.6 Explain the following wrt configuring a workstation to meet best practices for security

Data-at-rest encryption

This is a security technique that encrypts the data stored on a workstation’s hard drive. It prevents unauthorized access to data in the event of a breach or theft of the device.

To configure a workstation for data-at-rest encryption, one can use Microsoft's BitLocker or other third-party software.

The encryption key should be stored securely, and password or other authentication method should be required to access the data.

Password best practices

Complexity requirements: passwords should contain a mix of uppercase and lowercase letters, numbers, and special characters.

Length: passwords should be at least 12 characters long.

Character types: use a mix of letters, numbers, and special characters.

Expiration requirements: passwords should be changed regularly to prevent unauthorized access. For example, every 90 days.

BIOS/UEFI passwords: setting passwords on the system BIOS/UEFI can provide additional security.

Overall, it is important to ensure that passwords are not easily guessable, and users should avoid using the same password for multiple accounts. Additionally, two-factor authentication should be implemented for sensitive accounts.

End-user best practices

Use screensaver locks: It is a best practice to use screensaver locks to secure the system when it is left unattended. This ensures that no unauthorized access to the system takes place.

Log off when not in use: It is important to log off from the system when it is not in use. This ensures that the system is not accessible to unauthorized users.

Secure/protect critical hardware (e.g., laptops): Critical hardware such as laptops should be secured and protected. This includes using cable locks, carrying cases, and securing them when not in use.

Secure personally identifiable information (PII) and passwords: Personal information such as passwords and PII should be kept secure. This includes not sharing passwords with others, using strong and unique passwords, and not sharing PII unless necessary.

Account management

Account management is a crucial part of maintaining security for any system. Here are some best practices related to account management:

Restrict user permissions: Users should only have the permissions necessary to perform their job functions. This reduces the risk of accidental or intentional data breaches.

Restrict login times: Users should only be able to log in during the times they need to work. This reduces the risk of unauthorized access.

Disable guest account: The guest account should be disabled, as it is a potential entry point for attackers.

Use failed attempts lockout: After a certain number of failed login attempts, the account should be locked out for a specified amount of time. This reduces the risk of brute force attacks.

Use timeout/screen lock: If a user is inactive for a certain amount of time, the system should automatically lock the screen or log the user out. This reduces the risk of unauthorized access.

Additionally, it is important to change the default administrator's user account and password, as these are often well-known and easy for attackers to exploit. By changing the default credentials, the system becomes more secure.

Disable AutoRun, AutoPlay

AutoRun and AutoPlay are two different features in Windows OS.

AutoRun allows the automatic execution of a program when a removable device is connected to a computer, while AutoPlay provides a dialog box that allows the user to choose what to do with the connected device.

To disable AutoRun in Windows, follow these steps:

1. Press the Windows key + R to open the Run dialog box.

2. Type "gpedit.msc" and press Enter to open the Local Group Policy Editor.

3. Navigate to Computer Configuration -> Administrative Templates -> Windows Components -> AutoPlay Policies.

4. Select "Turn off Autoplay" and choose "Enabled" to disable AutoRun.

To disable AutoPlay in Windows, follow these steps:

1. Press the Windows key + R to open the Run dialog box.

2. Type "control" and press Enter to open the Control Panel.

3. Click on "Hardware and Sound" and then click on "AutoPlay".

4. Uncheck the box next to "Use AutoPlay for all media and devices" to disable AutoPlay.


Previous Next



simulationexams.com ad

certexams.com ad