Controls to secure mobile devices and servers in data centers

SeekBytesSeekBytes Member Posts: 143
Hello to everybody.


I am been reading two books for the exam. Darril Gibson and Sybex Sith Edition for Sec+.


I have a sim where I got to secure mobile devices and servers in data centers. I have a list of controls and I can use multiple times the same control.


Controls:

Screen Lock
Strong Password
Device encryption
Remote Wipe
GPS Tracking
Pop-blocker
Cable locks
Antivirus
Host-based firewall
Proximity reader
Sniffer
Mantrap


- Mobile devices:


Scree Lock, Strong Password, GPS Tracking, Device Encryption, Remote Wipe, Cable locks


- Server in Data Center:


Biometrics, Mantrap, Proximity Reader, Device Encryption, Strong Password, Host-Based Firewall.


Based on the Sybex book, it's recommended to use Strong Passwords and Device Encryption on data storage.
Instead following Darril Gibson, I would not use Strong Password on Mobile and I would also add Biometric to it.


What would you answer?

Comments

  • T-RAVT-RAV Member Posts: 22 ■□□□□□□□□□
    I got a similar SIM from a different source.

    With the help of an instructor:

    -Mobile devices:

    GPS Tracking, Remote Wipe, Strong Passwords, Device Encryption, AntiVirus, Biometrics, cable locks

    -Server in Data Center

    Mantrap, Strong Passwords, Proximity Badges, AntiVirus, Host based firewall

    I would have strong password on both. laptops need a strong password. even if it is a smartphone with a 4 digit code, you want it as strong as possible, not 1234.

    I would only put biometrics on mobile (ie fingerprint on smartphone or laptop). it is asking for server in data center. you might use biometrics to get into the data center, but most likely you wont use it to get onto the server.

    The one I wonder about also is Device Encryption. I would say it is only mobile devices for a couple reasons. Device encryption implies encrypting the whole device. It is not practical to encrypt the whole server. unless you are the NSA or something. maybe a folder or a drive encryption, but not the entire server. it would just use too many resources that are better off working on other things.

    It does make since though to encrypt an entire mobile device since that can be easily stolen put into the wrong hands.

    Hope this Helps
  • MumarkadaphMumarkadaph Registered Users Posts: 2 ■□□□□□□□□□
    This sounds like it's in direct relation to a braindump. Don't use braindumps!
Sign In or Register to comment.