Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
CompTIA
Security+
Some mroe Sec+ Questions
itrorev
1)
Fingerprinting vs Footprinting
I initially thought these terms were synonymous, but I've been told otherwise. Can someone explain?
2) I've ran into the following question on two different practice test, and both give different answers:
Sensitive material is currently displayed on a users monitor. What is the best course of action the user should take before leaving the area?
A. Just leave the area. The desk is a personal space and is at no risk
B. Turn off the monitor
C. Wait for the screensaver to start
D. Refer to the company's policy on securing sensitive data
The original practice test I used stated that D was correct. However, a new one I've gotten a hold of has C as correct. What do you guys think?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
gojericho0
Fingerprinting is the ability to determine what type of OS a computer system is running. For example nmap has the ability to try to determine the OS of any IP addresses you scan by looking at the responses of the TCP/IP stack.
Footprinting attempts to derive many IP/hostame mappings as possible by using tools such as WHOIS
I would agree with C for the answer just because most screen savers require a password to unlock them. However is most IT environments there is policy set to start the screen saver after X amount of time in order to centrally manage security policy and not have to rely on every individual.
dynamik
Wikipedia is always a good source of information for stuff like this.
http://en.wikipedia.org/wiki/TCP/IP_stack_fingerprinting
http://en.wikipedia.org/wiki/Footprinting
(well, this one is a bit lacking...)
You can remember the difference by seeing how actual fingerprinting and footprinting is applied and remembering that fingerprinting is more specific.
I would actually disagree and go with D. A company might have specific policies, such closing the document or locking the machine. The question doesn't state the the screen saver is password protected, so I don't think you should just assume it is. If someone walks by and bumps the desk and moves the mouse a bit, the sensitive information is back on display. That really doesn't seem all that secure. If there is no password, simply turning off the monitor would be a better solution. Plus, it's just a waste of the person's time. What if the screen saver requires 15 or 30 minutes of inactivity? I'd say company policies should take precedence in this type of situation.
It's not a good question, and I'm not 100% sure myself. I wouldn't get too hung up on it. Just understand why both could be correct, and hopefully you won't get a question on the test where you have to choose between the two.
itrorev
Thanks guys!!
My gut says that waiting for the screensaver is just impractical and stupid. Now, if you had the option to lock the computer by activating the screensaver at will, (and if it was password protected) that would make sense. But thats not one of the options, so id think D would be correct.
ConstantlyLearning
I'd go with D everytime.
With most of those types of questions that I have come across it's usually the "company's policy" option.
supertechCETma
Delta
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
