Some mroe Sec+ Questions
1)Fingerprinting vs Footprinting
I initially thought these terms were synonymous, but I've been told otherwise. Can someone explain?
2) I've ran into the following question on two different practice test, and both give different answers:
Sensitive material is currently displayed on a users monitor. What is the best course of action the user should take before leaving the area?
A. Just leave the area. The desk is a personal space and is at no risk
B. Turn off the monitor
C. Wait for the screensaver to start
D. Refer to the company's policy on securing sensitive data
The original practice test I used stated that D was correct. However, a new one I've gotten a hold of has C as correct. What do you guys think?
I initially thought these terms were synonymous, but I've been told otherwise. Can someone explain?
2) I've ran into the following question on two different practice test, and both give different answers:
Sensitive material is currently displayed on a users monitor. What is the best course of action the user should take before leaving the area?
A. Just leave the area. The desk is a personal space and is at no risk
B. Turn off the monitor
C. Wait for the screensaver to start
D. Refer to the company's policy on securing sensitive data
The original practice test I used stated that D was correct. However, a new one I've gotten a hold of has C as correct. What do you guys think?
Comments
-
gojericho0 Member Posts: 1,059 ■■■□□□□□□□Fingerprinting is the ability to determine what type of OS a computer system is running. For example nmap has the ability to try to determine the OS of any IP addresses you scan by looking at the responses of the TCP/IP stack.
Footprinting attempts to derive many IP/hostame mappings as possible by using tools such as WHOIS
I would agree with C for the answer just because most screen savers require a password to unlock them. However is most IT environments there is policy set to start the screen saver after X amount of time in order to centrally manage security policy and not have to rely on every individual. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□Wikipedia is always a good source of information for stuff like this.
http://en.wikipedia.org/wiki/TCP/IP_stack_fingerprinting
http://en.wikipedia.org/wiki/Footprinting (well, this one is a bit lacking...)
You can remember the difference by seeing how actual fingerprinting and footprinting is applied and remembering that fingerprinting is more specific.
I would actually disagree and go with D. A company might have specific policies, such closing the document or locking the machine. The question doesn't state the the screen saver is password protected, so I don't think you should just assume it is. If someone walks by and bumps the desk and moves the mouse a bit, the sensitive information is back on display. That really doesn't seem all that secure. If there is no password, simply turning off the monitor would be a better solution. Plus, it's just a waste of the person's time. What if the screen saver requires 15 or 30 minutes of inactivity? I'd say company policies should take precedence in this type of situation.
It's not a good question, and I'm not 100% sure myself. I wouldn't get too hung up on it. Just understand why both could be correct, and hopefully you won't get a question on the test where you have to choose between the two. -
itrorev Member Posts: 9 ■□□□□□□□□□Thanks guys!!
My gut says that waiting for the screensaver is just impractical and stupid. Now, if you had the option to lock the computer by activating the screensaver at will, (and if it was password protected) that would make sense. But thats not one of the options, so id think D would be correct. -
ConstantlyLearning Member Posts: 445I'd go with D everytime.
With most of those types of questions that I have come across it's usually the "company's policy" option."There are 3 types of people in this world, those who can count and those who can't" -
supertechCETma Member Posts: 377DeltaElectronic Technicians Association-International www.eta-i.org
The Fiber Optic Association www.thefoa.org
Home Acoustics Alliance® http://www.homeacoustics.net/
Imaging Science Foundation http://www.imagingscience.com/