Ann a member of the Sales Department has been issued a company-owned laptop for use when
traveling to remote sites. Which of the following would be MOST appropriate when configuring
security on her laptop?
A.
Configure the laptop with a BIOS password
B.
Configure a host-based firewall on the laptop
C.
Configure the laptop as a virtual server
D.
Configure a host based IDS on the laptop
A laptop with a BIOS password configured prevents anyone who does not know the BIOS password login to the BIOS. It does not prevent the intruder login to the laptop (assuming the hacker breaks the login password) and steal the data.
Configure a host-based firewall on the laptop would allow/disallow certain protocol, port, IP address, program to run on the laptop. It does not prevent the intruder login to the laptop (assuming the hacker breaks the login password) and steal the data.
Configure the laptop as a virtual server is definitely a wrong answer.
Configure a host based IDS on the laptop. It notifies the user if anything anomaly happens.
This is an ambiguous question. It did not mention about the cost. If the company has NO extra money to spend, the only thing we can do is enable BIOS password and enable the Windows firewall (assuming the laptop comes with Windows).
The best answer is do a full disk encryption. Since none of the answers is right, I would pick A (the $0 cost method).
1
0
I struggle with this question as well. Here the question asks for appropriate–as ambiguous as you can get. If you are setting the bios password, you are largely defending the laptop from Ann since you clearly don’t want her to change the current laptop settings. If you are dealing with a laptop situation in a hotel, you are usually more concerned with lax security and potential intrusion from other hotel residents. I actually believe that the host firewall is the best option. This would prevent an intruder from launching an attack from the laptop to the remote main site. I agree that data at rest encryption would be preferable but that is not the option. I understand the rationale provided for the bios password provided and honestly, Lake’s rationale is just as valid as mine. I just hate the idea that a bios password that can be disabled by an onboard switch is the appropriate answer.
1
0
In my opinion, Lake explained it well except his very last statement. I choose HIDS – D
0
0