Question
In: Computer Science
A security analyst is reviewing an endpoint mat was found to have a rootkit installed. The...
A security analyst is reviewing an endpoint mat was found to have a rootkit installed. The root kit survived multiple attempts to clean the endpoint as well as an attempt to reinstall the OS. The security analyst needs to implement a method to prevent other endpoints from having similar issues. Which of the following would BEST accomplish this objective?
-
Utilize measured boot attestation
-
Enforce the secure boot process
-
Reset the motherboard's TPM chip
-
Reinstall the OS with Known-good media
-
Configure custom anti malware rules
Solutions
Expert Solution
Fifth option is the correct answer.
Configuring custom anti-malware rules will prevent other endpoints from having similar issues. Malwares can prevent rootkit. The application should be properly updated and there should be specific custom anti-malware rules configuration to prevent the rootkit.
First option is incorrect as utilizing measured boot attestation will not resolve the problem. The rootkit has not been removed after reinstalling the operating system.
Second option is incorrect as enforcing the secure boot process will not resolve it. The rootkit has not been removed after reinstalling the operating system.
Third option is incorrect as hardware configuration can't resolve nay software problem.
Fourth option is incorrect as reinstalling the Operating System with Known-good media will not resolve it. The rootkit has not been removed after reinstalling the operating system.
Please comment in case of any doubt.
Please upvote if this helps.
venereology answered 6 months agoRelated Solutions
A security analyst is reviewing output from a CVE-based vulnerability scanner. Before conducting the scan, the...
A security analyst is reviewing output from a CVE-based
vulnerability scanner. Before
conducting the scan, the analyst was careful to select only
Windows-based servers in a specific
datacenter. The scan revealed that the datacenter includes 27
machines running Windows 2003
Server Edition (Win2003SE). In 2015, there were 36 new
vulnerabilities discovered in the Win2003SE
environment. Which of the following statements are MOST likely
applicable? (Choose two.)
A. Remediation is likely to require some form of compensating
control.
B. Microsoft's published...
If the analyst does not have the security permissions to access the data directly, then a...
If the analyst does not have the security permissions to access
the data directly, then a data request form is required. There are
a number of fields that the analyst is required to complete. What
fields are necessary in a data request form? Who needs to be
included in the routing of this form? Explain the form and the
approval process you would recommend.
Adapted from Richardson, V. J., Teeter, R.,
& Terrell, K. (n.d.). Data analytics for accounting.
Problems...
You have been hired as a security and data analyst for a company operating an online...
You have been hired as a security and data analyst for a company
operating an online social media platforman. You are tasked to work
on a project to identify possible threats related to fake user
accounts (so called sibyls ). How can you get started on the
project? Try to break it down using the the six phases of the
CRISP-DM process. Start your analysis by explaining briefly what
the goal of each phase of CRISP-DM is. Use bullet structured...
You have joined a company as a network security analyst. Your CTO came to know you...
You have joined a company as a network security analyst. Your
CTO came to know you are a graduate from MIT Melbourne/Sydney and
successfully completed a VPN unit. Therefore, you have been asked
to develop a security plan for your customers and remote managers
for their Internet access to the business. You need to analyse the
following cases and recommend the solutions for the question
quen-1) You want to assist customers in building trust with your
company. Discuss with your...
Marisa is a new marketing analyst for the Paragould Hotel chain. She is reviewing the hotel's...
Marisa is a new marketing analyst for the Paragould Hotel chain.
She is reviewing the hotel's current social media activities and
trying to classify where each will fit into the three main areas
the company wants to focus on. 1) Give your customers a specific
hashtag and CTA so you can easily monitor and reward mentions. 2)
Assign a social currency or value to the social actions your
consumers take. 3) Be prepared to surprise and delight someone for
his...
Based on information from the National Cyber Security Alliance, 93% of computer owners believe that they have antivirus programs installed on
Based on information from the National Cyber Security Alliance, 93% of computer owners believe that they have antivirus programs installed on their computers. In a random sample of 400 scanned computers, it is found that 380 of them (or 95%) actually have antivirus programs. Use the sample data from the scanned computers to test the claim that 93% of computers have antivirus programs.
When reviewing the summary of misstatements found in the audit, A. auditors only need to consider...
When reviewing the summary of misstatements found in the
audit,
A.
auditors only need to consider the misstatements that impact the
income statement.
B.
an adjusting journal entry must be made by the auditor for all
material misstatements.
C.
auditors must combine individually immaterial misstatements to
evaluate whether the combined amount is material.
D.
the auditor is not required to consider the impact on the
current financial statements of misstatements in the prior year
that were not corrected.
How are the security vulnerabilities found on Microsoft Windows systems different or similar with those found...
How are the security vulnerabilities found on Microsoft Windows
systems different or similar with those found on Linux systems?
Which operating environment is more vulnerable and what is the
basis of your assertion? How would these differences or
similarities impact the work of a security administrator?
Are virtual private networks (VPNs) always secure? What could
make a VPN environment vulnerable to attacks? And how would
defense-in-depth and creating a layered-technology approach enhance
VPN networks?
A security analyst is interested in setting up an IDS to monitor the company network. The...
A security analyst is interested in setting up an IDS to monitor the company network. The analyst has been told there can be no network downtime to implement the solution, but the IDS must capture all of the network traffic. Which of the following should be used for the IDS implementation?
A. Network tap
B. Honeypot
C. Aggregation
D. Port mirror
An analyst finds that the beta coefficient of the security-DTX is 1.86 and the expected rate...
An analyst finds that the beta coefficient of the security-DTX
is 1.86 and the expected rate of return from this security is
17.71% as per CAPM. If the government bond is yielding 4.71%, find
the market risk premium.
[Round the final answer to two decimal places. If your answer is
12.34%, write only 12.34]
ADVERTISEMENT
ADVERTISEMENT
Latest Questions
- Baked potatoes are normally wrapped in aluminum foil. How does this affect the cooling of the...
- What is the process to obtain biomass production
- A labor market has 50,000 people in the labor force. Each month, a fraction p of...
- A road with a radius of 72 m is banked so that a car can navigate...
- 1) If you had not dried the solid, would the calculated percent yield have been higher,...
- Two structures of alanine can be drawn that have a net charge of zero, but the...
- Co(II) was used as an internal standard to analyze a sample of Ti(IV) with atomic absorption...
ADVERTISEMENT