SEC+2020 PART 1

Containerization

FDE

Remote wipe capbility

MDB

MFA

Renew the DNS settings on the employee computer

Add the employee to a less restrictive group on the content filter

Remove the proxy settings from the employees computer

Create an exception for the job search site in the host-based firewall on the employees computer

Enable CHAP

Disable MD5

Enable Kerboros

Disable PAP

LDAP

RADIUS

SAML

NTLM

Iris Scan

Handwriting

Common Access Card

GAIT

PIN

Changing the account standard naming convention.

Implementing account lockouts

Discontinuing the use of privileged accounts

Increasing the minimum password length from eight to ten characters.

The HTTP POST method is not protected by HTTPS

The web server is running a vulnerable SSL configuration

The company does not support DNSECC

The HTTP response is susceptible to sniffing.

DNSSEC

HTTPS

IPSec

TLS/SSL

DLL injection

Memory leak

Buffer overflow

Pointer dereference

Their approach uses executable names and not hashes for the whitelist

SHA-1 has known collision vulnerabilities and should not be used

The original baseline never captured the latest file signature

Zero- day attacks require the latest file signature, and they never update these