COURSE 3 – CYBERSECURITY COMPLIANCE FRAMEWORK & SYSTEM ADMINISTRATION

Module 2: Client System Administration, Endpoint Protection and Patching 

IBM CYBERSECURITY ANALYST PROFESSIONAL CERTIFICATE

Complete Coursera Study Guide

Enroll in Coursera IBM Cybersecurity Analyst Professional Certificate Here

TABLE OF CONTENT

INTRODUCTION – Client System Administration, Endpoint Protection and Patching 

Throughout this module, you’ll delve into client system administration, endpoint protection, and patching. You’ll gain insights into distinguishing between various aspects of endpoint protection such as endpoint protection, endpoint protection and detection, and unified endpoint management.

Furthermore, you’ll grasp the concept of patching and understand the processes that most organizations undertake to secure their environments against threats.

Learning Objectives

  • Describe patch management best practices
  • Summarize the typical patching process that most organizations use
  • Explain why patching applications is essential for cybersecurity
  • Differentiate the four types of Windows updates
  • Explain why patching is essential for protecting against cybersecurity threats
  • Define patching
  • Summarize key developments in device management that have made UEM a popular approach to endpoint protection
  • Manage endpoints using Xcitium OpenEDR
  • Discuss important considerations for evaluating an endpoint security solution
  • Summarize useful features of endpoint protection and response (EDR) applications
  • Explain what endpoint protection and response (EDR) does
  • Describe unified endpoint management (UEM)
  • Explain key characteristics of endpoint protection
  • Define endpoint protection
  • Describe common types of endpoint attacks
  • Discuss essential characteristics of client system administration in the context of cybersecurity
  • Define a client in the context of a computer network

CLIENT SYSTEM ADMINISTRATION AND ENDPOINT PROTECTION

1. Which is NOT an example of a client? 

  • Cellphone
  • Laptop
  • Personal Computer
  • e-mail Server (CORRECT)

Correct, this is not an example of a client but a server.

2. Which three (3) threat key factors should be considered when looking at an Endpoint Security Solution?

  • threat hunting (CORRECT)
  • detection response (CORRECT)
  • basic operations
  • user education (CORRECT)

Correct, this is one of the three key factors of an Endpoint Security solution.

3. Your organization uses Xcitium OpenEDR for endpoint protection and response (EDR). You want to know the number of each type of endpoint device, such as smartphones, tablets, and PCs. You also want to know the number of corporate-owned devices versus personal devices. Where in the Xcitium Enterprise Platform’s cloud manager can you find an overview of this information?

  • Enrollment Options pane
  • Audit pane (CORRECT)
  • Software Inventory pane
  • Endpoint Security pane

Correct. The Audit pane provides an overview of the endpoints that OpenEDR is monitoring. It displays information such as the operating systems and device types. It also displays the number of corporate-owned devices versus personal devices.

PATCHING

1. A patch is a set of changes to a computer program or its data designed for which three (3) functions?

  • delete
  • improve (CORRECT)
  • update (CORRECT)
  • fix (CORRECT)

Partially correct, this is a change that is a function of patching.

2. Which two types of updates do most organizations patch as soon as possible after testing?

  • Critical and Software
  • Security and Service Paks
  • Critical and Service Paks
  • Security and Critical (CORRECT)

Correct, most organizations patch these updates as soon as possible in accordance with their patch schedules.

CLIENT SYSTEM ADMINISTRATION, ENDPOINT PROTECTION AND PATCHING

1. Which three (3) are common Endpoint attack types? 

  • SQL Injection
  • Whale hunting (CORRECT)
  • Spear Phishing (CORRECT)
  • Ad Network (CORRECT)

Partially correct

2. Endpoint detection and response includes which three (3) of these key technologies?

  • One-Time patching process.
  • Automatic policy creation for endpoints. (CORRECT)
  • Continuous monitoring. (CORRECT)
  • Zero-day OS updates. (CORRECT)

Partially correct

3. Which common endpoint attack is targeted at supply chain infiltration?

  • Island Hopping (CORRECT)
  • Ransomware
  • Water Hole
  • Spear Phishing 

4. What two windows security updates do most organizations always patch?

  • important and moderate
  • high and important
  • critical and important (CORRECT)
  • critical and high

5. How frequent will most organizations distribute patches?

  • Monthly (CORRECT)
  • Weekly
  • Annually
  • As soon as patches are released

6. Your organization uses Xcitium OpenEDR for endpoint protection and response (EDR). You want to confirm that a specific endpoint has the most recent versions of third-party applications such as VLC media player. Where can you find this information in the Xcitium Enterprise Platform’s cloud manager?

  • Summary page
  • File List page
  • Patch Management page (CORRECT)
  • Logs page

CONCLUSION – Client System Administration, Endpoint Protection and Patching 

In conclusion, this module provides essential knowledge on client system administration, endpoint protection, and patching, crucial components in maintaining robust cybersecurity measures.

By understanding the nuances between different types of endpoint protection and management strategies, you’ll be better equipped to safeguard against evolving threats. Additionally, gaining insights into the patching process empowers organizations to proactively secure their systems against vulnerabilities. With this understanding, you can contribute effectively to enhancing cybersecurity resilience in your environment.

Previous Week
Next Week

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe