CompTIA Security Plus Mock Test Q990

Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?

A. Deploy a HIDS suite on the users’ computers to prevent application installation.
B. Maintain the baseline posture at the highest OS patch level.
C. Enable the pop-up blockers on the users’ browsers to prevent malware.
D. Create an approved application list and block anything not on it.

Correct Answer: D
Section: Access Control and Identity Management

Explanation:
You can use Software Restriction Policy or its successor AppLocker to prevent unauthorized applications from running or being installed on computers.
Software Restriction Policies (SRP) is Group Policy-based feature that identifies software programs running on computers in a domain, and controls the ability of those programs to
run. Software restriction policies are part of the Microsoft security and management strategy to assist enterprises in increasing the reliability, integrity, and manageability of their
computers.
You can use AppLocker as part of your overall security strategy for the following scenarios:
Help prevent malicious software (malware) and unsupported applications from affecting computers in your environment.
Prevent users from installing and using unauthorized applications.
Implement application control policy to satisfy portions of your security policy or compliance requirements in your organization.

Incorrect Answers:
A: A HIDS (Host Intrusion Detection System) cannot prevent software installation on the host. Therefore, this answer is incorrect.
B: Maintaining the baseline posture at the highest OS patch level will not prevent software installation on the host. Therefore, this answer is incorrect.
C: Pop-up blockers on the users’ browsers prevent web pages popping up. It will not prevent manual software installation on the host. Therefore, this answer is incorrect.

References:
https://technet.microsoft.com/en-GB/library/hh831534.aspx
https://technet.microsoft.com/en-GB/library/hh831409.aspx