Vista Security (Exam 70-620)
Which additional security features are found within Windows Vista 64-bit which make it more secure by design than Windows Vista 32-bit? (Choose two)
- Kernel Patch Protection
- Data Execution Protection
- Required Driver Signing
Answer: B, D. Windows Vista 64-bit includes protection against programs that attempt to patch the Kernel.
Disabling driver signing in not available with Windows Vista 64-bit.
Kernel Patch Protection detects changes to critical portions of the kernel memory and creates a stop error to halt the operating system.
Data Execution Protection prevents buffer overflow attacks, which are one of the most common exploits. DEP is available and called by the operating system as software in Windows Vista 32-bit. On the other hand, Windows 64-bit works with the processor's built-in DEP and enforces this security at the hardware level.
Kernel Patch Protection, Data Execution Protection, and Required Driver Signing are the key reasons why Windows Vista 64-bit is more secure than Windows Vista 32-bit.
Tip: Don't disable DEP in Windows Vista, and configure Required Driver Signing with Group Policy.
Tech Reference: "Help and Support: A description of the differences between 32-bit versions of Windows Vista and 64-bit versions of Windows Vista"
Andy Barkl, MCT/MCITP/MCSA, A+, Network+, Security+, CCNA has been studying technology for 30 years. Of the last 15 years, he has spent much of his time parting the knowledge and experience he has gained through IT exams, over 300, to help others be prepared and successful. He teaches classes in Phoenix, Ariz. where he has lived most of his life. He can be reached by e-mail at firstname.lastname@example.org.