Chapter 3 Review Flashcards
Which of the following should be implemented to harden an operating system? (Select the two best answers.)
A. Install the latest service pack.
B. Install Windows Defender.
C. Install a virtual operating system
D. Execute PHP scriptss
A. Install the latest service pack.
B. Install Windows Defender.
Two ways to harden an operating system include installing the latest service pack and installing Windows Defender. However, virtualization is a separate concept altogether; it can be used to create a compartmentalized, OS, but needs to be secured and hardened just like any other OS. PHP scrips with generally not be used to harden an operation system. Intact, they can be vulnerabilities to websites and other applications.
Which of the following should implement to fix a single security issue on the computer?
A. Service Pack
B. Support website
C. Patch
D. Baseline
C. Patch
A patch can fix a single security issue on a computer. A service pack addresses many issues and rewrites many files on a computer; it may be overkill to use a service pack when only a patch is needed. A baseline can measure a server on a network and obtain averages of usage.
An administrator wants to reduce the size of the attack surface of a Windows Server. Which of the following is the best answer to accomplish this?
A. Update antivirus software
B. Install service packs
C. Disable unnecessary services
D. Install network intrusion detection systems
C. Disable unnecessary services
Often, operating system manufacturers such as Microsoft refer to the attack surface as all the services that run on the operating system. By conducting an analysis of which services are necessary and which are unnecessary, an administrator can find out which ones need to be disabled, thereby reducing the attack surface.
Service packs, antivirus software, and network intrusion detection systems (NIDS) are good tools to use to secure an individual computer and network but do not help to reduce the size
of the attack surface of the operating system.
Which of the following is one example of verifying new software changes on a test system?
A. Application hardening
B. Virtualization
C. Patch Management
D. HIDS
C. Patch Management
Patch Management is an example of verifying any new changes in software on a test system (or live system for that matter.) Verifying the changes is the second stop of the standard patch management strategy. Application hardening might include updating systems, patching them, and so on, but to be accurate , this question is looking for that particular second step of patch management. Virtualization is the creating of logical OS images within a working operating system. HIDS stands for host based intrusion detection system, which attempts to detect malicious activity on a computer.