Module 4-03 Challenge

Question 1

Updating software, performing port filtering, and keeping network devices functioning properly are all examples of what type of hardening?

• Security hardening
• OS hardening
• Physical security
• Attack surface

Answer 1

Security hardening

Question 2

What is the term for all the potential system vulnerabilities that a threat actor could exploit?

• Attack surface
• Risk
• Security architecture
• Security challenge

Answer 2

Attack surface

Question 3

Hiring a security guard is an example of a _____ security hardening practice.

• software-based
• network-focused
• physical
• virtual

Answer 3

physical

Question 4

An organization’s in-house security team has been authorized to simulate an attack on the organization’s website. The objective is to identify any vulnerabilities that are present. What does this scenario describe?

• Penetration testing
• The Ping of Death
• Packet sniffing
• A Distributed Denial of Service (DDoS) attack

Answer 4

Penetration testing

Question 5

Which of the following statements accurately describe OS hardening tasks? Select all that apply.

• OS hardening is a set of procedures that maintain and improve OS security.
• When disposing of software, it is a best practice to delete any unused applications.
• Multi-factor authentication is a security measure requiring users to change passwords every month.
• Some OS hardening tasks are performed at regular intervals, while others are performed only once.
• Configuring a device setting to fit a secure encryption standard
• Keeping an up-to-date list of authorized users.
• Removing unused software to limit unnecessary vulnerabilities
• Implementing an intrusion detection system (IDS)

Answer 5

• OS hardening is a set of procedures that maintain and improve OS security.
• When disposing of software, it is a best practice to delete any unused applications.
• Some OS hardening tasks are performed at regular intervals, while others are performed only once.
• Configuring a device setting to fit a secure encryption standard
• Keeping an up-to-date list of authorized users.
• Removing unused software to limit unnecessary vulnerabilities

Question 6

Which OS hardening practice involves a security analyst comparing the current configuration to existing documentation about the OS?

• Conducting a network log analysis
• Performing port filtering over network ports
• Checking baseline configuration
• Verifying user identity when accessing an OS

Answer 6

Checking baseline configuration

Question 7

The security measure _____ requires a user to verify their identity in two or more ways to access a system or network.

• network log analysis
• password policy
• multifactor authentication (MFA)
• baseline configuration

Answer 7

multifactor authentication (MFA)

Question 8

In what way might port filtering be used to protect a network from an attack?

• By increasing the attack surface within a business network
• By helping analysts inspect, analyze, and react to security events based on their priority
• By blocking or allowing certain port numbers in order to limit unwanted communication
• By creating isolated subnets for each of the various departments within an organization

Answer 8

By blocking or allowing certain port numbers in order to limit unwanted communication

Question 9

Which network hardening practice is used to create isolated subnets for different departments in an organization?

• Cloud hardening
• Patch updating
• Network segmentation
• Penetration testing

Answer 9

Network segmentation

Question 10

What is one key similarity between regular web servers and cloud servers?

• They both require proper maintenance and security hardening.
• They both use baseline images stored in the cloud to compare data.
• In both, all data and application are stored together, regardless of their service category.
• In both, all applications are stored together, regardless of their age.

Answer 10

They both require proper maintenance and security hardening.

Question 11

____ is the process of strengthening a system to reduce its vulnerability and attack surface.

• Security hardening
• Network hardening
• Port filtering
• SIEM

Answer 11

Security hardening

Question 12

Requiring employees to turn off their personal devices while in secure areas is an example of a _____ security hardening practice.

• network-focused
• virtual
• cloud-based
• physical

Answer 12

physical

Question 13

A security analyst reviews documentation about a firewall rule that includes a list of allowed and disallowed network ports. They compare it to the current firewall to ensure no changes have been made. What does this scenario describe?

• Upgrading the interface between computer hardware and the user
• Checking baseline configuration
• Responsibly managing applications
• Verifying user identity when accessing an OS

Answer 13

Checking baseline configuration

Question 14

Which OS hardening practice requires users to verify their identity in two or more ways to access a system or network?

• Port filtering
• Multi-factor authentication (MFA)
• SIEM
• Patch updates

Answer 14

Multi-factor authentication (MFA)

Question 15

Security analysts use ____ to create isolated subnets for different departments in an organization.

• penetration testing
• network segmentation
• cloud hardening
• patch updating

Answer 15

network segmentation

Question 16

A ____ is a collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet

• baseline configuration
• SIEM
• cloud network
• patch update

Answer 16

cloud network