SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Os Hardening
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Enable and monitor logs - perform regular backups - use file encryption - enable account lockout and strong user name and password
domain name service
file and print sharing hardening
baselining
RBAC
2. Isolate directories - place server in DMZ - disallow anonymous access - audit logs - and review contents for unauthorized material
FTP hardening
network news transfer protocol
configuration baselines
25
3. NetBIOS port
139
FAT
25
baselining
4. DNS port
group policies
simple network management protocol
53
SNMP
5. NAC method where organizations must run the current hardware and operating systems
system hardening
infrastructure based
discretionary
domain name service
6. Reduce the possibility of a breach by locking down the file system - controlling software installation and use - limiting access - disabling unnecessary services and applying patches -
group policies
SSL
53
OS hardening
7. Highly configurable - discretionary - job based access control - more flexible that MAC - more precise that groups
group policies
patches
RBAC
network access control
8. Four ways to implement group policies
dynamic host configuration protocol
configuration baselines
DAC
local - site - domain - OU
9. Contain possible security settings that can control one or multiple computers
security template
encrypted file system
MAC
DAC
10. Defining the software and hardware components that can be used in an organization
database hardening
139
encrypted file system
configuration management policy
11. The process of establishing a standard for security
53
baselining
25
161
12. Access control method that uses ACLs
DAC
25
88
DHCP
13. HTTP port
80
endpoint based
DAC
53
14. Users granted least amount of access possible that enables them to complete their required work
MAC
least privileged principle
20 and 21
88
15. HTTP SSL port
25
role-based
80
443
16. NNTP stands for
25
network news transfer protocol
DNS hardening
patches
17. A cryptographic protocol that provides security for communications over networks such as the Internet
TACACS
storage area network
SSL
119
18. A subnet on the network that separates the internal network from publicly exposed hosts
DHCP
SSL
RBAC
DMZ
19. LDAP authentication method not recommended
110
anonymous authentication
baselining
20 and 21
20. NAS stands for...
system hardening
network attached storage
organizational unit
configuration baselines
21. Standard setup used when configuring machines - provide a starting point and consistent setup
161
open mail relay
hardware based
configuration baselines
22. Start with the most secure environment - the loosen the controls as needed
rule of least privilege
discretionary
least privileged principle
local - site - domain - OU
23. Telnet port
23
FAT
system hardening
rule of least privilege
24. A remote authentication protocol used to communicate with an authentication server commonly used in UNIX networks.
DMZ
TACACS
49
network attached storage
25. Locking down the system
hardening
DHCP
MAC
system hardening
26. Misconfiguration of an email server that could allow it to be used by an attacker to spread spam
open mail relay
anonymous authentication
hotfix
dynamic host configuration protocol
27. Define security settings and user's desktop environment on group of computers
25
anonymous authentication
dynamic host configuration protocol
group policies
28. Used to deliver news articles to users on the Internet - vulnerable to DoS attacks
DAC
SSL
group policies
NNTP
29. TACACS port
161
49
open mail relay
encrypted file system
30. File system that offers limited security and was primarily designed for desktop use
discretionary
161
FAT
infrastructure based
31. IPSec port
49
500
hardening
least privileged principle
32. Protocol for assigning dynamic IP addresses to devices on a network
file and print sharing hardening
OS hardening
80
DHCP
33. Making the OS less vulnerable to threats
baselining
hardening
configuration management policy
NNTP
34. Microsoft software packages that contain one or more patches and can be applied without rebooting
25
RBAC
25
hotfix
35. FTP ports
20 and 21
network access control
88
RBAC
36. NAC method requiring installation of a network appliance to monitor network devices and limit connectivity should non compliant activity be detected
simple authentication with security layer LDAPv3
rule of least privilege
hardware based
80
37. OU stands for...
SNMP
organizational unit
group policies
RBAC
38. Is a UDP-based network protocol - used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention
DNS poisoning
80
SNMP
22
39. Bind MAC addresses of network devices to IP address - monitor logs - apply security patches - use IDS and strong authentication to detect rogue servers
dynamic host configuration protocol
DHCP
80
DHCP hardening
40. Centrally managed NAC method requiring installation of software agents on each network client
endpoint based
network attached storage
20 and 21
simple authentication
41. Issued by software vendors to fix bugs - address security issues or add functionality
patches
110
least privileged principle
TACACS
42. MAC stands for ____________ access control
mandatory
23
network news transfer protocol
RBAC
43. Most restrictive access control method that uses security labels to control access
DMZ
MAC
organizational unit
389
44. Restrict zone transfers to designated servers - restrict users via ACLs who can query zone records - do not use recursive queries
DNS hardening
patches
MAC
file and print sharing hardening
45. SNMP stand for...
service pack
group policies
SNMP
simple network management protocol
46. An accumulated set of software updates or hotfixes from Microsoft
139
storage area network
service pack
group policies
47. Help to make sure devices meet security standards before they are allowed to connect to the network
20 and 21
RBAC
organizational unit
NAC
48. RBAC stands for ____________ access control
role-based
NAC
anonymous authentication
DAC
49. TACACS
Terminal Access Controller Access-Control System
security template
database hardening
service pack
50. NAC stands for
service pack
infrastructure based
open mail relay
network access control