nerdexam
EC-Council

312-50V13 · Question #42

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured w

The correct answer is A. Network elements must be hardened with user ids and strong passwords. Regular security tests. The most effective security policy for Linux-based network elements within a data center involves hardening them with strong authentication and regularly conducting security tests, even with perimeter defenses in place.

Submitted by helene.fr· Mar 6, 2026System Hacking

Question

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?

Options

  • ANetwork elements must be hardened with user ids and strong passwords. Regular security tests
  • BAs long as the physical access to the network elements is restricted, there is no need for
  • CThere is no need for specific security measures on the network elements as long as firewalls and
  • DThe operator knows that attacks and down time are inevitable and should have a backup site.

How the community answered

(51 responses)
  • A
    57% (29)
  • B
    12% (6)
  • C
    25% (13)
  • D
    6% (3)

Why each option

The most effective security policy for Linux-based network elements within a data center involves hardening them with strong authentication and regularly conducting security tests, even with perimeter defenses in place.

ANetwork elements must be hardened with user ids and strong passwords. Regular security testsCorrect

Even with perimeter security, internal network elements running Linux must be hardened with robust user authentication (user IDs and strong passwords) and subjected to regular security tests (like vulnerability scanning and penetration testing). This ensures layered security, protecting against insider threats, compromised perimeter defenses, and unpatched vulnerabilities on the hosts themselves.

BAs long as the physical access to the network elements is restricted, there is no need for

Relying solely on physical access control is insufficient; logical security, including user authentication and regular testing, is crucial for securing network elements against remote attacks or compromised insiders.

CThere is no need for specific security measures on the network elements as long as firewalls and

Perimeter defenses like firewalls and IPS protect the network boundary but do not eliminate the need for host-level security measures on individual network elements, as these can still be exploited if unhardened.

DThe operator knows that attacks and down time are inevitable and should have a backup site.

While disaster recovery is important, this option describes a strategy for business continuity rather than a specific security policy for hardening the network elements themselves.

Concept tested: Layered security and host hardening

Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/network-best-practices#implement-defense-in-depth

Topics

#System hardening#Linux security#Security policy#Penetration testing

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice