nerdexam
(ISC)2

CISSP-ISSMP · Question #16

Which of the following statements about system hardening are true? Each correct answer represents a complete solution. Choose two.

The correct answer is A. It can be achieved by installing service packs and security updates on a regular basis. D. It is used for securing an operating system.. System hardening refers specifically to the process of securing an operating system (D) by reducing its attack surface - disabling unnecessary services, removing unused software, and applying least privilege principles. Installing service packs and security updates (A) is a core

Security Operations Management

Question

Which of the following statements about system hardening are true? Each correct answer represents a complete solution. Choose two.

Options

  • AIt can be achieved by installing service packs and security updates on a regular basis.
  • BIt is used for securing the computer hardware.
  • CIt can be achieved by locking the computer room.
  • DIt is used for securing an operating system.

How the community answered

(21 responses)
  • A
    95% (20)
  • B
    5% (1)

Explanation

System hardening refers specifically to the process of securing an operating system (D) by reducing its attack surface - disabling unnecessary services, removing unused software, and applying least privilege principles. Installing service packs and security updates (A) is a core hardening practice because it patches known vulnerabilities. Choice B is wrong because system hardening targets software/OS configurations, not physical hardware. Choice C (locking the computer room) is a physical security control, not system hardening.

Topics

#System Hardening#Patch Management#Operating System Security#Vulnerability Management

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice