nerdexam
(ISC)2

CISSP · Question #146

Refer to the information below to answer the question. A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns. In the pl

The correct answer is D. Harden the client image before deployment.. The best approach to mitigate future internal client-based attacks is to harden the client image before deployment. Hardening the client image means to apply the security configurations and measures to the client operating system and applications, such as disabling unnecessary se

Submitted by helene.fr· Mar 5, 2026Security Architecture and Engineering

Question

Refer to the information below to answer the question. A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns. In the plan, what is the BEST approach to mitigate future internal client-based attacks?

Options

  • ABlock all client side web exploits at the perimeter.
  • BRemove all non-essential client-side web services from the network.
  • CScreen for harmful exploits of client-side services before implementation.
  • DHarden the client image before deployment.

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    8% (2)
  • C
    4% (1)
  • D
    85% (22)

Explanation

The best approach to mitigate future internal client-based attacks is to harden the client image before deployment. Hardening the client image means to apply the security configurations and measures to the client operating system and applications, such as disabling unnecessary services, installing patches and updates, enforcing strong passwords, and enabling encryption and firewall. Hardening the client image can help to reduce the attack surface and the vulnerabilities of the client, and to prevent or resist the client-based attacks, such as web exploits, malware, or phishing. Blocking all client side web exploits at the perimeter, removing all non- essential client-side web services from the network, and screening for harmful exploits of client- side services before implementation are not the best approaches to mitigate future internal client- based attacks, as they are related to the network or the server level, not the client level, and they may not address all the possible types or sources of the client-based attacks.

Topics

#client hardening#endpoint security#vulnerability management#security architecture

Community Discussion

No community discussion yet for this question.

Full CISSP Practice