SY0-301 · Question #316
A set of standardized system images with a pre-defined set of applications is used to build end- user workstations. The security administrator has scanned every workstation to create a current invento
The correct answer is A. Attack surface.. The attack surface is the total set of points (applications, services, interfaces, ports) through which an attacker could potentially enter or extract data from a system. By cataloguing every installed application and flagging outdated, exploitable ones, the administrator is mapp
Question
A set of standardized system images with a pre-defined set of applications is used to build end- user workstations. The security administrator has scanned every workstation to create a current inventory of all applications that are installed on active workstations and is documenting which applications are out-of-date and could be exploited. The security administrator is determining the:
Options
- AAttack surface.
- BApplication hardening effectiveness.
- CApplication baseline.
- DOS hardening effectiveness.
How the community answered
(34 responses)- A76% (26)
- B15% (5)
- C6% (2)
- D3% (1)
Explanation
The attack surface is the total set of points (applications, services, interfaces, ports) through which an attacker could potentially enter or extract data from a system. By cataloguing every installed application and flagging outdated, exploitable ones, the administrator is mapping all the ways the environment is exposed to attack - which is the definition of attack surface analysis. An application baseline is what the standard image should look like. Application or OS hardening effectiveness measures how well security controls have been applied. The activity described - finding what exists and what is vulnerable - is classic attack surface enumeration.
Topics
Community Discussion
No community discussion yet for this question.