Implementing Your Strategy(not needed for exam) Flashcards
What’s the benefit of using a baseline approach as a starting point for your security strategy?
A. A baseline approach allows you to fully customize all the rules according to your organization’s needs.
B. You set the rules without the need for guidance.
C. You transfer the risk from yourself by using an approved baseline that a reputable author/authority creates.
C. You transfer the risk from yourself by using an approved baseline that a reputable author/authority creates.
With a baseline approach, you follow a checklist of prescribed controls and settings that you can configure to the baseline that you and your organization’s security team have decided on.
What action takes place before tailoring your baseline with ODVs?
A. Generate new rules
B. Customize rules
C. Generate inital guidance
C. Generate inital guidance
Before you tailor your baseline, you should create documentation in the form of initial guidance to direct conversations with your security team and make important security-related decisions about which rules to include, omit, and customize in your security strategy.
When discussing baselines and rules, which items CANNOT be properly tailored?
A. Rules
B. Benchmarks
C. Baselines
B. Benchmarks
You can edit a baseline by omitting rules, and you can edit rules by changing their values. But controls that the benchmark authors publish are intended to be measured against.
Why must you generate revised guidance after tailoring a baseline?
A. The revised guidance removes any previous settings that were generated every time a baseline is tailored.
B. You must generate revised guidance every time you change a new setting in the baseline.
C. It allows you to scan and compare your current endpoint devices against the custom benchmark that you create based on your security plan.
C. It allows you to scan and compare your current endpoint devices against the custom benchmark that you create based on your security plan.
You use this guidance to scan your endpoints and bring them into compliance using the compliance script that you generate.
What’s the purpose of the auditor guide?
A. This file runs checks and fixes on controls to modify any rules that require customization.
B. This file contains a report that auditors can submit to security teams to show compliance.
C. This file helps an auditor spot check controls and identify any customizations of rules.
C. This file helps an auditor spot check controls and identify any customizations of rules.
If rules were customized using the custom directory, then the .xls auditor guide can identify which customizations were implemented.
What tasks does the compliance script perform?
A. It compares the settings in the managed endpoint computer with the guidance. Then it changes the settings that reflect a fail status so that the Mac computer is in compliance with the baseline rules.
B. It compares the settings in the managed endpoint computer with a computer that’s in compliance. Then it builds a list of results that reflects the pass or fail status of how each setting complies with those specified in the baseline’s rules.
C. It compares the settings in the managed endpoint computer with the guidance. Then it builds a list of results that reflects the pass or fail status of how each setting complies with those specified in the baseline’s rules.
C. It compares the settings in the managed endpoint computer with the guidance. Then it builds a list of results that reflects the pass or fail status of how each setting complies with those specified in the baseline’s rules.
The script creates output files that you can use to check and fix those settings that are out of compliance with the rules specified in the guidance.
On macOS, which of the following isn’t used by the mSCP Security Compliance Tool to remediate?
A. Manually
B. Configuration profiles
C. Blueprints
C. Blueprints
You can’t use Apple Configurator Blueprints with the mSCP.
While reviewing a rule in the auditor guide, what information does the Mechanism column contain?
A. It shows a description of the setting.
B. It shows the name of the setting.
C. It describes the method by which a noncompliant rule will be remediated.
C. It describes the method by which a noncompliant rule will be remediated.
A mechanism is a method that you use to remediate the settings that failed and then achieve compliance.
Which column in the auditor guide contains customized ODVs?
A. Title
B. Mechanism
C. Modified Rule
C. Modified Rule
This column contains any customized ODVs.
What does the -x option do in the generate_guidance.py script?
A. It excludes rules defined in a baseline with a specified tag.
B. It generates reference documentation for the supplied baseline.
C. It creates mitigation scripts for extra rules defined in the custom rules folder.
B. It generates reference documentation for the supplied baseline.
The -x option generates baseline documentation in AsciiDoc, HTML, .xls, and PDF formats.
Which term describes the process used to select which rules to include in a baseline?
A. Customizing
B. Streamlining
C. Tailoring
C. Tailoring
The process used to select which rules to include in a baseline is called tailoring.
When using the generate_baseline.py script to customize rules for a baseline, what does the -t option do?
A. It performs an audit on a specified baseline.
B. It adds a timestamp to the generated baseline.
C. It runs the script in interactive tailoring mode.
C. It runs the script in interactive tailoring mode.
In this mode the script asks you for custom input values for each rule in the custom benchmark.
Where should you put modified rules that you want to include in the output that the generate_baseline.py script generates?
A. In the project’s rules directory
B. In the project’s build directory
C. In the project’s includes directory
D. In the project’s custom/rules directory
D. In the project’s custom/rules directory
Modified rules should be placed in the custom/rules directory to be included in any custom baselines that the generate_baseline.py script generates.
When adding a custom rule that’s not part of the mSCP, where must you add the reference to your custom rule so that it’s included in the generated output?
A. At the end of the supported_payloads.yaml file
B. On a new line in an org.baseline.plist file in the project’s includes directory
C. On a new line in the appropriate section in your custom baseline file with a reference to the rule ID contained in your custom rule
C. On a new line in the appropriate section in your custom baseline file with a reference to the rule ID contained in your custom rule
A baseline file contains a separate line for each included rule with a reference to the rule ID defined in the associated rule file.
Which script is used to create profiles, plists, and documentation for a tailored baseline?
A. generate_baseline.py
B. generate_guidance.py
C. cis_lvl1-CUSTOMIZED_compliance.sh
B. generate_guidance.py
This script generates all of the output files related to a tailored baseline.