Hardening Techniques

Question 1

What term describes removing unwanted services and features for the purpose of makin git more difficult for an attacker to attack a computer successfully?
A. Locking down
B. Reducing the attack surface
C. Hardening
D. Mitigating risk

Answer 1

C. Hardening

Question 2

Which of the following areas are included as part of the Trusted Computer Base?
A. Hardware
B. Hardware and firmware
C. Processes and controls
D. All of the above

Answer 2

D. All of the above

Question 3

The Hardware Security Module (HSM) and the Trusted Platform Module (TPM) provide what hardening technique?
A. Hard drive encryption
B. Trusted user authentication
C. Portable drive encryption
D. Protection against buffer overflow

Answer 3

A. Hard drive encryption

Question 4

Which trusted OS started as a collaborative effort between the NSA and Red Hat?
A. SEAndroid
B. SELinux
C. Trusted Solaris
D. TrustedARM

Answer 4

B. SELinux

Question 5

Which of the following will have the least effect in reducing the threat of personal portable drives being used in the organization?
A. Policy
B. User Training
C. Host-based HSM and TPM
D. Prohibiting personal portable drives in the organization

Answer 5

C. Host-based HSM and TPM

Question 6

Which is not a trusted operating system?
A. SEAndroid
B. SELinux
C. Trusted Solaris
D. TrustedARM

Answer 6

D. TrustedARM

Question 7

What cryptoprocessor is used to manage cryptographic keys?
A. Trusted Platform Module (TPM)
B. Hardware Security Module (HSM)
C. Self-encrypting drive (SED)
D. Unified Extensible Firmware Interface (UEFI)

Answer 7

B. Hardware Security Module (HSM)

Question 8

What is the primary purpose of attestation services?
A. Authenticating process
B. Attesting false positives
C. Validating something as true
D. Isolating a process from attack

Answer 8

C. Validating something as true

Question 9

Which of the following is NOT a basic attribute of trusted OS?
A. Long-term protected storage
B. Separation of user processes from supervisor processes
C. Isolation
D. Air Gap

Answer 9

D. Air gap

Question 10

What is a primary benefit of using a standard build or standard operating systems throughout the organization?
A. Reduced cost of ownership
B. Patch management diversity
C. Increased logging
D. Smaller network footprint

Answer 10

A. Reduced cost of ownership

Question 11

Which of the following is used with databases to generate process templates?
A. Management interface
B. Dedicated interface
C. Data interface
D. Restricted interface

Answer 11

C. Data interface

Question 12

What standard replaced the Trusted Computers System Evaluation Criteria (TCSEC), developed to evaluate stand-alone systems?
A. Rainbow tables
B. Red teaming
C. Orange U-hardening
D. Common Criteria

Answer 12

D. Common Criteria

Question 13

What compensating control is a form of high availability (HA)?
A. Endpoint detection and response (EDR)
B. Host-based firewall
C. Host-based intrusion detection system (HIDS)
D. Redundant hardware

Answer 13

D. Redundant hardware

Question 14

How many evaluation assurance levels (EALs) are referenced in Common Criteria?
A. Five
B. Six
C. Seven
D. Eight

Answer 14

C. Seven

Question 15

What term describes a hard drive that automatically initiates encryption of newly-written data?
A. Self-healing drive
B. TBD encryption
C. Self-encrypting drive
D. TPM-based encryption

Answer 15

C. Self-encrypting drive

Question 16

What hardening technique was designed to block rootkits and other malware that could take control of BIOS-based systems and was first required in Windows 8?
A. BIOS/YUEFI
B. NS/XN
C. ASLR
D. SEDs

Answer 16

A. BIOS/UEFI

Question 17

What is the purpose of the NX (No-eXecute) bit?
A. Monitor for buffer overflow attempts
B. Perform hardware encryption during processing
C. Segregate the processor’s memory areas
D. Allow the BIOS to be protected

Answer 17

C. Segregate the processor’s memory areas

Question 18

What technology helps mitigate a variety of risks by detecting odd behavior, such as detecting an unauthorized user or a Trojaned device?
A. SED
B. TMP
C. UEBA
D. UA

Answer 18

C. UEBA

Question 19

How does ASLR protect against buffer overflow attacks?
A. Relocating the process in memory
B. Encrypting executable code
C. Randomizing portions of the code
D. Encrypting code while in memory during processing

Answer 19

C. Randomizing portions of the code

Question 20

What is the term that describes the isolation and restriction of applications in their own respective memory and drive space in the trusted OS SEAndroid?
A. Security enhanced application
B. Out-of-band application
C. Application sandboxing
D. Application isolation

Answer 20

C. Application Sandboxing