Which approach reduces the attack surface by applying secure configuration baselines (for example CIS benchmarks) through centralized management tools like GPOs or scripts?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

Which approach reduces the attack surface by applying secure configuration baselines (for example CIS benchmarks) through centralized management tools like GPOs or scripts?

Explanation:
Applying secure configuration baselines through centralized management tools like GPOs or scripts is the approach that reduces the attack surface. By enforcing recognized baselines (such as CIS benchmarks) across all endpoints, you minimize configuration drift and ensure consistent, auditable security settings on every machine. Group Policy Objects push and enforce settings at scale, while scripts can automate additional secure configurations where needed, making it easier to maintain a hardened posture over time. This centralization means fewer misconfigurations, more reliable compliance, and quicker detection of deviations, all of which shrink opportunities for attackers. Disabling security tools removes essential controls and creates obvious vulnerabilities. Ignoring baseline recommendations leaves systems exposed to known weaknesses. Manual ad hoc changes lead to inconsistent configurations and drift, undermining the goal of a uniform, hardened environment.

Applying secure configuration baselines through centralized management tools like GPOs or scripts is the approach that reduces the attack surface. By enforcing recognized baselines (such as CIS benchmarks) across all endpoints, you minimize configuration drift and ensure consistent, auditable security settings on every machine. Group Policy Objects push and enforce settings at scale, while scripts can automate additional secure configurations where needed, making it easier to maintain a hardened posture over time. This centralization means fewer misconfigurations, more reliable compliance, and quicker detection of deviations, all of which shrink opportunities for attackers.

Disabling security tools removes essential controls and creates obvious vulnerabilities. Ignoring baseline recommendations leaves systems exposed to known weaknesses. Manual ad hoc changes lead to inconsistent configurations and drift, undermining the goal of a uniform, hardened environment.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy