it security defense against the digital dark arts week 5 answers
System Hardening
1. What is an attack vector?
- The classification of attack type
- The direction an attack is going in
- A mechanism by which an attacker can interact with your network or systems
- The severity of the attack
2. Disabling unnecessary components serves which purposes? Check all that apply.
- Closing attack vectors
- Increasing performance
- Making a system harder to use
- Reducing the attack surface
3. What's an attack surface?
- The total scope of an attack
- The payload of the attack
- The combined sum of all attack vectors in a system or network
- The target or victim of an attack
4. A good defense in depth strategy would involve deploying which firewalls?
- No firewalls
- Both host-based and network-based firewalls
- Network-based firewalls only
- Host-based firewalls only
5. Using a bastion host allows for which of the following? Select all that apply.
- Enforcing stricter security measures
- Having more detailed monitoring and logging
- Applying more restrictive firewall rules
- Running a wide variety of software securely
6. What benefits does centralized logging provide? Check all that apply.
- It blocks malware infections.
- It prevents database theft.
- It allows for easier logs analysis.
- It helps secure logs from tampering or destruction.
7. What are some of the shortcomings of antivirus software today? Check all that apply.
- It can’t protect against unknown threats.
- It only detects malware, but doesn’t protect against it.
- It’s very expensive.
- It only protects against viruses.
8. How is binary whitelisting a better option than antivirus software?
- It can block unknown or emerging threats.
- It has less performance impact.
- It’s cheaper.
- It’s not better. It’s actually terrible.
9. What does full-disk encryption protect against? Check all that apply.
- Data theft
- Malware infections
- Tampering with system files
- IP spoofing attacks
10. What's the purpose of escrowing a disk encryption key?
- Providing data integrity
- Preventing data theft
- Performing data recovery
- Protecting against unauthorized access