CompTIA Security Plus Mock Test Q773

A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system’s services to the list of standard services on the company’s system image. This review process depends on:

A. MAC filtering.
B. System hardening.
C. Rogue machine detection.
D. Baselining.


Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components,
operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the
required level of security is being maintained.

Incorrect Answers:
A: MAC Filtering is used to secure access to wireless network access points. It is used to explicitly allow MAC addresses on a whitelist, blocking all other MAC addresses.
B: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary
functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services.
C: Rogue machine detection attempt to identify the presence of unauthorized systems on a network.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 178, 215-217, 219
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 206, 207, 208