CompTIA Security Plus Mock Test Q800

Identifying a list of all approved software on a system is a step in which of the following practices?

A. Passively testing security controls
B. Application hardening
C. Host software baselining
D. Client-side targeting


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components,
operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the
required level of security is being maintained.

Incorrect Answers:
A: Passive testing of security controls is performed by automated vulnerability scanners. The scanners detect the security control as it attempts a test. These tests are performed
against targets but not specifically directed toward the security measures themselves.
B: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary
functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services.
D: Client-side targeting is an aspect Windows Group Policy that allows security configurations to be applied to specific types of devices or device groups.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 215-217, 219
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 208, 220
https://technet.microsoft.com/en-us/library/dd252762.aspx