1. The term attack surface refers to all of the software a computer runs that is vulnerable to attack.
True
False
2. The best way to secure an unneeded service is to disable it.
True
False
3. The process of making configuration changes and deploying controls to reduce the attack surface is called ________.
4. Which Windows Server feature allows you to specify which services you want to include during the operating system installation?
Edition
Role
GPO
Configuration
5. Which Windows Server installation option includes only a minimal environment to just run selected services?
Server core
Foundation
Standard
Runtime
6. Which Microsoft tool guides administrators and creates policies based on least privilege to reduce the attack surface of a Windows server after installation?
GPO
MBSA
SCT
NMAP
7. You can use GPOs to deploy Windows Firewall rules.
True
False
8. Which of the following actions is the best action to take to secure an unneeded service?
Close the port.
Disable the service.
Delete the service from Services.
Create a GPO restriction for the service.
9. You should disable the ________ user account to make it harder for attackers to access the default escalated-privilege account.
10. AD makes securing many computers in a network more complex.
True
False
11. The ________ tool is a handy open source tool to scan computers for open ports.
12. Which term describes software that defines and implements a policy that describes the requirements to access your network?
SCW
VPN
GPO
NAC
13. VPNs increase security of remote connection by guaranteeing all traffic is encrypted.
True
False
14. Which Microsoft VPN protocol makes it easy to use VPNs even through firewalls?
L2TP
SSTP
TLS
TCP
15. ________ refers to the hardware, software, policies, and procedures to manage all aspects of digital certificates.