PrepAway - Latest Free Exam Questions & Answers

Which of the following supports this requirement?

A security manager must remain aware of the security posture of each system. Which of the following
supports this requirement?

PrepAway - Latest Free Exam Questions & Answers

A.
Training staff on security policies

B.
Establishing baseline reporting

C.
Installing anti-malware software

D.
Disabling unnecessary accounts/services

Explanation:
The IT baseline protection approach is a methodology to identify and implement computer security
measures in an organization. The aim is the achievement of an adequate and appropriate level of security
for IT systems. This is known as a baseline.
A baseline report compares the current status of network systems in terms of security updates,
performance or other metrics to a predefined set of standards (the baseline).
Incorrect Answers:
A: Training staff on security policies is always a good idea. However, this will not provide a mechanism for
making the security manager aware of the security posture of each system.
C: Anti-malware is required to remove any existing malware and prevent malware being installed in the
future. However, anti-malware does not provide a mechanism for making the security manager aware of
the security posture of each system.
D: Disabling unnecessary accounts/services is a good practice for reducing the attack surface of a
computer system. However, it does not provide a mechanism for making the security manager aware of
the security posture of each system.

http://en.wikipedia.org/wiki/IT_baseline_protection

One Comment on “Which of the following supports this requirement?

  1. meac says:

    A relatively new addition to the cyber-lexicon is the concept of a ‘security posture’ or ‘cybersecurity posture.’ What does this refer to? The cybersecurity posture of an organisation refers to its overall cybersecurity strength.
    To understand any businesses’ security posture, one must first understand the eight categories of cybersecurity that is impacted: security intelligence, fraud, people, data, application, infrastructure, business partners and outsourcing, and threat intelligence.

    We must read the answer with care: What we are after in here is a level of AWARENESS. This is the requirement. The security manager must remain aware of where the company is at in terms of security posture

    All of the answers help at IMPROVING the security posture of the company, but only one of them can make the manager aware of where the company is at, namely:
    B. Establishing baseline reporting




    0



    0

Leave a Reply