An IT security technician needs to establish host based security for company workstations.
Which of the following will BEST meet this requirement?

A.
Implement IIS hardening by restricting service accounts.

B.
Implement database hardening by applying vendor guidelines.

C.
Implement perimeter firewall rules to restrict access.

D.
Implement OS hardening by applying GPOs.

Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling
unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary
services. This can be implemented using the native security features of an operating system, such as Group Policy Objects (GPOs).
Incorrect Answers:
A: Internet Information Services (IIS) is a Windows service that allows a computer to function as a Web Server. This is usually installed on a server rather than a
workstation.
B: Database hardening will improve security for a database; it does not improve security for workstations.
C: Perimeter firewall rules can be used to restrict network access to host machines but this is a network-based, and not a host-based, security mechanism.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 215, 227
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 202- 206, 211