The process of making certain that an entity (operating system, application, etc.) is as secure as it
can be is known as:

Vendors typically ship software applications with security settings disabled by default to ensure a
wide range of interoperability with other applications and devices. A security administrator should
perform which of the following before deploying new software?

Which of the following describes the process of removing unnecessary accounts and services
from an application to reduce risk exposure?

A network administrator is responsible for securing applications against external attacks. Every
month, the underlying operating system is updated. There is no process in place for other software
updates.
Which of the following processes could MOST effectively mitigate these risks?

A recently installed application update caused a vital application to crash during the middle of the

workday. The application remained down until a previous version could be reinstalled on the
server, and this resulted in a significant loss of data and revenue.
Which of the following could BEST prevent this issue from occurring again?

An administrator finds that non-production servers are being frequently compromised, production
servers are rebooting at unplanned times and kernel versions are several releases behind the
version with all current security fixes.
Which of the following should the administrator implement?

Which of the following is the term for a fix for a known software problem?

Which of the following practices is used to mitigate a known security vulnerability?

Which of the following can a security administrator implement on mobile devices that will help
prevent unwanted people from viewing the data if the device is left unattended?

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if
the device is stolen? (Select TWO).