Network Security

During a wireless site survey, a network engineer discovers that the Wi-Fi signal extends 50 feet beyond the building perimeter into the parking lot, allowing potential attackers to connect from outside the physical facility. Which wireless security practice should have been implemented during the initial design phase to prevent this?

A coffee shop wants to provide encrypted Wi-Fi access for customers without requiring passwords, while ensuring that traffic cannot be decrypted even on an "open" network. Which feature supports this requirement?

A security administrator reviews the network configurations of a recently deployed server. The administrator notices that certain unnecessary services have access to the server, potentially creating vulnerabilities. The administrator decides to refine the Access Control List (ACL) to enhance the server's security. Which action will the security administrator MOST likely take when refining the ACL to ensure that only necessary services communicate with the server, thereby reducing potential attack vectors?

A mid-sized healthcare organization needs to harden their Windows 11 workstations. They search for consensus-based configuration guides developed by cybersecurity professionals worldwide that provide step-by-step hardening instructions. Which hardening standard should they implement?

An organisation needs to enforce configuration management across 1,000 servers. They require a solution that can retrieve and apply configuration updates. Which configuration management solution BEST fits this requirement?

During a security audit, an assessor discovers that a Windows Server has Telnet, TFTP, and the Windows Fax and Scan services enabled despite the application never using these features. These unnecessary services present potential attack vectors that could be exploited. Which hardening baseline practice addresses this finding?

A large organization faces increasing threats from unauthorized devices trying to gain access to its network. The Chief Information Security Officer (CISO) wants to modify the company's network infrastructure to incorporate a more rigorous method of validating users and devices before granting them access to resources. Which network access control method should the CISO implement to ensure rigorous validation of both users and devices, offering the highest level of security against unauthorized access to the company's network resources?

A newly-hired cybersecurity manager of a software company evaluates the available intrusion detection and intrusion prevention capabilities of the company. What method detects changes in normal “baseline” operating data sequences and identifies abnormal sequences?

A DevOps team notices that production servers have gradually deviated from their original secure baselines over the past year due to manual emergency fixes, temporary software installations, and undocumented configuration changes made during incident response. This accumulation of changes has created security inconsistencies and exploitable gaps across the environment. What is this phenomenon called?