Exam 200-301 topic 1 question 685 discussion

A,D Use a cryptographic keychain to authenticate to network devices is correct, think Maintain network equipment in a secure location should be for physical not for security posture

AD are feasible. E is not realistic. You can't put network devices wherever you want. It's decided by many factors, like structure of the building, user location, cable length limitation, comms room location.

D & E are correct A is incorrect, while cryptographic keychains can enhance authentication security, they are not the only or primary recommended practice for securing a network.

The questions asks about an "acceptable security posture". Anything less than D and E is not acceptable; it's the bare minimum in regard to securing access to a network. The rest are nice to have, but in many cases may be unnecessarily complex or difficult to implement in non-enterprise scenarios.

The two recommended practices for an acceptable security posture in a network are: D. Disable unused or unnecessary ports, interfaces, and services. E. Maintain network equipment in a secure location. Here's an explanation for each: D. Disable unused or unnecessary ports, interfaces, and services: By disabling any ports, interfaces, or services that are not actively needed, you reduce the potential attack surface of your network. Unused components may have vulnerabilities that could be exploited, so disabling them enhances security. E. Maintain network equipment in a secure location: Physical security is crucial for network equipment. Placing network devices in a secure location helps prevent unauthorized access, tampering, or theft. Physical security complements other security measures and is an integral part of an overall security strategy.

Answer: D and E Physical security is also a part of security posture. Cryptographic keychain is manly about data encryption, not authentication.

E is about physical security.

Agree alejandro

A and D is the correct answers