ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 196 discussion

Actual exam question from CompTIA's SY0-601
Question #: 196
Topic #: 1
[All SY0-601 Questions]

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be BEST to use to update and reconfigure the OS-level security configurations?

  • A. CIS benchmarks
  • B. GDPR guidance
  • C. Regional regulations
  • D. ISO 27001 standards
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by stoneface at Sept. 2, 2022, 2:24 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
stoneface
Highly Voted 2 years, 9 months ago
Selected Answer: A
CIS Benchmarking -> CIS Benchmarks from the Center of Internet Security (CIS) are a set of globally recognized and consensus-driven best practices to help security practitioners implement and manage their cybersecurity defenses.
upvoted 38 times
...
RonWonkers
Highly Voted 2 years, 9 months ago
Selected Answer: A
It is A
upvoted 6 times
pgonza
2 years, 7 months ago
Why A?
upvoted 1 times
saka2020
2 years, 4 months ago
Using CIS benchmarks to update and reconfigure the OS-level security configurations would help to ensure that the configurations are up-to-date and in compliance with industry best practices. It would also help to address the issues identified in the information security assessment and improve the overall security posture of the company.
upvoted 3 times
...
...
...
LordJaraxxus
Most Recent 1 year, 3 months ago
Selected Answer: A
In addition to frameworks, you can also use various guides to increase security. This includes benchmarks or secure configuration guides, platform- or vendor-specific guides, and general-purpose guides. On the surface, this is quite simple. When configuring Windows systems, use a Windows guide to identify secure settings. When configuring Linux systems, use a Linux guide.
upvoted 2 times
...
Afel_Null
1 year, 8 months ago
Selected Answer: D
Benchmarks are used to test your systems against, they can't be used either as update tools, nor as guidelines.
upvoted 1 times
daddylonglegs
1 year, 8 months ago
CIS benchmarks is correct. If you don't have familiarity with them I can see how you would be confused by this one.
upvoted 4 times
...
...
RevolutionaryAct
1 year, 10 months ago
Selected Answer: C
Why wouldn't it be C. Regional regulations? Everything else is best practices, recommendations, etc. but not required by law and thus wouldn't technically be a compliance issue.
upvoted 1 times
...
ApplebeesWaiter1122
1 year, 11 months ago
Selected Answer: A
The best option to use for updating and reconfiguring the OS-level security configurations in this scenario would be CIS (Center for Internet Security) benchmarks. CIS benchmarks are widely recognized as authoritative guidelines for secure configuration settings for various operating systems, software, and network devices. CIS benchmarks are developed through a consensus-based approach involving experts from various industries and government organizations. They provide detailed and specific guidance on secure configuration settings, including hardening standards, for different platforms. By following CIS benchmarks, organizations can improve their security posture by aligning their systems with industry-accepted best practices.
upvoted 1 times
...
okay123
2 years, 6 months ago
Selected Answer: A
CIS Benchmarks for mobile devices cover security configurations for operating systems that run on mobile phones, tablets, and other hand-held devices. ISO/IEC 27001 is an Information security management standard that structures how businesses should manage risk associated with information security threats; The General Data Protection Regulation sets guidelines for the collection and processing of personal data of individuals within the European Union; its about how organizations should handle the personal data of individuals
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel