D. Deny WMI traffic from the User-ID agent to any external zone1
WMI, or Windows Management Instrumentation, is a mechanism that can be used to actively probe managed Windows systems to learn IP-user mappings1. Because WMI probing trusts data reported back from the endpoint, it is not a recommended method of obtaining User-ID information in a high-security network1. On sensitive and high-security networks, WMI probing increases the overall attack surface, and administrators are recommended to disable WMI probing and instead rely upon User-ID mappings obtained from more isolated and trusted sources, such as domain controllers
If WMI probing is used, it should not be enabled on external untrusted interfaces
upvoted 2 times
...
...
This section is not available anymore. Please use the main Exam Page.PCNSA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cjace
11 months, 2 weeks agoperceptivity
1 year, 9 months agohackeryorch
10 months, 3 weeks ago