A security practitioner detects an Endpoint attack on the organization's network. What is the MOST reasonable approach to mitigate future Endpoint attacks?
A.
Remove all non-essential client-side web services from the network.
B.
Harden the client image before deployment.
C.
Screen for harmful exploits of client-side services before implementation.
D.
Block all client-side web exploits at the perimeter.
Would go with C. Question is on security and ask REASONABLY, so which option aligns more towards how a security reaction would be?
Hardening is part and parcel but will it really stop attacks? Rem TOCTOU concept.
Screening action has more biased towards Security aspect although also susceptible to TOCTOU. Try not to over think between the 2.
Answer B)
B will make the attack surface footprint smaller.
Both C and D are essentially the same (one looks for and the other blocks...but in both case you have to know exactly what you are looking for and this will not help at all with ZERO DAY exploits).
Also want to note that although the image is hardened, that doesn't mean it is fully protected from all endpoint attacks. At least after screening, you will know all the possible attacks before deployment. These screen attacks can determine necessary endpoint configurations.IMO
The most reasonable approach to mitigate future Endpoint attacks would be to harden the client image before deployment. This means ensuring that the endpoint devices are properly configured, patched, and updated to reduce vulnerabilities that can be exploited by attackers. This approach would help to prevent future attacks and improve the overall security posture of the organization. The other options listed can also be helpful in improving security, but hardening the client image is the best first step to take in this scenario.
screening for harmful exploits of client-side services before implementation (option C) is also an important approach to mitigate future Endpoint attacks.
Screening for harmful exploits involves assessing and evaluating client-side services and their potential vulnerabilities before they are implemented in the network. By conducting security assessments and testing for known vulnerabilities or exploits, organizations can identify and address potential risks and weaknesses in client-side services. This proactive approach helps prevent the introduction of vulnerable software or services that could be targeted by attackers.
Both options B (hardening the client image) and C (screening for harmful exploits) are important steps to enhance the security of endpoints and mitigate the risk of future attacks. These measures should be implemented in combination to establish a robust defense against Endpoint attacks.
I was struggeling between B and C.
Because B is general preventive against various misconfiguration and C is a mitigation to specific threads (which may or may not a configuration issue) I choose C.
C also covers common vulnerability scanning and so on.
Why wouldn't hardening the client image be more desired?
Harden the client image before deployment is the most reasonable approach to mitigating future Endpoint attacks. Hardening the client image involves removing or disabling any unnecessary software or services, configuring the system to meet security best practices, and implementing appropriate security controls. By removing or disabling unnecessary software or services, the attack surface of the system is reduced, making it more difficult for attackers to exploit vulnerabilities in the system.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
stickerbush1970
Highly Voted 2 years, 2 months agojackdryan
1 year, 6 months agogiovi
Highly Voted 2 years, 1 month agostack120566
Most Recent 1 day, 11 hours agoklarak
7 months agosbear123
8 months agohoho2000
8 months, 2 weeks agoYesPlease
11 months, 2 weeks agoshmoeee
12 months agoshmoeee
12 months ago74gjd_37
1 year, 1 month agoBach1968
1 year, 4 months agodmo_d
1 year, 6 months agocryptofetti
1 year, 7 months agomeelaan
1 year, 10 months agooudmaster
1 year, 11 months agoIXone
2 years agofranbarpro
2 years, 1 month ago