ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization manages 250 Windows 10 laptops used to administer AWS workloads. Policy demands browsers block third-party cookies, disallow password storage, require TLS 1.2+, and forbid unsigned extensions. The security team needs a centrally managed method to set these options and stop users from changing them with minimal ongoing effort. Which solution best meets these requirements?
Email detailed instructions to employees and require quarterly screenshots to prove their browsers meet the standard.
Deploy an AWS Network Firewall rule group that blocks all traffic not using TLS 1.2 or higher.
Configure browser security options through Active Directory Group Policy Objects using the appropriate browser administrative templates.
Add HTTP Strict Transport Security (HSTS) headers to every internal web application employees visit.
Active Directory Group Policy Objects (GPOs) let administrators push browser security settings-such as enforcing TLS versions, disabling password storage, blocking third-party cookies, and controlling extension installation-to every domain-joined workstation. Administrative template policies for Microsoft Edge, Chrome (via ADMX), and Internet Explorer are applied at logon and refreshed regularly, ensuring settings remain in place even if users attempt to modify them. Distributing written instructions relies on user compliance and offers no technical enforcement. AWS Network Firewall can restrict network traffic but cannot reach into endpoint browsers to disable features or manage extensions. Implementing HSTS on internal web apps ensures those specific sites use HTTPS, yet it does not govern client-side password managers, cookies, or extension controls across all browsing. Therefore, centrally managed GPOs provide the comprehensive, low-overhead, and enforceable approach required.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Group Policy Objects (GPOs) in Active Directory?
Open an interactive chat with Bash
How do browser administrative templates work with Active Directory GPOs?
Open an interactive chat with Bash
Why is TLS 1.2+ enforcement critical in enterprise browser settings?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .