For an upcoming security audit, a junior administrator must apply basic hardening steps to fifty Windows and Linux workstations that will be issued to remote employees. Which of the following actions represents a fundamental system-hardening control that should be completed before deployment?
Configure the host firewall to allow all outbound ports by default.
Create a local administrator account with the same strong password on every workstation.
Install all vendor-supplied security updates and critical patches.
Enable guest accounts on each system to simplify initial user logins.
Applying all vendor-supplied security updates and critical patches ensures that known vulnerabilities in the operating system and installed applications are remediated before the systems are exposed to users or the internet. Enabling guest accounts, opening all outbound firewall ports, or using the same local administrator password across machines would each increase the attack surface and therefore do not constitute proper hardening.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is regularly updating systems considered a best practice for security?
Open an interactive chat with Bash
What is the risk of using vendor-supplied default passwords on devices?
Open an interactive chat with Bash
How does disabling a firewall decrease system security?