Help with a question

SeekBytesSeekBytes Member Posts: 143
Dear members,

The author of the book says that the correct answer is "C", but I am do not agree with it.

That's the question

A set of standardized system images with a pre-defined set of applications is used to build end-user workstations. The security administrator has scanned every workstation to create a current inventory of all applications that are installed on active workstations and is documenting which applications are out-of-date and could be exploited. The security administrator is determining the:

A - attack surface
B - application hardening effectiveness
C - application baseline
D - OS hardening effectiveness

What would you answer?

A or C?

Kind Regards.


  • Options
    TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    This is a matter of what is the best answer. Yes out of date applications present an attack surface, but an attack surface is much more than just applications.

    Here you are just querying the state of the applications on workstations. Much the same to getting the state of a server to see the baseline of its workload.

    Which is why this is called an Application Baseline.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • Options
    SeekBytesSeekBytes Member Posts: 143
    Thank you Taco for answering.
  • Options
    SeekBytesSeekBytes Member Posts: 143
    I post another question which I don't get.

    Bart wants to send a secure email to Lisa so he decides to encrypt it. Bart wants to ensure that Lisa can verify that he sent it. Which of the following does Lisa need to meet this requirement?

    A - Bart's public key
    B - Lisa's private key
    C - Lisa's public key
    D - Bart's private key

    The correct answer is "A". I answered "D".

    The point that I do not get is regarding the owner of the private key. In this case, the question states that Bart wants Lisa to be certain that the message was from Bart. This part of the sentence made me think that since only Bart owns the private key, the message cannot be sent by anybody else.

    Can somebody help me with this?

    Kind Regards.
  • Options
    SeekBytesSeekBytes Member Posts: 143
    I found where is the problem. I re-reading Chapter 10 from Darril Gibson's book.
Sign In or Register to comment.