1. The term attack surface refers to all of the software a computer runs that is vulnerable to attack.

1. True

2. False

  2. The best way to secure an unneeded service is to disable it.

1. True

2. False

  3. The process of making configuration changes and deploying controls to reduce the attack surface is called ________.

  4. Which Windows Server feature allows you to specify which services you want to include during the operating system installation?

1. Edition

2. Role

3. GPO

4. Configuration

  5. Which Windows Server installation option includes only a minimal environment to just run selected services?

1. Server core

2. Foundation

3. Standard

4. Runtime

  6. Which Microsoft tool guides administrators and creates policies based on least privilege to reduce the attack surface of a Windows server after installation?

1. GPO

2. MBSA

3. SCT

4. NMAP

  7. You can use GPOs to deploy Windows Firewall rules.

1. True

2. False

  8. Which of the following actions is the best action to take to secure an unneeded service?

1. Close the port.

2. Disable the service.

3. Delete the service from Services.

4. Create a GPO restriction for the service.

  9. You should disable the ________ user account to make it harder for attackers to access the default escalated-privilege account.

10. AD makes securing many computers in a network more complex.

1. True

2. False

11. The ________ tool is a handy open source tool to scan computers for open ports.

12. Which term describes software that defines and implements a policy that describes the requirements to access your network?

1. SCW

2. VPN

3. GPO

4. NAC

13. VPNs increase security of remote connection by guaranteeing all traffic is encrypted.

1. True

2. False

14. Which Microsoft VPN protocol makes it easy to use VPNs even through firewalls?

1. L2TP

2. SSTP

3. TLS

4. TCP

15. ________ refers to the hardware, software, policies, and procedures to manage all aspects of digital certificates.