1) Which mitigation strategy focuses primarily on minimizing system vulnerabilities?

2) Identifying and controlling external connections to a network involves:

3) What step ensures no sensitive data remains on decommissioned hardware?

4) A security policy restricting app installation only to those vetted by IT refers to:

5) Allowing traffic only from trusted sources at the host level uses:

6) Updating outdated encryption protocols falls under which mitigation technique?

7) Placing unused services into a separate security zone is an example of:

8) Removing unnecessary pre-installed software from endpoints supports:

9) Which hardening practice involves replacing manufacturer-provided credentials?

10) One hardening method includes disabling unused:

11) A system that monitors and blocks known threats on individual machines is a:

12) What host-based control restricts unauthorized inbound and outbound traffic?

13) Installing anti-malware solutions on endpoints is an example of:

14) Strengthening systems to reduce their vulnerability surface is known as:

15) Securely removing devices or systems from service is part of:

16) Enforcing system settings to align with security standards is called:

17) Providing users only the rights necessary to perform their tasks is:

18) Continuously reviewing system logs and activities is part of:

19) Encoding sensitive information to prevent unauthorized access involves:

20) Regularly applying software updates addresses vulnerabilities by:

21) Keeping systems separate to protect critical assets is referred to as:

22) Allowing only approved software to run on a system describes:

23) Limiting user actions based on roles and job functions enforces:

24) A set of rules used by routers and firewalls to permit or deny traffic is called:

25) Dividing a network into smaller parts to limit lateral movement is known as: