IC34 Questions with complete solution
2025/2026
What is System Hardening? - correct answer ✔The process of securing a system by reducing its attack
surface
Reducing available vectors of attack typically includes:
Removal of unnecessary software Removal of unnecessary user accounts Strong access controls (e.g.
multifactor authentication)
Disabling or removal of unnecessary services
Installing security patches
What Types of Systems or Devices Can Be Hardened? - correct answer ✔Nearly anything that is
configurable! Operating Systems
Databases
Applications
Managed switches
Routers firewalls
Communication gateways Modems .
PLCs, RTUs
IEDs
VFDs
OS Hardening Guidance - correct answer ✔NIST SP 800-123 "Guide to General Server Security" .
Microsoft Security Guides
Center for Internet Security's (CIS) Security Benchmarks
,Defense Information Systems Agency's "Security Technical Implementation Guides" (DISA STIGs)
Security Guides from Automation Suppliers
Yokogawa
Emerson -
Honeywel
Siemens -
others
Basic Steps to Secure an Operating System - correct answer ✔Patch and update the OS/
Remove or disable unnecessary services, applications, and network protocols
Configure OS user authentication . Configure access controls appropriately Install and configure
additional security
controls
Test the security of the OS
Examples of Unnecessary Software/Services - correct answer ✔Games
Device drivers for hardware not included
Messaging services
Servers or clients for unused internet or remote access services
Software compilers (except from non-production, development machines) Software compilers for
unused languages
Unused protocols and services .
Unused administrative utilities, diagnostics, management and system management functions .
Test and sample programs or scripts . Unused productivity suites and word processing utilities
Unlicensed tools and shareware Universal Plug and Play services
, CIS Security Configuration - correct answer ✔Recommended technical control rules/values for
hardening operating systems, middleware and software applications, and network devices;
Accepted by government, business, professionals worldwide .
Downloaded several hunsreds thoudand times per year
Distributed free of charge by CIS in .PDF format
Also available in XCCDF, a machine readable XML format
Used by thousands of enterprises as a basis for security configuration policies and the de facto standard
for IT configuratiob best practices.
https://www.cisecurity.org/
Center for Internet Security (CIS) - correct answer ✔Windows Benchmarks Linux Benchmarks Windows
Server 2000Amazon Linux Windows Server 2003CentOS Linux . Windows Server 2008Debian Linux
Windows Server 2012Oracle Linux Windows 7 . Red Hat Linux Windows 8 Slackware Linux WindowS NT .
SuSE Linux Windows XP . Ubuntu Linux
CIS Microsoft Windows 7 Benchmark - correct answer ✔Provides prescriptive guidance for establishing
a secure configuration posture for Microsoft Windows 7
Details approximately 250 recommended settings for local group policies
For each policy
Description -
Rationale Audit -
Remediation -
Impact Default Value -
2025/2026
What is System Hardening? - correct answer ✔The process of securing a system by reducing its attack
surface
Reducing available vectors of attack typically includes:
Removal of unnecessary software Removal of unnecessary user accounts Strong access controls (e.g.
multifactor authentication)
Disabling or removal of unnecessary services
Installing security patches
What Types of Systems or Devices Can Be Hardened? - correct answer ✔Nearly anything that is
configurable! Operating Systems
Databases
Applications
Managed switches
Routers firewalls
Communication gateways Modems .
PLCs, RTUs
IEDs
VFDs
OS Hardening Guidance - correct answer ✔NIST SP 800-123 "Guide to General Server Security" .
Microsoft Security Guides
Center for Internet Security's (CIS) Security Benchmarks
,Defense Information Systems Agency's "Security Technical Implementation Guides" (DISA STIGs)
Security Guides from Automation Suppliers
Yokogawa
Emerson -
Honeywel
Siemens -
others
Basic Steps to Secure an Operating System - correct answer ✔Patch and update the OS/
Remove or disable unnecessary services, applications, and network protocols
Configure OS user authentication . Configure access controls appropriately Install and configure
additional security
controls
Test the security of the OS
Examples of Unnecessary Software/Services - correct answer ✔Games
Device drivers for hardware not included
Messaging services
Servers or clients for unused internet or remote access services
Software compilers (except from non-production, development machines) Software compilers for
unused languages
Unused protocols and services .
Unused administrative utilities, diagnostics, management and system management functions .
Test and sample programs or scripts . Unused productivity suites and word processing utilities
Unlicensed tools and shareware Universal Plug and Play services
, CIS Security Configuration - correct answer ✔Recommended technical control rules/values for
hardening operating systems, middleware and software applications, and network devices;
Accepted by government, business, professionals worldwide .
Downloaded several hunsreds thoudand times per year
Distributed free of charge by CIS in .PDF format
Also available in XCCDF, a machine readable XML format
Used by thousands of enterprises as a basis for security configuration policies and the de facto standard
for IT configuratiob best practices.
https://www.cisecurity.org/
Center for Internet Security (CIS) - correct answer ✔Windows Benchmarks Linux Benchmarks Windows
Server 2000Amazon Linux Windows Server 2003CentOS Linux . Windows Server 2008Debian Linux
Windows Server 2012Oracle Linux Windows 7 . Red Hat Linux Windows 8 Slackware Linux WindowS NT .
SuSE Linux Windows XP . Ubuntu Linux
CIS Microsoft Windows 7 Benchmark - correct answer ✔Provides prescriptive guidance for establishing
a secure configuration posture for Microsoft Windows 7
Details approximately 250 recommended settings for local group policies
For each policy
Description -
Rationale Audit -
Remediation -
Impact Default Value -
