A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?
To ensure that all firewalls are hardened successfully, updating them with the current firmware and software is critical. This step ensures that all known vulnerabilities are patched and that the firewalls have the latest security improvements and features. Installing updates is an essential part of the hardening process as it directly increases the security posture of the firewalls by mitigating potential exploits.
C is WRONG: https://www.fortinet.com/resources/cyberglossary/firewall-configuration Update the firmware has to be the very first step, obviously. Step 4: Configure Other Firewall Services and Logging
Well as they've not already done it, they should be doing it next..no?
I think it is implied that firmware updates are included in the aforementioned configuration. This is the sort of thing that trips me up on tests though. It's not the best worded question IMO.
I was wrong on this actually. Setting the logs is important for monitoring but not necessarily directly for hardening. I think the answer CompTIA is looking for is C.
C is CORRECT based on your argument. It should have been done first, but it was clearly not done yet. You can't "assume" this task was completed, when the question doesn't say so. In real life too, you can't "assume" that a tech updated the firewall, when nothing was mentioned in the ticketing system about it. Your manager will be upset if you "assume" work was done, without "knowing".
Correct answer==B, Just after configuring all necessary things, the next step is to simply configure the log settings on the firewalls to the central Syslog server.
I would tend to go with C here. I don't feel configuring log settings relates to hardening a firewall. Open to correction here and just my thoughts.
I agree. Configuring logs does nothing to harden a system. They should have updated the firmware, but they didn't do it yet in the question, so it needs to be done before sending the device out (I am an jr. I.T. Systems Integrator)
The keyword is HARDEN, how does setting up logs harden anything. The only answer that fits is updating the firmware, as that would patch up any vulnerabilities.
Patching will update to the most up to date SW
This is a hardening question not a protocol question.
To ensure that all the firewalls are hardened successfully after configuring them with the correct settings, the network engineer should perform the following: B. Configure the log settings on the firewalls to the central syslog server. Configuring the log settings to send firewall logs to a central syslog server is a crucial step in hardening and monitoring the security of the firewalls. This allows for centralized logging and analysis of firewall events, which is important for detecting and responding to security incidents, as well as for auditing and compliance purposes.
keyword hardened, next step to hardening only with answer C
With the previous exams, I believe that word "hardened" associates with "updates" in comptia
Guys comptia trying to confuse, but there is a signs "configured new firewalls with the correct configuration" to be deployed to each remote branch After configuring new firewalls with the correct settings and disabling unneeded services, the next step to ensure that all the firewalls are hardened successfully should be: C. Update the firewalls with current firmware and software
Clue is "Hardening". While logging is important, it doesn't fit the question here.
Log management is definitely important in network hardening.
B is the right choice To get all questions, contact me <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="f4809c9195da87999d809cc6c4b49b8180989b9b9fda979b99">[email protected]</a>
To ensure that all the firewalls are hardened successfully after configuration, the network engineer should perform the following step next: B. Configure the log settings on the firewalls to the central syslog server Configuring the log settings to send firewall logs to a central syslog server enables centralized monitoring and analysis of security events and policy violations across all firewall devices. This allows for better visibility into potential security threats and helps ensure that the firewalls are effectively protecting the network. Therefore, configuring log settings to send logs to a central syslog server would be the appropriate next step to ensure that all firewalls are hardened successfully.
To ensure the best security and performance, it is generally recommended to update the firewalls with current firmware and software before configuring the firewall rules. This allows you to start with a secure and stable foundation and ensures compatibility between the firmware/software and the firewall rules.
Agreed, I've seen instances where upgrading firmware on a firewall completely wiped out the configured firewall rules (which it obviously should not do). If it were me, upgrading to current firmware would be the first step with a new firewall.
C seems to be the correct answer here: "... new firewalls with the correct configuration to be deployed" implies that the firewall has not yet been deployed, so the next step would be to update the firmware before putting it into a production environment. Logging is not a hardening technique.
Configure Log Settings (B): Configuring log settings is crucial for monitoring and auditing the firewall's activity. By sending logs to a central syslog server, the network engineer can have a centralized view of firewall events, aiding in troubleshooting and security analysis.
i think its C because of the key word hardend
B sounds logical to me