Which of the following best describes the purpose of device hardening for endpoints like laptops and desktops?

A security architect wants to ensure that every device connecting to the corporate network meets a standardized security checklist for configuration (for example, ensuring certain ports are closed, USB devices are disabled, etc.). Which of the following mechanisms is designed to verify and remediate deviations from that checklist?

An organization is worried about malware spreading laterally between workstations. The security team configures VLANs so that devices in the finance department are isolated from those in the marketing department. Which of the following describes this security strategy?

A systems administrator wants to guarantee that malicious or unauthorized scripts cannot run on corporate endpoints. The organization decides to only permit scripts that are explicitly approved. Which of the following describes this approach?

Which of the following is a benefit of full disk encryption (FDE) on a laptop?

Which of the following is not typically managed by a mobile device management (MDM) solution?

A network administrator notices that the host-based intrusion detection system (HIDS) on a server is alerting on unusual changes to a critical system file. Which of the following features is the HIDS most likely using?