Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?

A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully.

Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?
A . Ensure an implicit permit rule is enabled
B . Configure the log settings on the firewalls to the central syslog server
C . Update the firewalls with current firmware and software
D . Use the same complex passwords on all firewalls

View Answer

Answer: C

Explanation:

Updating the firewalls with current firmware and software is an important step to ensure all the firewalls are hardened successfully, as it can fix any known vulnerabilities or bugs and provide new features or enhancements. Enabling an implicit permit rule is not a good practice for firewall hardening, as it can allow unwanted traffic to pass through the firewall. Configuring the log settings on the firewalls to the central syslog server is a good practice for monitoring and auditing purposes, but it does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a good practice for password security, as it can increase the risk of compromise if one firewall is breached.

Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening techniques.