4.4 Exercise 1: Pick the Right Pillar

🎯 How This Works

Each scenario describes a realistic device configuration with a problem buried in it. Type your prediction in the purple box — identify which of the six hardening pillars addresses the gap — then answer the question and check your reasoning.

Why predict first? Naming the pillar BEFORE you read the options is the fastest way to slash the trash. Most distractors are valid recommendations from a DIFFERENT pillar; they are only wrong because they don’t address THIS scenario.

✎ Guided Practice — 5 Scenarios
Scenario 1 of 5 — Pick the Pillar A hospital’s radiology imaging server is running Windows Server 2016 with the November 2022 cumulative update as its most recent patch. The vendor has released 38 security updates since then; none have been applied because no one scheduled a maintenance window. A vulnerability from June 2024 is actively exploited in the wild and now affects this server. Which hardening pillar PRIMARILY addresses this gap?
Predict First Name the pillar in two or three words before reading the choices.
Scenario 2 of 5 — Which Reference Baseline? An Army contractor is setting up a classified Linux server that will process controlled unclassified information under a DoD contract. Their compliance officer insists the server MUST be configured against a specific, prescriptive baseline with severity-rated settings (CAT I / II / III). Which reference baseline does this scenario describe?
Predict First Which publisher produces baselines specifically for DoD environments?
Scenario 3 of 5 — Spot the Dangerous Line A junior admin wrote this change log to document several “small fixes” applied to a production web server during a weekend incident. Which line represents the MOST dangerous hardening regression that should be reverted immediately?
CHANGE LOG - web-prod-03 - weekend incident response
(A) Disabled host-based firewall temporarily to rule out
    a rule conflict. Firewall is STILL OFF as of Monday AM.
(B) Rotated the service-account password ahead of schedule
    because of a suspected exposure.
(C) Applied emergency OS patches KB5031356 and KB5032190
    with the vendor’s approval.
(D) Added a test admin account for the on-call engineer;
    account is scheduled for deletion Tuesday.
Predict First Which line describes an UNDONE weakening that is still live in production?
Scenario 4 of 5 — Multi-Select (Which are TRUE?) A CIO is comparing endpoint protection tiers for her 3,000 workstations. Consider the following statements. Select ALL that are TRUE. No credit for selecting incorrect options.
Predict First Rank AV, NGAV, EDR, and XDR from least to most capability. Your ranking is the key.
Scenario 5 of 5 — Terminology Recall Fill in each blank with the correct term from Lesson 4.4.
Predict First Say the three terms aloud before typing.

1. The gradual divergence of a device’s live configuration from its documented secure baseline is called configuration .

2. Deployment model in which the organization manages only specific corporate applications on an employee’s personal device is called Mobile .

3. A free, consensus-driven configuration guide for common platforms, published by a U.S. nonprofit, is called a .

0 / 5 Scenarios correct — review any missed answers, then move to Exercise 2.
📚 Pattern to Remember

Most AP Cyber hardening MCQs follow one of three stems: (1) scenario describes a weakness, pick the pillar that addresses it; (2) scenario describes an audit finding, identify the regression; (3) scenario asks you to choose among endpoint tiers (AV / NGAV / EDR / XDR) for a given threat. Predict-first works on all three.

AP Cybersecurity · Unit 4 · Lesson 4.4 · Exercise 1
LessonExercise 1LabQuiz

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]