As a penetration tester, you have identified a server that is running several unnecessary services which could potentially lead to increased attack vectors. What is the BEST course of action to take in order to improve the server's security?
Install a firewall to control inbound and outbound traffic.
Enforce strong password policies for server access.
Disable all unnecessary services on the server.
Update all software on the server to the latest versions.
Disabling unnecessary services is considered the best practice for system hardening because it minimizes the potential attack surface of the server by reducing the number of potential targets for an attacker. While updating software, installing a firewall, and enforcing strong password policies are all important security measures, they do not directly address the issue of unnecessary services which can be exploited by an attacker.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does system hardening mean?
Open an interactive chat with Bash
Why is it important to disable unnecessary services?