A security analyst is hardening a new Linux web server that will host a public-facing website. A port scan reveals the following services are running:
SSH (port 22)
HTTP (port 80)
HTTPS (port 443)
FTP (port 21)
Telnet (port 23)
The server will be managed remotely by administrators, and web content will be updated by pushing files from a secure, internal repository. Which of the following actions BEST enhances the server's security by reducing the attack surface?
Disable the FTP and Telnet services.
Disable the HTTP service and only allow HTTPS.
Keep all services active but place the server behind a web application firewall (WAF).
Disable the SSH service and use Telnet for remote administration.
The most effective method to reduce the attack surface is to disable unnecessary and insecure services. In this scenario, the server's function does not require FTP or Telnet. FTP transmits credentials and data in cleartext, making it insecure. Telnet is also a cleartext protocol for remote management and should always be replaced by the more secure SSH protocol. While disabling HTTP in favor of HTTPS is a recommended security practice for web traffic, leaving the highly insecure FTP and Telnet services active represents a more significant and immediate risk. Therefore, disabling both FTP and Telnet is the best action to harden the server.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is Telnet considered insecure compared to SSH?
Open an interactive chat with Bash
What does 'reducing the attack surface' mean in cybersecurity?
Open an interactive chat with Bash
Why should FTP be disabled in favor of SFTP or other secure file transfer protocols?