A security analyst is hardening a new Linux web server that will host a public-facing website. A port scan reveals the following services are running:
SSH (port 22)
HTTP (port 80)
HTTPS (port 443)
FTP (port 21)
Telnet (port 23)
The server will be managed remotely by administrators, and web content will be updated by pushing files from a secure, internal repository. Which of the following actions BEST enhances the server's security by reducing the attack surface?
Disable the FTP and Telnet services.
Keep all services active but place the server behind a web application firewall (WAF).
Disable the HTTP service and only allow HTTPS.
Disable the SSH service and use Telnet for remote administration.
The most effective method to reduce the attack surface is to disable unnecessary and insecure services. In this scenario, the server's function does not require FTP or Telnet. FTP transmits credentials and data in cleartext, making it insecure. Telnet is also a cleartext protocol for remote management and should always be replaced by the more secure SSH protocol. While disabling HTTP in favor of HTTPS is a recommended security practice for web traffic, leaving the highly insecure FTP and Telnet services active represents a more significant and immediate risk. Therefore, disabling both FTP and Telnet is the best action to harden the server.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does deactivating unused software reduce infiltration risks?
Open an interactive chat with Bash
What are some examples of unused components that could pose risks if left active?
Open an interactive chat with Bash
How can organizations identify and deactivate unused software effectively?