An organization runs an internal payroll platform on a server with an unchanged default password, open remote administration, and several default services left active. Unusual activity reveals attempts to exploit these weaknesses. Which action best addresses the primary issue behind these findings?
Add data encryption and run social engineering training for anyone with elevated privileges
Restrict user accounts to a few internal administrators and run host-based monitoring to catch suspicious traffic
Use fortified system images, remove default login credentials, and deactivate unnecessary services
Enable multi-factor authentication for remote logins while maintaining current configurations
Proper system hardening eliminates default access vectors like unchanged passwords and active remote administration ports. Using secure baseline images and disabling unnecessary services reduces the attack surface significantly. While multi-factor authentication and monitoring improve security, they don’t fix weak default settings. Encryption and user training are valuable but unrelated to the root cause—default insecure configurations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is system hardening?
Open an interactive chat with Bash
Why are default passwords and settings a security risk?