A network administrator is tasked with hardening the security of the company's network devices. Which of the following actions BEST aligns with the principle of reducing the attack surface by managing device configurations?
Harmonize traffic rates across all ports
Encrypt all management traffic to devices
Enable additional services for remote management
Implement port mirroring to monitor data flows
Disable all unused ports on network switches and routers
Disabling all unused ports on a switch effectively reduces the number of entry points available to a potential attacker, thus decreasing the device's attack surface. Disabling services that are not needed has a similar effect by removing potential targets for exploitation that are not required for business operations. Other options like harmonizing traffic rates or encrypting management data, although beneficial for overall security, do not specifically align with the goal of reducing the attack surface through managing device configurations as directly as disabling unused ports and unnecessary services does.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to reduce the attack surface?
Open an interactive chat with Bash
Why is it important to disable unused ports on switches and routers?
Open an interactive chat with Bash
What are some other ways to manage device configurations for security?