During a quarterly security assessment, an administrator reviewing several newly racked servers notices that each motherboard includes an 802.11ax/Bluetooth radio that shipped from the manufacturer enabled by default. The organization's data-center policy forbids any form of wireless communication on production hosts. Which action, performed during the next maintenance window, BEST satisfies the hardware-hardening requirement?
Install a host-based firewall and block all outbound HTTPS traffic.
Replace the factory wireless antenna leads with shielded cables to absorb RF signals.
Enable 802.1X authentication on every wired Ethernet interface.
Disable the onboard Wi-Fi/Bluetooth adapter in the server's UEFI/BIOS settings.
Hardware hardening reduces the attack surface by removing or disabling components that the workload does not need. Because the servers must not use wireless networking, the most direct and reliable control is to disable the integrated Wi-Fi/Bluetooth adapter in system firmware (UEFI/BIOS). Doing so physically prevents the radio from transmitting or receiving and eliminates the associated drivers and services at the OS level. Enabling 802.1X on wired NICs secures Ethernet access but leaves the wireless interface active. Installing a host-based firewall is a software control that still allows the wireless hardware to function and does not meet the policy's prohibition. Replacing antenna leads with shielded cabling would be an improvised mitigation and still leaves the device powered and detectable. Therefore, disabling the onboard wireless adapter in firmware is the correct, policy-compliant hardening step.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is UEFI/BIOS, and why is it used to disable hardware features?
Open an interactive chat with Bash
Why is disabling Wi-Fi/Bluetooth in firmware better than using software controls like firewalls?
Open an interactive chat with Bash
What is hardware hardening, and how does it improve security?