A network administrator is reviewing a production web server and observes the following output from the netstat command. Which of the following actions should the network administrator take to harden the security of the web server?

Rationale

Disable the unused ports.

Disabling unused ports is a fundamental security measure that reduces the attack surface of a web server by preventing unauthorized access through ports that are not actively in use. This practice minimizes potential vulnerabilities and helps safeguard the server from various network-based attacks.

A (Disable the unused ports.) CORRECT

This option directly addresses security by limiting access points to the server. Unused ports can be exploited by attackers, so disabling them is a proactive step in reducing vulnerabilities and enhancing overall security posture.

B (Enforce access control lists.) YOUR ANSWER

While enforcing access control lists (ACLs) is an important security measure, it typically applies to controlling traffic flow and permissions for users or devices accessing the network. However, it does not directly reduce the number of active ports, which is crucial for hardening the security of the web server.

C (Perform content filtering.) YOUR ANSWER

Content filtering focuses on controlling the type of content that can be transmitted or received by the web server, which is relevant for preventing malicious content but does not specifically address the security risks associated with open ports.

D (Set up a screened subnet.) YOUR ANSWER

Setting up a screened subnet provides an additional layer of network security and can help isolate servers from direct exposure to the internet. However, it does not directly affect the security of ports on the web server itself and may involve more complex network architecture adjustments than simply disabling unused ports.

Conclusion

To harden the security of a production web server, the most effective immediate action is to disable unused ports. This minimizes the risk of unauthorized access through inactive services, thereby enhancing the server's overall security. While other options like ACLs, content filtering, and screened subnets contribute to a secure environment, they do not directly address the vulnerabilities posed by open ports as effectively as disabling them.

A network administrator is reviewing a production web server and observes the following output from the netstat command. Which of the following actions should the network administrator take to harden the security of the web server?

Disable the unused ports.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test