Difficulty: Hard

Average Score: 0%

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Select two).

Rationale

Disable default accounts and remove unnecessary services.

Both steps are critical in server hardening as they reduce the attack surface by eliminating potential vulnerabilities. Disabling default accounts prevents unauthorized access through known credentials, while removing unnecessary services minimizes the number of entry points that could be exploited by attackers.

A (Disable default accounts.) CORRECT

Default accounts often come with predefined access that can be exploited if left enabled. By disabling them, an administrator significantly reduces the risk of unauthorized access, as attackers frequently target these accounts due to their widespread knowledge and use.

B (Add the server to the asset inventory.) YOUR ANSWER

While maintaining an asset inventory is important for overall IT management and security, it does not directly contribute to the hardening of the server itself. This step is more about organizational tracking rather than reducing vulnerabilities or exposure to threats.

C (Remove unnecessary services.) CORRECT

Removing unnecessary services is a vital step in hardening a server. Each running service can potentially be an attack vector; by limiting the number of active services, the administrator diminishes the server's exposure to potential exploits and vulnerabilities.

D (Document default passwords.) YOUR ANSWER

Documenting default passwords does not enhance security; rather, it can inadvertently contribute to risks if that documentation falls into the wrong hands. The focus should be on changing or disabling default passwords rather than just documenting them.

E (Send server logs to the SIEM.) YOUR ANSWER

Sending logs to a Security Information and Event Management (SIEM) system is a valuable practice for monitoring and responding to threats, but it does not directly contribute to hardening a server prior to deployment. This step is more about post-deployment security management.

F (Join the server to the corporate domain.) YOUR ANSWER

Joining a server to the corporate domain is a standard practice for user management and policy enforcement, but it does not directly address server hardening. This action is more related to network integration than enhancing the security posture of the server itself.

Conclusion

For effective server hardening before deployment, administrators should focus on disabling default accounts and removing unnecessary services. These actions directly mitigate potential security vulnerabilities, ensuring a more secure server environment. Other choices, while important in broader security practices, do not specifically contribute to the hardening process.

Related Questions

View all