Ethical Hacking Essentials Practice Test

Which of the following practices can help security teams protect the web server from cyberattacks?

• A. Limit the server functionality to support only the web technologies to be used
• B. Implement broad network access to promote flexibility
• C. Enable all functionalities to allow for future scalability
• D. Provide unrestricted access to all users

The correct answer is: Limit the server functionality to support only the web technologies to be used

Limiting the server's functionality to support only the web technologies that are necessary is a fundamental security practice known as "minimizing the attack surface." By reducing the number of services and functionalities that run on a web server, the potential points of entry for a cyberattack are decreased. This means that attackers have fewer vulnerabilities to exploit, making it significantly harder for them to succeed in compromising the server. For example, if a web server only needs to serve HTML pages and needs a database connection, it should be configured to disable any additional services like FTP, SSH, or test web applications that may not be needed. This kind of focused configuration reduces the risk of undetected vulnerabilities present in unnecessary services and also simplifies the management and monitoring of the server's security posture. In contrast, broader strategies such as implementing wide network access can introduce significant vulnerabilities by exposing the server to more potential threats and reducing the ability to control and monitor incoming traffic. Enabling all functionalities for future scalability can lead to unnecessary complexities that could become entry points for attackers. Providing unrestricted access to all users contradicts the principle of least privilege and poses severe security risks, as it allows unauthorized individuals to exploit server vulnerabilities easily.