EC-CouncilEC-Council
312-50V13 · Question #74
312-50V13 Question #74: Real Exam Question with Answer & Explanation
The correct answer is B: To defend against webserver attacks. ISAPI filters are extensions for IIS web servers that can introduce vulnerabilities if not properly managed, so removing unnecessary ones reduces the attack surface.
Submitted by rania.sa· Mar 6, 2026Hacking Web Servers
Question
Why should the security analyst disable/remove unnecessary ISAPI filters?
Options
- ATo defend against social engineering attacks
- BTo defend against webserver attacks
- CTo defend against jailbreaking
- DTo defend against wireless attacks
Explanation
ISAPI filters are extensions for IIS web servers that can introduce vulnerabilities if not properly managed, so removing unnecessary ones reduces the attack surface.
Common mistakes.
- A. Social engineering attacks exploit human psychology, not web server configurations like ISAPI filters.
- C. Jailbreaking typically refers to gaining elevated privileges on mobile devices, not a direct exploit related to ISAPI filters on a web server.
- D. Wireless attacks target Wi-Fi infrastructure or protocols, which are unrelated to web server ISAPI filters.
Concept tested. Web server security hardening (ISAPI filters)
Topics
#ISAPI filters#web server security#attack surface reduction#IIS hardening
Community Discussion
No community discussion yet for this question.