nerdexam
EC-Council

312-50V9 · Question #139

To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

The correct answer is C. Hardening. System hardening is the process of reducing a system's attack surface by removing unnecessary software and services and correcting insecure default configurations.

System Hacking

Question

To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

Options

  • AHarvesting
  • BWindowing
  • CHardening
  • DStealthing

How the community answered

(30 responses)
  • A
    7% (2)
  • B
    3% (1)
  • C
    87% (26)
  • D
    3% (1)

Why each option

System hardening is the process of reducing a system's attack surface by removing unnecessary software and services and correcting insecure default configurations.

AHarvesting

Harvesting refers to collecting data or credentials from a target system and is not a defensive configuration process.

BWindowing

Windowing is not a recognized security configuration process - it typically refers to time-based filtering in networking or data processing contexts.

CHardeningCorrect

Hardening refers to the systematic process of securing a system by disabling or removing unnecessary services and software, applying security patches, and correcting insecure default configurations. This directly reduces the attack surface by eliminating potential entry points an attacker could exploit. It is a foundational security practice codified in frameworks such as CIS Benchmarks and NIST SP 800-123.

DStealthing

Stealthing refers to concealing a system or its open ports from network scanning, not to removing unnecessary services or correcting insecure settings.

Concept tested: System hardening to reduce attack surface

Source: https://csrc.nist.gov/publications/detail/sp/800-123/final

Topics

#system hardening#attack surface reduction#security configuration#unnecessary services

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice