CV0-002 · Question #112
A system administrator is tasked to harden a server so that it is not accessible using HTTP. Which of the following tools or techniques should the administrator use to accomplish this? (Select two.)
The correct answer is C. Encryption software D. Disable port 80. To harden a server by preventing HTTP access, an administrator should disable port 80 and implement encryption software for HTTPS if secure web access is still required.
Question
A system administrator is tasked to harden a server so that it is not accessible using HTTP. Which of the following tools or techniques should the administrator use to accomplish this? (Select two.)
Options
- AChange default passwords on the server
- BAntivirus software
- CEncryption software
- DDisable port 80
- EDisable port 443
- FFirewall
- GPatch management server
How the community answered
(43 responses)- A9% (4)
- B2% (1)
- C84% (36)
- E5% (2)
Why each option
To harden a server by preventing HTTP access, an administrator should disable port 80 and implement encryption software for HTTPS if secure web access is still required.
Changing default passwords is a crucial general security practice but does not specifically prevent HTTP access to a server.
Antivirus software protects against malware but does not directly control access via specific network protocols like HTTP.
Encryption software, specifically SSL/TLS certificates and configuration, is necessary to enable HTTPS (secure HTTP), which allows the server to remain accessible via a secure web protocol while preventing insecure HTTP communication.
Disabling port 80, which is the standard port for unencrypted HTTP traffic, directly prevents any insecure HTTP access to the server, fulfilling the hardening requirement.
Disabling port 443 would prevent HTTPS access, which is the secure alternative to HTTP, and would be counterproductive to hardening if web services are still needed.
A firewall is a tool used to implement port disabling (like port 80), but 'disable port 80' is the specific technique that directly addresses the HTTP accessibility requirement.
Patch management keeps software up to date but does not directly control protocol-specific access like HTTP.
Concept tested: Server hardening, HTTP security, port disabling
Source: https://learn.microsoft.com/en-us/windows-server/security/tls/transport-layer-security-protocol-overview
Topics
Community Discussion
No community discussion yet for this question.