CompTIA
SK0-003 · Question #187
SK0-003 Question #187: Real Exam Question with Answer & Explanation
The correct answer is D. Apply all relevant updates and patches.. After a fresh Windows Server OS installation, the most critical first step according to best practices is to apply all available security updates and patches to protect against known vulnerabilities.
Server administration
Question
According to best practices, which of the following should be the FIRST step after a full boot into a newly installed Windows Server OS?
Options
- ARemove the Internet Explorer Enhanced Security configuration.
- BDisable the Guest account.
- CApportion additional storage.
- DApply all relevant updates and patches.
Explanation
After a fresh Windows Server OS installation, the most critical first step according to best practices is to apply all available security updates and patches to protect against known vulnerabilities.
Common mistakes.
- A. Removing the Internet Explorer Enhanced Security configuration often reduces the server's security posture and is typically performed later, if at all, based on specific application requirements, not as an initial security best practice.
- B. While disabling the Guest account is a good security practice, on modern Windows Server installations, it is often disabled by default, and patching against systemic vulnerabilities takes precedence over user account management as the immediate first step.
- C. Apportioning additional storage is a system configuration task related to resource allocation, which, while important, is not a foundational security or stability measure that should precede patching a newly installed OS.
Concept tested. Windows Server initial configuration best practices
Reference. https://learn.microsoft.com/en-us/windows-server/security/security-best-practices-for-windows-server
Topics
#Windows Server#server setup#updates and patches#best practices
Community Discussion
No community discussion yet for this question.