nerdexam
ExamsSY0-301Questions#388
CompTIA

SY0-301 · Question #388

SY0-301 Question #388: Real Exam Question with Answer & Explanation

The correct answer is D: Disabling unnecessary services. Disabling unnecessary services is the most direct preventative control for reducing the attack surface of a specific host.

Question

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Options

  • AInstalling anti-malware
  • BImplementing an IDS
  • CTaking a baseline configuration
  • DDisabling unnecessary services

Explanation

Disabling unnecessary services is the most direct preventative control for reducing the attack surface of a specific host.

Common mistakes.

  • A. Installing anti-malware adds a detection and blocking layer against malicious software but does not remove unused services or close ports, so it does not reduce the attack surface.
  • B. An IDS is a detective control that monitors traffic and generates alerts on suspicious activity; it does not remove attack vectors or reduce the number of exploitable services.
  • C. Taking a baseline configuration documents the current state of a system for change comparison; it is an operational practice and does not actively reduce the number of services or entry points on the host.

Concept tested. Attack surface reduction by disabling unnecessary services

Reference. https://learn.microsoft.com/en-us/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice