SY0-501 · Question #69
SY0-501 Question #69: Real Exam Question with Answer & Explanation
The correct answer is B: Disable unnecessary services. The penetration tester discovered vulnerabilities in services like SMTP, POP, and FTP running on web servers, which are often unnecessary for a web server's primary function and expand its attack surface.
Question
An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?
Options
- AUse a honeypot
- BDisable unnecessary services
- CImplement transport layer security
- DIncrease application event logging
Explanation
The penetration tester discovered vulnerabilities in services like SMTP, POP, and FTP running on web servers, which are often unnecessary for a web server's primary function and expand its attack surface.
Common mistakes.
- A. A honeypot is designed to detect and learn about attacks by luring them, not to prevent the successful exploitation of unnecessary services running on production web servers.
- C. Implementing transport layer security (TLS) encrypts communications and provides authentication but does not inherently fix vulnerabilities within the services themselves or address the risk of running unnecessary services like Telnet.
- D. Increasing application event logging enhances detection and forensics capabilities but does not prevent the initial exploitation of vulnerabilities found in unnecessary services.
Concept tested. Server hardening by reducing attack surface
Community Discussion
No community discussion yet for this question.