SY0-701 · Question #1000
SY0-701 Question #1000: Real Exam Question with Answer & Explanation
The correct answer is A: Attack surface reduction. Attack surface reduction involves minimizing the number of exploitable points, such as unused servers, open ports, and publicly exposed contact information, that attackers could target.
Question
After completing an annual external penetration test, a company receives the following guidance: - Decommission two unused web servers currently exposed to the internet. - Close 18 open and unused ports found on their existing production web servers. - Remove company email addresses and contact info from public domain registration records. Which of the following security practices best describes these recommendations?
Options
- AAttack surface reduction
- BVulnerability assessment
- CTabletop exercise
- DBusiness impact analysis
Explanation
Attack surface reduction involves minimizing the number of exploitable points, such as unused servers, open ports, and publicly exposed contact information, that attackers could target.
Community Discussion
No community discussion yet for this question.