XK0-004 · Question #470
A security audit concludes that an organization's database servers need to be hardened. As a result, an administrator obtans tie fofcjwwng partial Nmap output from a database server. Which of the foll
The correct answer is D. Option D. Hardening a database server after an Nmap scan involves disabling or stopping unnecessary services that expose unneeded open ports.
Question
A security audit concludes that an organization's database servers need to be hardened. As a result, an administrator obtans tie fofcjwwng partial Nmap output from a database server. Which of the following commands should the administrator execute to mitigate security risks?
Exhibit
Options
- AOption A
- BOption B
- COption C
- DOption D
How the community answered
(39 responses)- A8% (3)
- B33% (13)
- C15% (6)
- D44% (17)
Why each option
Hardening a database server after an Nmap scan involves disabling or stopping unnecessary services that expose unneeded open ports.
Option A likely installs or enables an additional service, which increases rather than reduces the attack surface identified in the Nmap output.
Option B likely only stops a service temporarily without disabling it, meaning it would reactivate on reboot and leave the vulnerability unmitigated long-term.
Option C likely modifies a file permission or ownership setting that does not address the open network port identified as the security risk by Nmap.
Option D (not visible as text in this rendering) most likely uses 'systemctl stop' and 'systemctl disable' to shut down and prevent restart of a non-database service revealed as open by the Nmap output. Disabling unnecessary listening services reduces the server's attack surface in line with the principle of least exposure.
Concept tested: Disabling unnecessary services to harden a Linux server
Source: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/securing-services-with-firewalls_security-hardening
Topics
Community Discussion
No community discussion yet for this question.
