CompTIA Server+ (SK0-005) — Question 61

A systems administrator has been alerted to a zero-day vulnerability that is impacting a service enabled on a server OS. Which of the following would work BEST to limit an attacker from exploiting this vulnerability?

Answer options

• A. Installing the latest patches
• B. Closing open ports
• C. Enabling antivirus protection
• D. Enabling a NIDS

Correct answer: B

Explanation

Closing open ports is the best method to limit exposure to the zero-day vulnerability since it directly restricts access to the affected service. While installing the latest patches is important, it might not be available immediately for a zero-day vulnerability. Enabling antivirus protection and a NIDS can help detect or mitigate threats, but they do not prevent exploitation of the vulnerability as effectively as closing the ports.