CompTIA Security+ (SY0-701) — Question 217

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Choose two.)

Answer options

• A. Disable default accounts.
• B. Add the server to the asset inventory.
• C. Remove unnecessary services.
• D. Document default passwords.
• E. Send server logs to the SIEM.
• F. Join the server to the corporate domain.

Correct answer: A, C

Explanation

Disabling default accounts (A) helps prevent unauthorized access since these accounts are often targeted by attackers. Removing unnecessary services (C) reduces the attack surface of the server, minimizing potential vulnerabilities. The other options, while important for management and monitoring, do not directly contribute to the hardening process.