CompTIA Linux+ (XK0-005) — Question 231

Which of the following actions are considered good security practices when hardening a Linux server? (Choose two.)

Answer options

• A. Renaming the root account to something else
• B. Removing unnecessary packages
• C. Changing the default shell to /bin/csh
• D. Disabling public key authentication
• E. Disabling the SSH root login possibility
• F. Changing the permissions on the root filesystem to 600

Correct answer: B, E

Explanation

Removing unnecessary packages helps reduce the attack surface of the server, while disabling the SSH root login enhances security by preventing direct access to the root account. The other options either do not significantly increase security or can introduce vulnerabilities, such as renaming the root account, which does not prevent unauthorized access effectively.