Certified Ethical Hacker (CEH v11) — Question 11

Why should the security analyst disable/remove unnecessary ISAPI filters?

Answer options

• A. To defend against social engineering attacks
• B. To defend against webserver attacks
• C. To defend against jailbreaking
• D. To defend against wireless attacks

Correct answer: B

Explanation

Disabling or removing unnecessary ISAPI filters helps to minimize the attack surface of a web server, thereby reducing the chances of webserver attacks. The other options, such as social engineering, jailbreaking, and wireless attacks, do not directly relate to the function of ISAPI filters in web server security.