Certified Ethical Hacker (CEH v12) — Question 192

You have been given the responsibility to ensure the security of your school's web server. As a step towards this, you plan to restrict unnecessary services running on the server. In the context of web server security, why is this step considered important?

Answer options

• A. Unnecessary services eat up server memory; save memory resources.
• B. Unnecessary services could contain vulnerabilities; minimize the attack surface.
• C. Unnecessary services reveal server software; hide software details.
• D. Unnecessary services slow down the server; optimize server speed.

Correct answer: B

Explanation

The correct answer, B, highlights that unnecessary services can have security flaws that attackers might exploit, thus increasing the server's vulnerabilities. Options A and D focus on resource and performance aspects rather than security. Option C mentions hiding software details, but it doesn't address the primary concern of minimizing vulnerabilities.