Certified Ethical Hacker (CEH v12) — Question 46

Larry, a security professional in an organization, has noticed some abnormalities in the user accounts on a web server. To thwart evolving attacks, he decided to harden the security of the web server by adopting a few countermeasures to secure the accounts on the web server.
Which of the following countermeasures must Larry implement to secure the user accounts on the web server?

Answer options

• A. Retain all unused modules and application extensions.
• B. Limit the administrator or root-level access to the minimum number of users.
• C. Enable all non-interactive accounts that should exist but do not require interactive login.
• D. Enable unused default user accounts created during the installation of an OS.

Correct answer: B

Explanation

The correct answer is B because limiting administrator or root-level access reduces the risk of unauthorized access and potential breaches. Options A, C, and D would actually increase the security risk by retaining unnecessary modules, enabling accounts that shouldn’t be active, or keeping default accounts that could be exploited.