Certified Ethical Hacker (CEH v13) — Question 278

You have been given the responsibility to ensure the security of your school's web server. As a step towards this, you plan to restrict unnecessary services running on the server. In the context of web server security, why is this step considered important?

Answer options

• A. Unnecessary services eat up server memory; save memory resources.
• B. Unnecessary services could contain vulnerabilities; minimize the attack surface.
• C. Unnecessary services reveal server software; hide software details.
• D. Unnecessary services slow down the server; optimize server speed.

Correct answer: B

Explanation

The correct answer is B because unnecessary services can introduce vulnerabilities that attackers might exploit, thereby increasing the risk to the server. Options A, C, and D, while they mention valid concerns, do not directly address the primary security risk posed by leaving unnecessary services running.