Certified Information Systems Auditor (CISA) — Question 1332

Which of the following is the BEST way to reduce the attack surface for a server farm?

Answer options

• A. Implement effective vulnerability management procedures.
• B. Uninstall unnecessary applications and services.
• C. Evaluate server configuration periodically.
• D. Ensure applications are periodically patched.

Correct answer: B

Explanation

The correct answer, B, is the best option because uninstalling unnecessary applications and services directly reduces potential entry points for attackers. While implementing vulnerability management, evaluating configurations, and patching applications are all important security practices, they do not address the attack surface as effectively as removing unused software.