Which action is recommended to minimize potential attack surface by removing unnecessary components?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI Approved Scanning Vendor (ASV) Test. Study with flashcards, multiple choice questions, hints, and explanations. Get exam ready!

Multiple Choice

Which action is recommended to minimize potential attack surface by removing unnecessary components?

Explanation:
Reducing the attack surface means removing anything the system doesn’t need so there are fewer ways an attacker could exploit it. The best approach is to strip out all unnecessary functionality, not just a subset. This includes disabling or removing scripts, drivers, features, subsystems, file systems, and any web servers that aren’t required. By eliminating these elements, you reduce the number of code paths, interfaces, and entry points that could be attacked, making the system inherently harder to compromise. Focusing only on non-critical components leaves plenty of potential weaknesses in place, since other unnecessary parts may still be active. Limiting removal to external interfaces ignores internal surfaces that could be exploited, and removing user data backups doesn't reduce attack opportunities at all—it harms recovery and availability instead. The most effective practice is to apply the principle of least functionality: keep only what’s necessary for operation, remove the rest, and verify that essential functions still work.

Reducing the attack surface means removing anything the system doesn’t need so there are fewer ways an attacker could exploit it. The best approach is to strip out all unnecessary functionality, not just a subset. This includes disabling or removing scripts, drivers, features, subsystems, file systems, and any web servers that aren’t required. By eliminating these elements, you reduce the number of code paths, interfaces, and entry points that could be attacked, making the system inherently harder to compromise.

Focusing only on non-critical components leaves plenty of potential weaknesses in place, since other unnecessary parts may still be active. Limiting removal to external interfaces ignores internal surfaces that could be exploited, and removing user data backups doesn't reduce attack opportunities at all—it harms recovery and availability instead. The most effective practice is to apply the principle of least functionality: keep only what’s necessary for operation, remove the rest, and verify that essential functions still work.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy