Question

Geoff is responsible for hardening systems on his network and discovers that a number of network appliances have exposed services including telnet, FTP, and web servers. What is his best option to secure these systems?

A. Enable host firewalls.
B. Install patches for those services.
C. Turn off the services for each appliance.
D. Place a network firewall between the devices and the rest of the network.

Answer 1

The best option for Geoff to secure these systems is to install patches for those services. Patches are updates released by software vendors to fix vulnerabilities and improve security.

Step-by-step explanation:

The best option for Geoff to secure these systems is to install patches for those services. Patches are updates released by software vendors to fix vulnerabilities and improve security. By regularly applying these patches, Geoff can ensure that the exposed services on the network appliances are up to date and protected against known security threats.

While enabling host firewalls and turning off the services for each appliance (options A and C) may provide some level of security, they are not as effective as installing patches. Host firewalls can help block incoming connections, but they cannot address vulnerabilities in the services themselves. Turning off services may eliminate the risk, but it may also limit the functionality of the network appliances.

Placing a network firewall between the devices and the rest of the network (option D) is a good practice, but it should be used in conjunction with other measures like installing patches. A network firewall can provide an additional layer of defense by controlling access to the network appliances, but it cannot fix vulnerabilities in the exposed services.