Skip to Content

CompTIA CAS-004: What is the First Step to Reduce Attack Surface for Vulnerable End-of-Support Systems?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Learn the first step to reduce attack surface for vulnerable, end-of-support systems with limited defensive capabilities. Detailed explanation for CompTIA CAS-004 exam prep.

Table of Contents

Question

A company has identified a number of vulnerable, end-of-support systems with limited defensive capabilities. Which of the following would be the first step in reducing the attack surface in this environment?

A. Utilizing hardening recommendations
B. Deploying IPS/IDS throughout the environment
C. Installing and updating antivirus
D. Installing all available patches

Answer

A. Utilizing hardening recommendations

Explanation

When dealing with vulnerable, end-of-support systems that have limited defensive capabilities, the first step in reducing the attack surface should be to utilize system hardening recommendations and best practices. System hardening involves securing the configuration of the operating systems and applications to reduce vulnerabilities and potential attack vectors.

Hardening steps may include:

  • Disabling unnecessary services, protocols, and ports
  • Removing or disabling unneeded software and user accounts
  • Implementing strong password policies and access controls
  • Configuring logging and auditing to detect suspicious activity
  • Applying the principle of least privilege for user permissions
  • Segmenting the vulnerable systems from other parts of the network

While the other options like deploying IPS/IDS, updating antivirus, and installing available patches are also important defensive measures, they should come after the initial system hardening. Hardening helps lock down the inherent vulnerabilities in the outdated, unpatched systems. The other controls add layers of defense on top of the hardened configuration.

So in summary, utilizing hardening recommendations is the crucial first step because it directly reduces the attack surface of the vulnerable end-of-support systems themselves. This makes it more difficult for attackers to gain an initial foothold. The hardened systems then serve as a more secure foundation on which to layer additional defensive tools and patch management.

CompTIA CAS-004 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA CAS-004 exam and earn CompTIA CAS-004 certification.