Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following?

A.
Application patch management

B.
Cross-site scripting prevention

C.
Creating a security baseline

D.
System hardening

Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling
unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary
services.
Incorrect Answers:
A: Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps
protect a systems from newly discovered attacks and vulnerabilities.
B: Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors.
XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.
C: A security baseline is the security setting of a system that is known to be secure. This is the initial security setting of a system. Once the baseline has been
applied, it must be maintained or improved. Maintaining the security baseline requires continuous monitoring.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 61, 215-217, 220
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 195, 207-208, 231-232