What is the purpose of blocking services on any given server?

A.
To limit the number of targets a cracker can choose from

B.
To limit the number of
1D0-470
processes that run at any given time, enhancing response time in case of a security breach

C.
To keep the operating system and its processes as simple as possible so administration is easier

D.
None; most services are needed and pose only minor security threats

Explanation:
Unnecessary services running on a server should either be blocked or disabled. If the service is for the intranet and not required to be accessed from outside the organization, then those services should be blocked at the firewall. Leaving the service open in any of these cases leaves another target for the cracker to attack. The less services exposed, the less points of exposure.
Incorrect Answers:
B: Services that are not being used, but continue to run, usually do not consume much resources. Stopping those services will not gain that much of a performance gain.
C: Actually, keeping track of which services have to be disabled or blocked wil slightly increase administration, since you are going against the norm and changing the system from the default installation. Operations of the system may be simpler with less tasks, but this is not the main purpose from a security perspective.
D: Not all services are required. For example, everyone does not need to be running a FTP server at their desk, and turning off the finger service will not prevent other programs from running.