An organization has hired a penetration tester to test the security of its ten web servers. The penetration
tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated
with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following
recommendations should the penetration tester provide to the organization to better protect their web
servers in the future?

A.
Use a honeypot

B.
Disable unnecessary services

C.
Implement transport layer security

D.
Increase application event logging