An organization has hired a penetration tester to test the security of its ten web servers. The
penetration tester is able to gain root/administrative access in several servers by exploiting
vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP.
Which of the following recommendations should the penetration tester provide to the organization
to better protect their web servers in the future?
A.
Use a honeypot
B.
Disable unnecessary services
C.
Implement transport layer security
D.
Increase application event logging
Explanation: