Nonessential Services and Protocols

Systems installed in default configurations often include many unnecessary services that are configured automatically. These provide many potential avenues for unauthorized access to a system or network. Many services have known vulnerabilities that require specific actions to make them more secure or that might be used to simply impair system function by causing additional processing overhead.

graphics/note_icon.gif

The denial of service (DoS) attack against an unneeded Web service is one example of a possible way in which a nonessential service could cause problems for an otherwise functional system.


Common default-configuration exploits include services, such as anonymous-access FTP servers, as well as network protocols, such as the Simple Network Management Protocol (SNMP).

graphics/alert_icon.gif

If you are presented with a question that asks you to choose "all that apply," you might be tempted to simply pick all the above to make sure that all requirements are covered. Be wary of this option, because it will generally also cause the installation of unnecessary services or protocols. Therefore, read the question carefully to determine exactly what is required.




Security+ Exam Cram 2 (Exam SYO-101)
Security+ Certification Exam Cram 2 (Exam Cram SYO-101)
ISBN: 0789729105
EAN: 2147483647
Year: 2005
Pages: 162

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net