Why should unnecessary ISAPI filters be disabled or removed?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Why should unnecessary ISAPI filters be disabled or removed?

Explanation:
Reducing the web server’s attack surface by removing unused ISAPI filters. ISAPI filters are dynamic modules loaded into the IIS process that can alter how requests and responses are handled. If a filter is unnecessary, disabled, or poorly secured, it becomes a potential entry point for attackers to execute code, access data, or take control of the server. Keeping only the filters you truly need minimizes the number of code paths an attacker could exploit, making the server harder to compromise. The other options don’t address this security risk as directly: removing filters isn’t primarily about database performance or bandwidth, and while filters can influence SSL handling, the central benefit here is reducing exposed functionality to defend against webserver attacks.

Reducing the web server’s attack surface by removing unused ISAPI filters. ISAPI filters are dynamic modules loaded into the IIS process that can alter how requests and responses are handled. If a filter is unnecessary, disabled, or poorly secured, it becomes a potential entry point for attackers to execute code, access data, or take control of the server. Keeping only the filters you truly need minimizes the number of code paths an attacker could exploit, making the server harder to compromise. The other options don’t address this security risk as directly: removing filters isn’t primarily about database performance or bandwidth, and while filters can influence SSL handling, the central benefit here is reducing exposed functionality to defend against webserver attacks.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy