What is the best approach for dealing with services or utilities that are installed on a system but not needed to perform their desired function?
What is the best approach for dealing with services or utilities that are installed on a system but not needed to perform their desired function?
The best approach for dealing with services or utilities that are installed on a system but are not needed is to remove them entirely. This eliminates the risk of them being inadvertently or maliciously reactivated and removes the necessity for ongoing maintenance and patching. Disabling them may still leave them susceptible to being restarted by a system or human error, while stopping them doesn’t address the future potential for their reactivation.
Remember that all questions are looking for the BEST option. Disable is possible, but removing the unused services is the best.
I agree with the answer of removing services and utilities. -Think of all services CSPs offer, if you've provisioned services that aren't needed then they are an attack vector; e.g., S3 buckets (*ding ding* (remove, restrict, encrypt, etc)), public API Gateways, any other publicly exposed service, etc. -Think of Linux and other OS' that allow you to install and remove services and utilities; e.g., SMB, NFS, iSCSI, NTP, CUPS, DNS, LDAP... etc. -Think of rampant or forgotten instances themselves that run services that are not longer needed; decommission and remove
Answer should be disabled service not remove as system service we cannot remove
Remove- See above for other explanations.
All non essential services should be stopped and set to disabled to ensure that they do not run. Al non essential software should be removed from the system. So key point here is services. So disable is the best (note you must disable after stopping the service as stopping alone cannot prevent from running again.)
-All guest accounts are removed -All unnecessary services are disabled(Correct answer)
Disabling unnecessary services reduces resource usage and minimizes potential security risks.
C. Disable
Unneeded services are disabled not removed.