Exam CCSP topic 1 question 52 discussion

Remember that all questions are looking for the BEST option. Disable is possible, but removing the unused services is the best.

I agree with the answer of removing services and utilities. -Think of all services CSPs offer, if you've provisioned services that aren't needed then they are an attack vector; e.g., S3 buckets (*ding ding* (remove, restrict, encrypt, etc)), public API Gateways, any other publicly exposed service, etc. -Think of Linux and other OS' that allow you to install and remove services and utilities; e.g., SMB, NFS, iSCSI, NTP, CUPS, DNS, LDAP... etc. -Think of rampant or forgotten instances themselves that run services that are not longer needed; decommission and remove

The best approach for dealing with unnecessary services or utilities on a system is to remove them completely. This reduces the attack surface, eliminates potential security vulnerabilities, and minimizes resource consumption. 🔹 Why "Remove" is the Best Option? Eliminates potential exploits → Attackers can’t target what isn’t there. Frees up system resources → Improves performance and efficiency. Simplifies maintenance → Reduces the need for patching and monitoring unused services.

Remove is better than disable, disabled can be enabled again by malicious actor

A because it reduces Attack surface, eliminates the maintanenance headache and also some frameworks such as ISO 27001,CIS benchmarks recommends removing the unused services or ulities. If removal is not possible then disabling is the next best option.

Remove. The best approach is to remove unnecessary services or utilities to reduce potential attack surfaces.

Disabling unnecessary services reduces resource usage and minimizes potential security risks.

C. Disable

Unneeded services are disabled not removed.

-All guest accounts are removed -All unnecessary services are disabled(Correct answer)

Answer should be disabled service not remove as system service we cannot remove