Which configuration exposes a large attack surface, such as through unnecessary open service ports, weak or no authentication, use of default credentials, or lack of secure communications/encryption?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which configuration exposes a large attack surface, such as through unnecessary open service ports, weak or no authentication, use of default credentials, or lack of secure communications/encryption?

Explanation:
When a system is configured in a way that leaves services exposed and credentials weak, the number of pathways an attacker can use to breach the environment increases dramatically. An unsecure network often results from keeping unnecessary services listening on open ports, using insecure communication protocols, and relying on weak or no authentication. Default credentials that haven’t been changed, combined with lack of encryption, create easy entry points for attackers who can scan for open ports, identify weak setups, and gain access without much friction. This combination effectively enlarges the attack surface because every open port, weak login, or plaintext channel adds a potential doorway into the system. The other options describe different kinds of risk. A supply chain issue concerns vulnerabilities introduced through third-party components or vendors, not the immediate misconfiguration of a network. Phishing and impersonation are social engineering and identity-based attacks, which exploit human factors rather than being primarily about insecure network configurations. To reduce this risk, close unnecessary ports, disable unused services, enforce strong authentication and credential hygiene (changing defaults, using multi-factor authentication), and enable secure communications (TLS everywhere).

When a system is configured in a way that leaves services exposed and credentials weak, the number of pathways an attacker can use to breach the environment increases dramatically. An unsecure network often results from keeping unnecessary services listening on open ports, using insecure communication protocols, and relying on weak or no authentication. Default credentials that haven’t been changed, combined with lack of encryption, create easy entry points for attackers who can scan for open ports, identify weak setups, and gain access without much friction. This combination effectively enlarges the attack surface because every open port, weak login, or plaintext channel adds a potential doorway into the system.

The other options describe different kinds of risk. A supply chain issue concerns vulnerabilities introduced through third-party components or vendors, not the immediate misconfiguration of a network. Phishing and impersonation are social engineering and identity-based attacks, which exploit human factors rather than being primarily about insecure network configurations.

To reduce this risk, close unnecessary ports, disable unused services, enforce strong authentication and credential hygiene (changing defaults, using multi-factor authentication), and enable secure communications (TLS everywhere).

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy