You work for a small city IT department and you have been ta

You work for a small city IT department, and you have been tasked with securing the servers that provide all the services for city employees and for city residents. You have configured the firewall, installed and configured an intrusion detection device, and set very strong passwords on the servers. You believe the servers are safe from malicious intruders. Of the following, what else should you do to protect the servers? (Choose three.)

A. Set up BIOS security.

B. Use antiphishing software.

C. Use antivirus software.

D. Lock the server room door.

Solution

A, C, and D. You should use BIOS security to make sure anyone with physical access to the servers cannot make changes to the BIOS of the servers that would allow a malicious attack. Give the BIOS passwords only to authorized personnel. All servers should have the latest antivirus software installed with updated definitions to prevent infection by malicious software designed to compromise these machines. Often, physical security of servers is ignored. Even if you lock down your server system from remote attacks, the simplest way to take down your system is to go into the server room and start a fire. Lock the server room, use an alarm system, and make sure only authorized personnel have the keys and alarm codes.