Which action helps reduce the attack surface by removing unnecessary functionality?

• A. Leave all functionality in place to ensure capabilities.
• B. Add new features to expand capabilities.
• C. Disable security features to speed up deployment.
• D. Remove all unnecessary functionality, such as scripts, drivers, features, subsystems, file systems, and unnecessary web servers.

Answer: (B)

Reducing the attack surface means limiting what a system exposes to potential attackers by removing anything that isn’t needed for its purpose. By stripping away unnecessary functionality—such as unused scripts, drivers, features, subsystems, file systems, and web servers—you cut the number of code paths, services, and configurations that could be exploited. Fewer components translate to fewer vulnerabilities to patch, fewer misconfigurations to monitor, and less to manage overall. Keeping everything in place or adding new features would increase opportunities for attackers, while disabling security features just to speed deployment defeats the goal and raises risk. So removing unnecessary functionality best achieves a smaller, more secure surface for attackers to probe.