You are planning to install a Microsoft SQL Server database server that will be used by a web application.
You need to minimize the attack surface area.
Which two actions should you perform? Each correct answer presents part of the solution.
A . Use a single user account to start all database services.
B . Install only the database engine and disable other features.
C . Install the database server on a server core installation of Windows Server 2008 R2.
D . Set the database service to start automatically.
E . Install the database server as a named instance.
Answer: B,C
Explanation:
To reduce the attack surface area and to make sure you are not affected by undiscovered service vulnerabilities, disable any service that is not required
Because Server Core has fewer system services running on it than a Full installation does, there’s less attack surface (that is, fewer possible vectors for malicious attacks on the server). This means that a Server Core installation is more secure than a similarly configured Full installation.
References:
https://msdn.microsoft.com/en-us/library/dd184076.aspx https://msdn.microsoft.com/en-us/library/ff648664.aspx#c18618429_010