Which THREE are best practices for securing a Linux server? (Choose exactly three.)
Controls network access to the server.
Why this answer
A host-based firewall (e.g., iptables, nftables, or firewalld) controls incoming and outgoing traffic at the server level, enforcing least-privilege network access. By default, it can block all traffic except explicitly allowed services (e.g., SSH on port 22, HTTPS on port 443), reducing the attack surface. This is a fundamental security control to prevent unauthorized network connections.
Exam trap
CompTIA often tests the misconception that a permissive umask (like 0777) is secure because it 'blocks everything,' but in reality, umask subtracts permissions, so 0777 actually removes all permissions, which is not a best practice and can cause operational issues; the trap is confusing umask subtraction with direct permission setting.