D. A nonessential service is any element that isn't needed by the primary function of the server. In most cases, a web server doesn't use the print spooler service, but it often uses the server, DNS, and FTP services.

C. The most reliable countermeasure against malicious code is an antivirus scanner. User-behavior modification, managing media, and disabling mobile code are all countermeasures against malicious code, but they aren't as reliable and effective as antivirus scanners.

A. IMAP functions over TCP port 143. SMTP functions over TCP port 25. POP3 functions over TCP port 110. SSL and TLS function over TCP port 443.

D. This e-mail is likely a hoax. When you receive an e-mail hoax, the first step is to inform your network administrator. Don't follow its directions, forward it to others, or open any attachments.

B. If only signed applets are allowed to download through a web browser, you gain protection from unknown sourced ActiveX components. Applet signing doesn't affect CGI, cookies, or IM.

B. Removing unneeded services and protocols is an operating system hardening step that should come before any of the other three.

C. Illegal or unauthorized zone transfers are a significant and direct threat to DNS servers.

D. A phage virus is able to regenerate itself from any of its remaining parts.

A. The only real option to return a system to a secure state after a rootkit is reconstitution.

C. A security template alone cannot return a system to its precomprised state.