Web-based administration is a feature that allows users to configure and manage routers through a web browser interface. While this feature can provide convenience and ease of use, it can also pose a security risk, especially if the web interface is exposed to the internet or uses weak authentication or encryption methods. Web-based administration can be exploited by attackers to gain unauthorized access to the router's settings, firmware, or data, or to launch attacks such as cross-site scripting (XSS) or cross-site request forgery (CSRF). Therefore, disabling web-based administration is a good practice to harden the routers within the corporate network. Console access, routing protocols, and VLANs are other features that can be configured on routers, but they are not the most appropriate to disable for hardening purposes. Console access is a physical connection to the router that requires direct access to the device, which can be secured by locking the router in a cabinet or using a strong password. Routing protocols are essential for routers to exchange routing information and maintain network connectivity, and they can be secured by using authentication or encryption mechanisms. VLANs are logical segments of a network that can enhance network performance and security by isolating traffic and devices, and they can be secured by using VLAN access control lists (VACLs) or private VLANs (PVLANs).

Capacity planning is the process of determining the resources needed to meet the current and future demands of an organization.
Capacity planning can help a company develop a business continuity strategy by estimating how many staff members would be required to sustain the business in the case of a disruption, such as a natural disaster, a cyberattack, or a pandemic.
Capacity planning can also help a company optimize the use of its resources, reduce costs, and improve performance.

Comprehensive and Detailed In-Depth Explanation:The first step in securing a newly deployed server is to close unnecessary service ports. Open ports can expose the server to unauthorized access and potential cyber threats. By closing unused ports, the attack surface is reduced, limiting the number of entry points available to attackers.
* Updating the software version (B)andupgrading the OS version (D)are important security measures but should follow the step of securing open ports to prevent immediate exposure to threats.
* Adding the device to the Access Control List (ACL) (C)is a step in network security but does not directly secure the server itself against potential attacks.
Closing unnecessary ports helps in minimizing the risk of network-based attacks, such asport scanning and exploitation of default services.

Full disk encryption (A)ensures that data stored on the device is protected even if the device is physically stolen. This is a fundamental security control for end-user devices, especially laptops and mobile devices, to prevent data breaches.
Endpoint protection (D)refers to anti-malware, antivirus, and host-based firewall solutions that safeguard end- user devices from malware, ransomware, and unauthorized access.
These measures are explicitly referenced in theCompTIA Security+ SY0-701exam objective2.2: Given a scenario, apply security concepts in support of organizational risk mitigationunderDevice hardening.
Reference: CompTIA Security+ SY0-701 Official Exam Objectives, Domain 2.2 - "Device hardening (e.g., full disk encryption, antivirus/antimalware, endpoint detection and response)."

A backup strategy that combines weekly full backups with daily incremental backups stored on a NAS (Network Attached Storage) drive is likely to meet an organization's Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs). This approach ensures that recent data is regularly backed up and that recovery can be done efficiently, without significant data loss or lengthy downtime.
Reference =
CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.
CompTIA Security+ SY0-601 Study Guide: Chapter on Disaster Recovery and Backup Strategies.