1) Describe the steps necessary for hardening the Server 2016/2019 with respect to various components such as:

1. 1. Removing unnecessary components
   2. File system maintenance (isolation of sensitive data)
   3. User restrictions (access and authorizations)
   4. User/Group/File Management
   5. Password Standards and Requirements
   6. Shutting Down Unnecessary/Unneeded Services

2) After securely installing Server 2016/2019; removing or shutting down unnecessary components and services, closing unnecessary ports, and ensuring that all patches and updates are applied, how can you test that you have properly implemented hardened your system?

3) Can you always go directly from a vulnerability scan report to a corrective action? Why or why not? Discuss in detail.