The number of running services on a system falls under which type of attack surface?

The number of running services on a system is classified under the application attack surface. The application attack surface pertains to the various points within a software application where an attacker can exploit vulnerabilities. Each running service presents potential entry points that could be targeted by malicious actors.

When services are operational, they can have specific configurations, permissions, and interfaces, which can be exploited if they have security flaws. Keeping track of the number of running services is essential for maintaining security as it helps in identifying minimal necessary services, thereby reducing potential vulnerabilities. Over time, unnecessary or outdated services might open up more pathways for an attacker, highlighting the importance of a well-managed application attack vector.

Other types of attack surfaces focus on different aspects: network involves points accessible through network connections, physical pertains to direct physical access to hardware, and human relates to threats posed by user actions. Each of these surfaces has unique characteristics and risks associated with them, but the operational state of running services is specifically categorized under the application attack surface due to its relevance to software vulnerabilities.