Helen, a penetration tester, discovered during a penetration testing engagement with a company that redundant ISAPI filters were enabled on one of the web servers. In her recommendations, she emphasized the importance of disabling all unnecessary ISAPI filters. What specific purpose does disabling these unused filters serve in terms of mitigation?