Well, first think what specific security risk you want to want to address. Virus loadable modules? I'm not kidding, it's a risk, and it's the ULTIMATE way to attack a system, if done right, it can be made totally undetectable. You control every aspect of the system, and can subvert and defeat all detection tools.
That said, I have not yet seen an attack that uses this (I have a cert in Unix security administration, and everywhere it's mentioned as a hypothetical risk,
so far). So if after after *all other* measures, such as tripwiring your system, making key config files immutable, read-only mounting /boot and /usr, a firewall, the whole 9 yards, you STILL feel it's an unacceptable risk, go ahead.
You will not be able, I think, to produce a non-modular kernel from the unchanged config file. The RH-premade kernel has all kinds of support for everything imaginable, small matter with modules, but if you compile everything in, the kernel will be way too big. So you need to tailor your kernel to the essentials, disable all other network hardware not on your system, IDE chipsets not on your system, go through the configuration with a fine comb and weed out stuff. The remaining drivers previously compiled as modules must then be changed to be compiled in. I don't know if globally disabling module support does that, but I doubt it. Then you might have a chance to get a kernel that's small enough.
I went through part of this exercise to make a Rescue CD that Eqwatz mentions, goto http://www.phenix.bnl.gov/~purschke/RescueCD/
(yes, that's my page) for a self-service self-made R-CD and some of the ramifications. For that bare-bones rescue system, I got the kernel size down to about 800k, but it took some doing.
My gut feeling is, it's overly paranoid, and it's not a substitute for other standard measures, some listed above.
Hope it helps,