A logistics company’s vulnerability scan identifies the following vulnerabilities on Internet-facing devices in the DMZ:
SQL injection on an infrequently used web server that provides files to vendors SSL/TLS not used for a website that contains promotional information
The scan also shows the following vulnerabilities on internal resources:
Microsoft Office Remote Code Execution on test server for a human resources system TLS downgrade vulnerability on a server in a development network
In order of risk, which of the following should be patched FIRST?
A. Microsoft Office Remote Code Execution
B. SQL injection
C. SSL/TLS not used
D. TLS downgrade
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
