A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months.
Which of the following would BEST secure the web server until the replacement web server is ready?
A. Patch management
B. Antivirus
C. Application firewall
D. Spam filters
E. HIDS
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
tricky question 🙂
plz Remember
HIDS: detect only, can’t prevent attack
So
WAF can prevent attacks on web Applications
I don’t know how to feel about this one. Web Application Firewall (C) and HID (E) are both great answers but I feel like the key to determining the answer is very subtle. They stated web SERVER as opposed to web APPLICATION, which could mean you may not even need to access the website directly for exploitation. The WAF seems to protect an entity from OUTSIDE/EXTERNAL users so what about the users who are internal and could bypass the WAF (potentially). The HID would be installed on the host period and would watch and alert on external and internal.
A: Patch management – Fixing the vulnerability is patching. So no, as it would apparently break the application.
B: Antivirus –
C: Application Firewall – Application layer firewall, WAF in the book(s). This would probably be my answer to.
D: Spam Filters – Err what. Spam Filters are for mail.
E: HIDS – Host based intrusion detection (passive). Better than nothing but not great, does not intrude. However it does say requires 99.99 and that may be better as this is not going to have any false positives like HIPS may.
My thoughts, but I’d love to hear others as well :).
I’m with ya! C
Yep, looks like C is the correct answer in this context
Why wouldn’t this be C. application layer firewall?
because the question is specific to the web server?