Question: A vulnerability scan returned the following results for a web server that hosts multiple wiki sites: Apache-HTTPD-cve-2014-023: Apache HTTPD: mod_cgid denial of service CVE-20140231 Due

A vulnerability scan returned the following results for a web server that hosts multiple wiki sites: Apache-HTTPD-cve-2014-023: Apache HTTPD: mod_cgid denial of service CVE-20140231

Due to a flaw found in mog_cgid, a server using mod_cgid to host CGI scripts could be vulnerable to a DoS attack caused by a remote attacker who is exploiting a weakness in non-standard input, causing processes to hang indefinitely.

The security analyst has confirmed the server hosts standard CGI scripts for the wiki sites, does not have mod_cgid installed, is running Apache 2.2.22, and is not behind a WAF. The server is located in the DMZ, and the purpose of the server is to allow customers to add entries into a publicly accessible database.

Which of the following would be the MOST efficient way to address this finding? (Choose one)

Place the server behind a WAF to prevent DoS attacks from occurring.

Document the finding as a false positive.

Upgrade to the newest version of Apache.

Disable the HTTP service and use only HTTPS to access the server.

FRIENDS! PLEASE USE YOUR OWN KNOWLEDGE. I KNOW HOW TO GOOGLE MYSELF.

192.68.7.35:80 192.68.7.35:443 Running HTTP service product HTTPD exists: Apache HTTPD 2.2.22 VulnerableversionofproductHTTPDfound: ApacheHTTPD2.2.22 Running HTTPS service product HTTPD exists: Apache HTTPD 2.2.22 Vulnerable version of product HTTPD found: Apache HTTPD 2.2.22

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

34) An organization has recently created an e-commerce site and is now internally processing credit card transactions To remain PCI compliant a vulnerability scan has been run and the security...

Module 2: Project - Part 1 Due Sep 5by11:59pm Points 0 Available Aug 30 at 12am - Sep 5 at 11:59pm7 days This assignment was locked on Sep 5 at 11:59 pm. Attached are the project directions (in green...

PLEASE ONLY ANSWER IF THE ANSWER IS FROM YOU. DON'T COPY OTHERS ANSWER SINCE I READ THEM ALL AND SURE THEY'RE NOT CORRECT Question The developers recently deployed new code to three web servers. A...

I need someone to help me with a Nessus vulnerability scan as I do not have access to Nessus. Section 1 : Understanding the Scan Results Scan Summary Describe the overall scope of the scan, including...

please I need almost 800 words following all the requirements. Project Part 2: Vulnerabilities in Information Technology (IT) Security Scenario Aim Higher College has been the target of focused...

Section 1 : Understanding the Scan Results Scan Summary Describe the overall scope of the scan, including the number of hosts scanned, total vulnerabilities detected, and high - level statistics ( e...

Part 1: Scan the Domain Controller with Nmap (0/1 completed) Secure Labs on Demand was pleased with your penetration test findings and has requested you conduct a similar test of their protected...

Penetration Test Report: 1 . Target: The target of this penetration test is the drisst.com web server, specifically to conduct a vulnerability scan to identify potential security weaknesses. Step 2 2...

Week 2 - Lab Due: Jan 23, 2019 at 12:59 AM Performing a Vulnerability Assessment This assignment requires you to conduct a little research on several vulnerability analysis tools. Please answer the...

If a furniture store offers to sell a refrigerator priced at $1195 on a conditional sale contract requiring 12 monthly payments of $110 (including a payment on the date of sale), what effective rate...

Create a Position Paper on the topic Will covid19 vaccination be good or bad while there is still a pandemic.

What is the IBM forecast income before extraordinary items for the 2 0 2 2 Q 1 ?

last two options for the multiple choice are : performance management development A construction equipment manufacturer, Roswell Corporation, is focusing on becoming a leader in sustainability in...

2. You have to evaluate an employee who has been late frequently. A. We have guidelines around here, you know. B. I need you to try harder to be on time. C. I want you to be here at 8:55 each morning.

What kinds of slang or jargon do you regularly use? How did you become familiar with these terms? And how would you go about explaining these terms to someone who is unfamiliar with them?

B What kinds of technical words and phrases have become part of your everyday language? Have you ever Googled anyone? Would you think it odd if you had to explain the meaning of the verb Google to...