Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Organizational policies require vulnerability remediation on severity 7 or great

ID: 3741804 • Letter: O

Question


Organizational policies require vulnerability remediation on severity 7 or greater within one week. Anything with a severity less than 7 must be remediated within 30 days. The organization also requires security teams to investigate the details of a vulnerability before performing any remediation. If the investigation determines the finding is a false positive, no remediation is performed and the vulnerability scanner configuration is updated to omit the false positive from future scans The organization has three Apache web servers 192.168.1.20- Apache v2.4.1 192.168.1.21 Apache v2.4.0 192.168.1.22 Apache v2.4.0 The results of a recent vulnerability scan are shown below Scan loat: 192.160.1.22 15-Feb-16 10:12:10.1 CDT Vulnerability CVE-2006-5752 cross-site cripting (X88) vulne Eability n the mod status module of Apache ,errer (httpd), when Extendedatatusin enabled and a pubiio-exvex-tatus page i used, allows remote attackera to inject arbitrary web script or HTHT severity: 4.3 (medium) The tearm performs some investigation and finds a statement from Apache -ried in Apache nTTP ao rv. K 2.4.1 andater" Which of the following actions should the security team perform?

Explanation / Answer

Here 3 apache server are given with v2.4.1, v2.4.0 and v2.4.0 .

The given Apache vulnerability exist on server 192.168.1.22. Apache server at 192.168.1.22 has older version 2.4.0, on which the given vulnerability still exist. (As it is of older version).

It was found that the current vulnerability is fixed in apache server v2.4.1 or later.

Therefore the security team would have to remediate 192.168.1.22 within 30 days of finding as the security of the vulnerability is 4.5 (below 7), which is of medium level. if the vulnerability level would have been 7 or above then vulnerability remediation is to be performed within 7 days.

Related Questions

Organization, Management, and Strategy of the Digital Firm - Discussion 1. How m
Question #455653
Organization, Management, and Strategy of the Digital Firm - Discussion 1. Who\'
Question #455652
Organizational Architecture ? Morality deals with individual character and the m
Question #356891
Organizational Behavior (2013), by Robbins & Judge, Prentice Hall Although the 4
Question #346576
Organizational Behavior (2013), by Robbins & Judge, Prentice Hall As this chapte
Question #346571
Organizational Behavior 1-Most people, when talking about conflict, immediately
Question #130426
Organizational Behavior Case 1A: Trader Joe\'s Keep Things Fresh Trader Joe\'s T
Question #395990
Organizational Behavior Case 1A: Trader Joe\'s Keep Things Fresh Trader Joe\'s T
Question #395992
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Organizational cultures are the most influential part which pretends the interna
Next
Organizational purpose is an important foundation for strategic planning within

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.