Web Server Security Recommendations
Question
An organization has hired a penetration tester to test the security of its ten web servers.
The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP.
Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The most appropriate recommendation for the organization to better protect their web servers in the future is to disable unnecessary services, which is option B.
Explanation:
Penetration testers are hired to simulate real-world attacks on the organization's systems, including web servers, to identify vulnerabilities that an attacker could exploit. In this case, the penetration tester has successfully exploited vulnerabilities associated with the implementation of various services such as SMTP, POP, DNS, FTP, Telnet, and IMAP to gain root/administrative access to several web servers.
To better protect their web servers in the future, the organization should implement the following recommendations:
Option A - Use a honeypot: A honeypot is a decoy system designed to attract potential attackers and gather information about their tactics and techniques. However, while a honeypot is useful in detecting and analyzing attacks, it does not prevent an attacker from exploiting vulnerabilities.
Option B - Disable unnecessary services: Services such as SMTP, POP, DNS, FTP, Telnet, and IMAP should be disabled if they are not needed for the web servers' functionality. Disabling unnecessary services reduces the attack surface and limits the potential vulnerabilities that an attacker can exploit.
Option C - Implement transport layer security: Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over a network. Implementing TLS would enhance the security of communication between the web servers and clients, but it would not prevent an attacker from exploiting vulnerabilities associated with the implementation of services.
Option D - Increase application event logging: Increasing application event logging is essential for detecting and analyzing security incidents, but it would not prevent an attacker from exploiting vulnerabilities associated with the implementation of services.
In conclusion, the most appropriate recommendation for the organization to better protect their web servers in the future is to disable unnecessary services, which would reduce the attack surface and limit the potential vulnerabilities that an attacker can exploit.
