CySA+ CS0-001 – Q. 291

0
26

A company has monthly scheduled windows for patching servers and applying configuration changes. Out-of-window changes can be done, but they are discouraged unless absolutely necessary. The systems administrator is reviewing the weekly vulnerability scan report that was just released. Which of the following vulnerabilities should the administrator fix without waiting for the next scheduled change window?

A. The administrator should fix dns (53/tcp). BIND ‘NAMEDâ’ is an open-source DNS server from ISC.org. The BIND-based NAMED server (or DNS servers) allow remote users to query for version and type information.
B. The administrator should fix smtp (25/tcp). The remote SMTP server is insufficiently protected against relaying. This means spammers might be able to use the companyâ’s mail server to send their emails to the world.
C. The administrator should fix http (80/tcp). An information leak occurs on Apache web servers with the UserDir module enabled, allowing an attacker to enumerate accounts by requesting access to home directories and monitoring theresponse.
D. The administrator should fix http (80/tcp). The ‘greeting.cgiâ’ script is installed. This CGI has a well-known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon.
E. The administrator should fix general/tcp. The remote host does not discard TCP SYN packets that have the FIN flag set. Depending on the kind of firewall a company is using, an attacker may use this flaw to bypass its rules.

LEAVE A REPLY

Please enter your comment!
Please enter your name here