Your company is using a shopping cart web application that is known to be vulnerable to a code injection
attack. Your company has no support agreement for the application, and the application is no longer updated by
its author. Modifying the code would require the hiring of additional help and an extensive interview process.
Which of the following should your company do in the meantime to most quickly mitigate the threat? (Select the
best answer.)
A.
Use the grep command to examine web logs for evidence of an attack.
B.
Shut down the site.
C.
Replace the shopping cart application with a different one.
D.
Implement a WAF.
Explanation:
Your company should implement a web application firewall (WAF) to mitigate the shopping cart web application
threat. A WAF sits between a web application and the end user in order to protect the application from
malicious activity and known vulnerabilities. Therefore, by installing a WAF, it is possible to protect a vulnerable
web application without modifying the application code.Although you should issue the grep command to examine web application logs for evidence of an attack, doing
so would not quickly mitigate the threat posed by the unpatched vulnerability. Searching for evidence of an
attack takes time. Even if evidence of an attack were found in the log, discovering that evidence does not
mitigate the threat.
Although you should consider replacing the shopping cart application with a different one that is supported and
regularly updated, doing so would not be the quickest way to mitigate the threat. Depending on the complexity
of the data and the availability of conversion tools, it could take many weeks or months to successfully migrate
a shopping cart from one web application to another.
You should not shut down the site. Shutting down the site would cause a severe business interruption because
users would no longer be able to purchase products by using the shopping cart.OWASP: Category:OWASP Best Practices: Use of Web Application Firewalls