An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server.
Which of the following is the MOST likely mitigation for this reported item? releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software. features to the software being updated.
A.
Ensure patches are deployed
B.
Install an IDS on the network
C.
Configure the firewall to block traffic on port 443
D.
Implement a VPN for employees
Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more