After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and business disruption at the same time?

Questions › Category: CS0-002 › After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and business disruption at the same time?

0 Vote Up Vote Down

Admin Staff asked 4 months ago

After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of
JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and business disruption at the same time?

A. Make a backup of the server and update the JBoss server that is running on it.

B. Contact the vendor for the legacy application and request an updated version.

C. Create a proper DMZ for outdated components and segregate the JBoss server.

D. Apply virtualization over the server, using the new platform to provide the JBoss service for the legacy application as an external service.








 

Suggested Answer: C

Community Answer: C



This question is in CS0-002 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A security analyst at example.com receives SIEM alert for an IDS signature and reviews the associated packet capture and TCP stream: Packet capture: TCP stream: Which of the following actions should the security analyst take NEXT?

While conducting a cloud assessment, a security analyst performs a Prowler scan, which generates the following within the report: Based on the Prowler report, which of the following is the BEST recommendation?

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password