Question

An attacker exploited an unpatched vulnerability in a web framework, and then used an application service...

An attacker exploited an unpatched vulnerability in a web framework, and then used an application service account that had an insecure configuration to download a rootkit. The attacker was unable to obtain root privileges. Instead, the attacker downloaded a cryptocurrency mining program and subsequently was discovered. The server was taken offline, rebuilt, and patched. Which of the following to the security Engineers to help prevent a similar scenario in the future.

  1. Remove root privileges from the application service account

  2. Implement separation of duties

  3. properly configure SELinux set it to enforce

  4. use cron to schedule regular restarts of the system to terminate sessions

  5. perform regular uncredentialed vulnerability scans

Homework Answers

Answer #1

Q:- An attacker exploited an unpatched vulnerability in a web framework, and then used an application service account that had an insecure configuration to download a rootkit. The attacker was unable to obtain root privileges. Instead, the attacker downloaded a cryptocurrency mining program and subsequently was discovered. The server was taken offline, rebuilt, and patched. Which of the following to the security Engineers to help prevent a similar scenario in the future.

  1. Remove root privileges from the application service account

  2. Implement separation of duties

  3. properly configure SELinux set it to enforce

  4. use cron to schedule regular restarts of the system to terminate sessions

  5. perform regular uncredentialed vulnerability scans

Answer:------

Remove root privileges from the application service account

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT