312-50V12 Question #237: Real Exam Question with Answer & Explanation

Question

You have been hired as an intern at a start-up company. Your first task is to help set up a basic web server for the company's new website. The team leader has asked you to make sure the server is secure from common threats. Based on your knowledge from studying for the CEH exam, which of the following actions should be your priority to secure the web server?

Options

• ALimiting the number of concurrent connections to the server
• BInstalling a web application firewall
• CRegularly updating and patching the server software
• DEncrypting the company's website with SSL/TLS

Explanation

Securing a web server requires prioritizing foundational security practices, with patch management being the most critical first step to eliminate known vulnerabilities.

Common mistakes.

• A. Limiting concurrent connections mitigates denial-of-service risks but does nothing to address vulnerabilities in the server software itself, making it a partial control rather than a foundational security measure.
• B. A web application firewall adds an important defensive layer against attacks like SQLi and XSS, but it is a compensating control that does not eliminate underlying vulnerabilities caused by unpatched software.
• D. Encrypting traffic with SSL/TLS protects data in transit from eavesdropping and man-in-the-middle attacks, but it does not protect the server from exploitation of software vulnerabilities, which is a more fundamental and immediate threat.

Concept tested. Web server hardening through patch management priority

Reference. https://learn.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-posture-vulnerability-management

No community discussion yet for this question.