You are designing a new Web application service for your company. An initial design review reveals a number of attack surfaces not identified in the initial baseline for the application, including unneeded network services that are enabled. What should you do?
B. Remove unneeded service from the design
Which of the following is the least intrusive way of checking an environment for know software flaws?
C. Vulnerability Scanner
After a system risk assessment, the cost to mitigate a risk is higher than the expected loss if the threat materializes. In this situation, which of the following is the better course of action?
A. Accept the risk
After completing a risk assessment, a security administrator recommends that the network owner take actions to prevent future security incidents. Which of the following describes this type of action?
B. Risk Mitigation
What is likely your best course of action when a vulnerability is identified on an operating system?
D. Visit the OS manufacturer's website for information and a patch.