To reduce vulnerabilities on a web server, an administrator should adopt which of the following
preventative measures?

A.
Enable auditing on the web server and periodically review the audit logs

B.
Block all Domain Name Service (DNS) requests coming into the server.

C.
Use packet sniffing software on all inbound communications

D.
Apply the most recent manufacturer updates and patches to the server.

Explanation:

Operating system manufacturers pride themselves in having a secure system, and the instant they
realize that there’s a security breach they assign a team on it to develop a security patch. Or when
they make new software release (Linux kernels seam to be updated every other day) they try to fix
all known vulnerabilities. Since the older an operating system is, the more time a hacker’s have to
seek vulnerabilities. A simple security patch that takes a couple of minutes to download and install
is the difference between having a secure network and having a system made completely useless
by a worm.