A company has been attacked and their website has been altered to display false information. The
security administrator disables the web server service before restoring the website from backup. An audit
was performed on the server and no other data was altered. Which of the following should be performed
after the server has been restored?
A.
Monitor all logs for the attacker’s IP
B.
Block port 443 on the web server
C.
Install and configure SSL to be used on the web server
D.
Configure the web server to be in VLAN 0 across the network
Someone can explain this for me?
0
0
Sure, it states the the administrator disabled the web server which uses HTTPS on port 443. After the server has been restored, since he disabled the web server he should block port 443 as he will not be using it. He will manage the server using another protocol.
0
0