Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam SY0-501 topic 1 question 123 discussion

Actual exam question from CompTIA's SY0-501
Question #: 123
Topic #: 1
[All SY0-501 Questions]

During a monthly vulnerability scan, a server was flagged for being vulnerable to an Apache Struts exploit. Upon further investigation, the developer responsible for the server informs the security team that Apache Struts is not installed on the server. Which of the following BEST describes how the security team should reach to this incident?

  • A. The finding is a false positive and can be disregarded
  • B. The Struts module needs to be hardened on the server
  • C. The Apache software on the server needs to be patched and updated
  • D. The server has been compromised by malware and needs to be quarantined.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by bob99 at May 16, 2019, 5:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Rockadocious
Highly Voted 4 years, 10 months ago
Answer is A. It was a vulnerablity scan. The server was flagged for being vulernable TO an Apache Struts exploit. The developer that was responsible for THAT server informs Security it is NOT installed. The vulnerabiltiy is not there. The scan was a false positive (meaning it detected something that really wasn't there).
upvoted 11 times
...
who__cares123456789___
Highly Voted 3 years, 3 months ago
What EVER you do, do not listen to day95! In fact, I would put an implict DENY on all his/her opinions... wth does he mean "initial server doesnt have apache"? The damn developer said it dont have the "STRUTS" module...JEEZ
upvoted 8 times
kekmaster
3 years, 1 month ago
LOL! these discussions are top tier info and comedy , gotta love it
upvoted 1 times
...
...
vaxakaw829
Most Recent 3 years, 9 months ago
Unfortunately, vulnerability scanners aren’t perfect. Occasionally, they report a vulnerability when it doesn’t actually exist. In other words, the scan indicates a system has a known vulnerability, but the report is false. As an example, a vulnerability scan on a server might report that the server is missing patches related to a database application, but the server doesn’t have a database application installed (Darril Gibson’s Get Certified Get Ahead p. 574).
upvoted 1 times
...
GJEF
3 years, 9 months ago
We have to first question the vulnerability scan that was done, then verify if Apache was truly installed or not then before we decide to quarantine. In a real-life scenario, this would have been the case. Option A is not a good step to take at all and option D alike. So in a sense, for best practice regarding security intelligence, eliminating all options presented, I'd go for option D with caution 'cos you don't neglect a security issue.
upvoted 2 times
...
Basem
4 years, 8 months ago
It is a false positive as vulnerability scans can cause many false positives as per the "get certified get ahead". you can use credentialed scans to reduce false positives.
upvoted 2 times
...
tizttech
4 years, 10 months ago
Answer is D. If you're sure that on the server Apache is not installed, and with a scan you find "Apache is not updated" well... that's a problem.
upvoted 1 times
...
mad
4 years, 10 months ago
Agree that answer is A. An exploit is moot if the designated target does not have any means for the potential exploit to function in the first place, and would be a waste of time and resources to address a potential threat if the threat has no means to take advantage of required vulnerability.
upvoted 2 times
...
day95
4 years, 11 months ago
The answer is not A, it is D because initially the server did not have apache, so malware infected the server and is referencing apache somehow. If the server did have apache initially, it would be a false positive if an anaylst went deeper into the problem and found nothing.
upvoted 5 times
Jasonbelt
3 years, 9 months ago
Why would you dig deeper into a problem that doesn't exist?
upvoted 9 times
...
...
bob99
4 years, 11 months ago
The answer is A false positive
upvoted 5 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel