A vulnerability scan returned the following results for a web server that hosts multiple wiki sites: Apache-HTTPD-cve-2014-023: Apache HTTPD: mod_cgid denial of service CVE-20140231

Due to a flaw found in mog_cgid, a server using mod_cgid to host CGI scripts could be vulnerable to a DoS attack caused by a remote attacker who is exploiting a weakness in non-standard input, causing processes to hang indefinitely.

The security analyst has confirmed the server hosts standard CGI scripts for the wiki sites, does not have mod_cgid installed, is running Apache 2.2.22, and is not behind a WAF. The server is located in the DMZ, and the purpose of the server is to allow customers to add entries into a publicly accessible database.

Which of the following would be the MOST efficient way to address this finding? (Choose one)

Place the server behind a WAF to prevent DoS attacks from occurring.

Document the finding as a false positive.

Upgrade to the newest version of Apache.

Disable the HTTP service and use only HTTPS to access the server.

FRIENDS! PLEASE USE YOUR OWN KNOWLEDGE. I KNOW HOW TO GOOGLE MYSELF.

192.68.7.35:80 192.68.7.35:443 Running HTTP service product HTTPD exists: Apache HTTPD 2.2.22 VulnerableversionofproductHTTPDfound: ApacheHTTPD2.2.22 Running HTTPS service product HTTPD exists: Apache HTTPD 2.2.22 Vulnerable version of product HTTPD found: Apache HTTPD 2.2.22