Answered step by step
Verified Expert Solution
Question
1 Approved Answer
PLEASE ONLY ANSWER IF THE ANSWER IS FROM YOU. DON'T COPY OTHERS ANSWER SINCE I READ THEM ALL AND SURE THEY'RE NOT CORRECT Question The
PLEASE ONLY ANSWER IF THE ANSWER IS FROM YOU. DON'T COPY OTHERS ANSWER SINCE I READ THEM ALL AND SURE THEY'RE NOT CORRECT
Question The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean. If the vulnerability is valid, the analyst must remediate the finding. After reviewing the given information, select the STEP 2 tab in order to complete the simulation by selecting the correct "Validation Result" AND "Remediation Action" for each server listed using the drop down options. Instructions: If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue. Step 1 Instruction: The simualtion includes 2 steps. Please click on both tabs to complete the tasks. When you have completed the simulation, please click the Done button to submit CDE Network Internal Network WEB SERVERO1 172 30 0 150 WEB SERVERO2 172 300.151 SERVER01 192.168.0.101 SERVE RO2 192.168.0.102 ROUTER 192.168.0.1 WEB SERVERO3 172 30 0 152 WEB SERVERO 172 300 153 SERVE RO3 192.168.0.103 WORKSTATION 192.1680 104 FIREWALL 92.34.56.100 Internet Vulnerability Scan Reports Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVERO1 WEB_SERVERO2 WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVER01 WEB_SERVERO2 WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVERO1 WEB SERVERO2 False Positive False Negative WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVERO1 WEB SERVERO2 WEB_SERVERO3 False Positive False Negative Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities, System Validate Result Remediation Action WEB SERVER01 Free Sess Ene Sess imptomentin WEB SERVEROZ WEB SERVERO3 Employeowanie Adung rechtswidrs Date Request con tromapu CA Renew the current car Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVER01 WEB SERVERO2 WEB SERVERO3 Encrypt entire session Encryptas ion cookies Implement input validation Subtas non issue Employ unique token in hidden held Avoid using redirects and forwards Disable Request certificate from puble CA Renew the current certcate Step 1 Step 2 SON Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVER01 WEB SERVERO2 WEB_SERVER03 Encrypt entire session Encrypt a session cookies implement input validation Submit as non-issue Employ unique token in hidden taid Avoid using r ects and forwards Disable http Request certificate from a pubic CA Renew the current corticale Step 1 Step 2 Vulnerability Scan Report Vulnerability Scan Report HIGH SEVERITY Title: Cleartext Transmission of Sensitive Information Description: The software transmits sensitive or security-critical data in Cleartext in a communication channel that can be sniffed by authorized users. Affected Asset: 172.30.0.150 Risk: Anyone can read the information by gaining access to the channel being used for communication Reference: CVE-2002-1949 MEDIUM SEVERITY Title: Sensitive Cookie in HTTPS session without Secure' Attribute Description: The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over HTTP session Affected Asset 172.30.0.151 Risk Session Sidejacking Reference: CVE-2004-0462 LOW SEVERITY Title: Untrusted SSL/TLS Server X.509 Certificate Description: The server's TLS/SSL certificate is signed by a Certificate Authority that is untrusted or unknown Affected Asset 172.30.0.152 Risk May allow man-in-the middle attackers to insert a spoofed certificate for any Distinguished Name (DN) Reference CVE-2005-1234 WEB_SERVERO1Logs While logged in to the web portal (172.30.0.150) from the workstation (192.168.0.104) you perform an account password change. This process requires you to reenter the original password and enter a new password twice 192.168.0.104 172.30.0.151 172.30.0.151 192.168.0.104 192.168.0.104 172.30.0.151 192.168.0.104 172.30.0.150 172.30.0.151 192.168.0.104 TLSv1 733 Application Data TLSv1 1107 Application Data TCP 66 44088 > https [ACK] Seq=1510 Ack=12723 Win=42368 HTTP 608 GET Nerifpwd learn?URL=AV5FPSHV2Ereal&SSL=83n28x TCP 66 http > 60928 (ACK) Seq=622 Ack=847 Win=5154 Len=... Frame 4021: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0 Ethernet II. Src: Vmware 00:03:22 (00:50:56:00:03:22). Dst: Palo Alto_39.10:30 (00:16:17:39:10:30) Internet Protocol Version 4. Src: 192.168.0.104 (192.168.0.104 ). Dst: 172.30.0.150 (172.30.0.150) 12 Reassembled TCP Segments (1496 bytes) #4820(1448), #4821(48)] Hypertext Transfer Protocol GET /verifpwd.learn?URL=AV5FPSHV2Ereal&SSL=83n28x Host: XXXXX User-Agent: Mozilla/5.0 (X11; Linux x86_64; V.18.0) Gecko/20100101 Firefox/18.0 Iceweasel/18.0.1inn Accept texuhtml,application/xhtml+xml,application/xml;q=0.9,*/* quon Accept-Language: en=US,en;q=0.51 Accept-Encoding: gzip,deflaterin Referer: http:/XXXXX/Shared/Portal/Custom Profiles/A_Profile real rin (truncated) Cookie: ASPSESSIONIDQABRBT BC=HEJCAHEDJPK08CEP: ZZZECUSERPROPS Connection: keep alivern Content-Type: application/x-www-form-urlendcodedin Content-Length: 1211 Inn [Full request URI: http//XXX/Shared/Portal/Custom Profiles/PostProfile real?47=25378158] Line-based text data: application/x-www-form-urlencoded EMAIL=someone@cloud.org m&PASSold=Password1 m&PASSnew 1=Password2 m&PASSnewv=Password2 Domain Http Secure WEB_SERVERO2Logs Name Value _utma 250288278.1028202552.1383963... utmb 250288278.2.10.1383693377 _utmc 250288278 utmz 250288278.1383693377.1.1. utmes yourcompany.com yourcompany.com yourcompany.com yourcompany.com Expires / Max Age Thu, 05 Nov 2015 23:21:28 GMT Tue, 05 Nov 2013 23:51:28 GMT Session Thu, 08 May 2014 11:21:28 GMT WEB_SERVERO3Logs [TD]Service Provider Certificate Info General Details Cercabon Path XA Certificate Information This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certifikation Authorties store. Issued to Pentest LLC Issued by: Pentest LLC Valid from 22/07/2014 to 22/07/2024 Instal Certicale... Estate En more abouters Question The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean. If the vulnerability is valid, the analyst must remediate the finding. After reviewing the given information, select the STEP 2 tab in order to complete the simulation by selecting the correct "Validation Result" AND "Remediation Action" for each server listed using the drop down options. Instructions: If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue. Step 1 Instruction: The simualtion includes 2 steps. Please click on both tabs to complete the tasks. When you have completed the simulation, please click the Done button to submit CDE Network Internal Network WEB SERVERO1 172 30 0 150 WEB SERVERO2 172 300.151 SERVER01 192.168.0.101 SERVE RO2 192.168.0.102 ROUTER 192.168.0.1 WEB SERVERO3 172 30 0 152 WEB SERVERO 172 300 153 SERVE RO3 192.168.0.103 WORKSTATION 192.1680 104 FIREWALL 92.34.56.100 Internet Vulnerability Scan Reports Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVERO1 WEB_SERVERO2 WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVER01 WEB_SERVERO2 WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVERO1 WEB SERVERO2 False Positive False Negative WEB SERVERO3 Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVERO1 WEB SERVERO2 WEB_SERVERO3 False Positive False Negative Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities, System Validate Result Remediation Action WEB SERVER01 Free Sess Ene Sess imptomentin WEB SERVEROZ WEB SERVERO3 Employeowanie Adung rechtswidrs Date Request con tromapu CA Renew the current car Step 1 Step 2 Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB SERVER01 WEB SERVERO2 WEB SERVERO3 Encrypt entire session Encryptas ion cookies Implement input validation Subtas non issue Employ unique token in hidden held Avoid using redirects and forwards Disable Request certificate from puble CA Renew the current certcate Step 1 Step 2 SON Step 2 Given the scenario, determine what remediation action is required to address the vulnerabilities. System Validate Result Remediation Action WEB_SERVER01 WEB SERVERO2 WEB_SERVER03 Encrypt entire session Encrypt a session cookies implement input validation Submit as non-issue Employ unique token in hidden taid Avoid using r ects and forwards Disable http Request certificate from a pubic CA Renew the current corticale Step 1 Step 2 Vulnerability Scan Report Vulnerability Scan Report HIGH SEVERITY Title: Cleartext Transmission of Sensitive Information Description: The software transmits sensitive or security-critical data in Cleartext in a communication channel that can be sniffed by authorized users. Affected Asset: 172.30.0.150 Risk: Anyone can read the information by gaining access to the channel being used for communication Reference: CVE-2002-1949 MEDIUM SEVERITY Title: Sensitive Cookie in HTTPS session without Secure' Attribute Description: The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over HTTP session Affected Asset 172.30.0.151 Risk Session Sidejacking Reference: CVE-2004-0462 LOW SEVERITY Title: Untrusted SSL/TLS Server X.509 Certificate Description: The server's TLS/SSL certificate is signed by a Certificate Authority that is untrusted or unknown Affected Asset 172.30.0.152 Risk May allow man-in-the middle attackers to insert a spoofed certificate for any Distinguished Name (DN) Reference CVE-2005-1234 WEB_SERVERO1Logs While logged in to the web portal (172.30.0.150) from the workstation (192.168.0.104) you perform an account password change. This process requires you to reenter the original password and enter a new password twice 192.168.0.104 172.30.0.151 172.30.0.151 192.168.0.104 192.168.0.104 172.30.0.151 192.168.0.104 172.30.0.150 172.30.0.151 192.168.0.104 TLSv1 733 Application Data TLSv1 1107 Application Data TCP 66 44088 > https [ACK] Seq=1510 Ack=12723 Win=42368 HTTP 608 GET Nerifpwd learn?URL=AV5FPSHV2Ereal&SSL=83n28x TCP 66 http > 60928 (ACK) Seq=622 Ack=847 Win=5154 Len=... Frame 4021: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0 Ethernet II. Src: Vmware 00:03:22 (00:50:56:00:03:22). Dst: Palo Alto_39.10:30 (00:16:17:39:10:30) Internet Protocol Version 4. Src: 192.168.0.104 (192.168.0.104 ). Dst: 172.30.0.150 (172.30.0.150) 12 Reassembled TCP Segments (1496 bytes) #4820(1448), #4821(48)] Hypertext Transfer Protocol GET /verifpwd.learn?URL=AV5FPSHV2Ereal&SSL=83n28x Host: XXXXX User-Agent: Mozilla/5.0 (X11; Linux x86_64; V.18.0) Gecko/20100101 Firefox/18.0 Iceweasel/18.0.1inn Accept texuhtml,application/xhtml+xml,application/xml;q=0.9,*/* quon Accept-Language: en=US,en;q=0.51 Accept-Encoding: gzip,deflaterin Referer: http:/XXXXX/Shared/Portal/Custom Profiles/A_Profile real rin (truncated) Cookie: ASPSESSIONIDQABRBT BC=HEJCAHEDJPK08CEP: ZZZECUSERPROPS Connection: keep alivern Content-Type: application/x-www-form-urlendcodedin Content-Length: 1211 Inn [Full request URI: http//XXX/Shared/Portal/Custom Profiles/PostProfile real?47=25378158] Line-based text data: application/x-www-form-urlencoded EMAIL=someone@cloud.org m&PASSold=Password1 m&PASSnew 1=Password2 m&PASSnewv=Password2 Domain Http Secure WEB_SERVERO2Logs Name Value _utma 250288278.1028202552.1383963... utmb 250288278.2.10.1383693377 _utmc 250288278 utmz 250288278.1383693377.1.1. utmes yourcompany.com yourcompany.com yourcompany.com yourcompany.com Expires / Max Age Thu, 05 Nov 2015 23:21:28 GMT Tue, 05 Nov 2013 23:51:28 GMT Session Thu, 08 May 2014 11:21:28 GMT WEB_SERVERO3Logs [TD]Service Provider Certificate Info General Details Cercabon Path XA Certificate Information This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certifikation Authorties store. Issued to Pentest LLC Issued by: Pentest LLC Valid from 22/07/2014 to 22/07/2024 Instal Certicale... Estate En more abouters
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started