Read a major vulnerability discovered in apache web servers

Assignment Help Management Information Sys

Reference no: EM133361624

Assignment:

A CISO invites you to an urgent meeting. He has just read about a MAJOR Vulnerability discovered in Apache web servers. The vulnerability is of an RCE type and may allow threat actors to compromise the servers and gain ROOT access. Since ACME uses Apache web-servers he is concerned. The CISO also mentioned that it has been a while since they last performed a penetration test on the environment and, as such, he is very worried and would like you to bring in a 3rd party to conduct a PT as soon as possible. ACME would need to go to RFP to find the best vendor for this project.

What are some of the parameters you would need to consider in order to write the RFP and choose the best vendor for the job? Some of the questions you might want to consider are:

Type of assessment needed (PT/VA/Health checks)?
Black/White/Grey Box methodology?
What systems will you include in the test, or exclude?
Qualifications of the 3rd party?
How will you evaluate possible vendors?

Reference no: EM133361624

Questions Cloud

Why is ssh version 2 is preferred over ssh version 1 : Why is SSH version 2 is preferred over SSH version 1? Why do you think one of the main functions of a LAN switch is not to route IP packets?

Describe the network configuration : Describe the network configuration, explaining the role of each component and connection, following the diagram provided by your supervisor.

Benefits of virtualization as a network design strategy : Can you please discuss the benefits and disadvantages of virtualization as a network design strategy?

Difference between md5 and sha-1 hash algorithms : What is a key difference between MD5 and SHA-1 hash algorithms? What happens to the hash value of a file if you change ONLY the file name?

Read a major vulnerability discovered in apache web servers : A CISO invites you to an urgent meeting. He has just read about a MAJOR Vulnerability discovered in Apache web servers.

Conduct a brute force attack to log into joomla : They conducted a brute force attack to log into Joomla, which is an attack that involves using trial and error to try and guess login credentials.

Will vehicles perform satisfactorily with autonomous systems : These are rhetorical questions: Will vehicles ever be able to perform satisfactorily with autonomous systems? What tradeoffs will we accept?

Discuss law enforcement involvement in security incidents : How the definition of privacy that is commonly used (freedom from observation) may differ from definition of privacy from the information security perspective.

Analysis of the ethical implications of cybersecurity police : An analysis of the ethical implications of cybersecurity policies and regulations put in place to protect the confidentiality, integrity.

User Account

All Pages