Securing Windows applications requires hardening each application to protect it from potential vulnerabilities. Your job is to select the best control to address each of the anticipated vulnerability. You have been given the task of reviewing security policy and recommending the best security controls to respond to vulnerabilities the security team has identified for the new enterprise resource planning (ERP) software.
You can select from a short list of security controls to detect or prevent each stated threat. For each vulnerability, select the best control to ensure Ken 7 Windows Limited fulfills the stated requirements to secure its application software.
Select from these security controls: a. Place a firewall between the Internet and your Web server. b. Place a firewall between your Web server and your internal network. c. Remove the mail server service. d. Require encrypted connections for all remote ERP clients. e. Apply the latest security patches. f. Use a packet sniffer to view the contents of network packets. g. Require all personnel attend a lunch and learn session on updated security policies.
Identified ERP software vulnerabilities: a | 1. The ERP software vendor reports that some customers have experienced denial-of-service (DoS) attacks from computers sending large volumes of packets to mail servers on the Web server computers. | | 2. | g | 3. Users that leave their workstations logged in during long durations of inactivity could allow attackers to hijack their session and impersonate them in the application. | | 4. | d | 5. Attackers with packet sniffers and proxy software could potentially intercept exchanges of private data. | | 6. | e | 7. Four software vulnerabilities in previous ERP software versions could allow attackers to escalate their permissions and assume