Section 04: Web Server Attack Countermeasures

Countermeasures

DMZ (Demilitarized zone)

In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network or screened subnet) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet.

Network segmentation

A network segment is a portion of a computer network. The nature and extent of a segment depends on the nature of the network and the device or devices used to interconnect end stations.

Hotfix

A hotfix or quick-fix engineering update (QFE update) is a single, cumulative package that includes information (often in the form of one or more files) that is used to address a problem in a software product (i.e., a software bug). Typically, hotfixes are made to address a specific customer situation.

Countermeasures

• Scan for vulnerabilities.

• Apply latest patches and updates.

• Change default configurations.

• Set up proper alerting.

• Set up disaster recovery plan.

Links

• https://en.wikipedia.org/wiki/DMZ_(computing)

• https://en.wikipedia.org/wiki/Hotfix