Your company is using a shopping cart web application that is known to be vulnerable to a code injection attack. Your company has no support agreement for the application, and the application is no longer updated by its author. Modifying the code would require the hiring of additional help and an extensive interview process.
Which of the following should your company do in the meantime to most quickly mitigate the threat? (Select the best answer.)
- Use the grep command to examine web logs for evidence of an attack.
- Shut down the site.
- Replace the shopping cart application with a different one.
- Implement a WAF.
Your company should implement a web application firewall (WAF) to mitigate the shopping cart web application threat. A WAF sits between a web application and the end user in order to protect the application from malicious activity and known vulnerabilities. Therefore, by installing a WAF, it is possible to protect a vulnerable web application without modifying the application code.
Although you should issue the grep command to examine web application logs for evidence of an attack, doing so would not quickly mitigate the threat posed by the unpatched vulnerability. Searching for evidence of an attack takes time. Even if evidence of an attack were found in the log, discovering that evidence does not mitigate the threat.
Although you should consider replacing the shopping cart application with a different one that is supported and regularly updated, doing so would not be the quickest way to mitigate the threat. Depending on the complexity of the data and the availability of conversion tools, it could take many weeks or months to successfully migrate a shopping cart from one web application to another.
You should not shut down the site. Shutting down the site would cause a severe business interruption because users would no longer be able to purchase products by using the shopping cart.