CompTIA Network+ N10-006 Q57

An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. Which of the following is the MOST likely mitigation for this reported item?

A. Ensure patches are deployed
B. Install an IDS on the network
C. Configure the firewall to block traffic on port 443
D. Implement a VPN for employees

Correct Answer: A
Section: Network operations

Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software.
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.