CompTIA Security Plus Mock Test Q1236

A company has been attacked and their website has been altered to display false information. The security administrator disables the web server service before restoring the website from backup. An audit was performed on the server and no other data was altered. Which of the following should be performed after the server has been restored?

A. Monitor all logs for the attacker’s IP
B. Block port 443 on the web server
C. Install and configure SSL to be used on the web server
D. Configure the web server to be in VLAN 0 across the network

Correct Answer: B
Section: Mixed Questions