GIAC Foundational Cybersecurity Technologies Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the GIAC Foundational Cybersecurity Technologies Test. Utilize flashcards and multiple-choice questions, each with detailed hints and explanations to excel. Boost your readiness for the exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What can an Apache server administrator do to prevent version information from leaking?

Run Apache as a non-root user
Enable HTTPS
Set permission on /var/www/html to 700
Disable the banner

The correct answer is: Disable the banner

To prevent version information from leaking from an Apache server, disabling the banner is the most effective method. The "banner" in this context refers to the HTTP response headers that can disclose server version details, which could be exploited by attackers looking for specific vulnerabilities associated with that version. By disabling the server signature and server tokens, the administrator can hide this information, thereby making it more difficult for an attacker to gather intelligence about the server's configuration and potential weaknesses. While running Apache as a non-root user, enabling HTTPS, and setting strict permissions on the web directory are all important security practices, they do not specifically address the issue of version information leakage. Running as a non-root user limits the potential damage an attacker can cause if they gain access, HTTPS secures the data in transit, and setting directory permissions protects file access. However, these actions do not directly manage the visibility of version details that could inform a malicious actor about vulnerabilities in the server software. Thus, the action of disabling the banner is targeted specifically at mitigating this risk.