CompTIA PenTest+ (PT0-002) — Question 259

A penetration tester gains access to a web server and notices a large number of devices in the system ARP table. Upon scanning the web server, the tester determines that many of the devices are user workstations. Which of the following should be included in the recommendations for remediation?

Answer options

• A. Start a training program on proper access to the web server.
• B. Build a patch-management program for the web server.
• C. Place the web server in a screened subnet
• D. Implement endpoint protection on the workstations.

Correct answer: C

Explanation

The correct answer is C, as placing the web server in a screened subnet enhances its security by isolating it from the rest of the network, reducing exposure to potential attacks. Option A focuses on user training, which is important but does not directly address the security of the web server. Option B is relevant for maintaining software security, but it does not provide immediate network isolation. Option D, while beneficial for workstations, does not protect the web server itself.