An administrator was notified that a recently deployed internal web application is transmitting data in plain text. This has raised concerns about sensitive data being easily intercepted within the network. While reviewing the application's configuration, the administrator finds that the application should support encrypted connections. Which of the following actions should the administrator take FIRST to remediate this security risk?
Patch the web application as it may contain vulnerabilities that disable encryption.
Enable TLS on the server to ensure data is encrypted during transit.
Update the firewall rules to block all traffic on port 80 to the application server.
Force all web application traffic to use HTTPS by default.
Enabling the appropriate protocol for secure data transmission such as TLS on the server hosting the application is vital for encryption. Simply forcing HTTPS without ensuring the server's capability to handle secure connections may not solve the problem. Updating firewall rules to block port 80 may interrupt other necessary services using that port. Patching the application is necessary only if there's a known vulnerability that prevents encryption from functioning correctly.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does TLS stand for and why is it important?
Open an interactive chat with Bash
How does HTTPS differ from HTTP?
Open an interactive chat with Bash
What are the risks of transmitting data in plain text?