Ethical HACKING:

A. discussion:

Web servers are compromised for a number of reasons which may include any of the following:

• Improper file or directory permissions,
• installing the server with default settings,
• unnecessary services enabled,
• security conflicts,
• a lack of proper security policies,
• improper authorization with external systems,
• default accounts with default or no passwords,
• unnecessary default, backup, or sample files, misconfigurations, bugs in server software, OS, or web applications,
• misconfigured SSL certificates and encryption settings,
• administrative or debugging functions that are enabled or accessible on web servers or the use of self-signed certificates and/or default certificates.

Write in 400 words, Select one of these compromises and explain how it could be avoided.

Information Assurance:

Write in 400 words, What are some of the characteristics and operations of some of the malicious software that exists today?