What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

An Internet retailer’s database was recently exploited by a foreign criminal organization via a remote attack. The initial exploit resulted in immediate root-level access.

What could have been done to prevent this level of access being given to the intruder upon successful exploitation?
A . Configure the DMZ firewall to block unnecessary service
B . Install host integrity monitoring software
C . Install updated anti-virus software
D . Configure the database to run with lower privileges

View Answer

Answer: D