Note: Goal of question – Once again, there is no right or wrong answer, however we are interested in what the applicant views as important.

Web Server Security:

· Update/Patch the web server software

· Minimize the server functionality – disable extra modules

· Delete default data/scripts

· Increase logging verboseness

· Update Permissions/Ownership of files

Web Application Security:

· Make sure Input Validation is enforced within the code - Security QA testing

· Configured to display generic error messages

· Implement a software security policy

· Remove or protect hidden files and directories