After scanning the main company's website with the OWASP ZAP tool, a cybersecurity analyst is reviewing the following warning:

The analyst reviews a snippet of the offending code:

Which of the following is the BEST course of action based on the above warning and code snippet?

You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers. You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.
The company's hardening guidelines indicate the following:
* TLS 1.2 is the only version of TLS running.
* Apache 2.4.18 or greater should be used.
* Only default ports should be used.
INSTRUCTIONS
Using the supplied data, record the status of compliance with the company's guidelines for each server.
The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for issues based ONLY on the hardening guidelines provided.

An information security analyst is compiling data from a recent penetration test and reviews the following output:

The analyst wants to obtain more information about the web-based services that are running on the target.
Which of the following commands would MOST likely provide the needed information?

A company's Chief Information Security Officer (CISO) is concerned about the integrity of some highly confidential files. Any changes to these files must be tied back to a specific authorized user's activity session.
Which of the following is the BEST technique to address the CISO's concerns?

An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host.
After a thorough forensic review, the administrator determined the server's BIOS had been modified by rootkit installation.
After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?