Hi Guys,
May I know whether the following feature are exist for us to do penetration test. I already do some research on internet, and couldnt find any answer for it.
So i post here, incase you guys have any advise or idea
1. Disable HTTP DELETE method
2. Disable HTTP OPTIONS meth
3. Disable TLS/SSL support for 3DES cipher suite
4. Stop Using SHA-1
5. Disable SSLv2, SSLv3, and TLS 1.0. The best solution is to only have TLS 1.2 enabled
6. Disable TLS/SSL support for static key cipher suites
7. Disable TLS/SSL support for RC4 ciphers
8. Disable insecure TLS/SSL protocol support
No comments:
Post a Comment