🔥 3-day streak
CompTIA PenTest+ (PT0-003)135 / 175
Question 135 of 175
During an internal engagement, your vulnerability scanner flags a Linux web server as vulnerable to a critical Apache HTTP Server remote code execution CVE. The scan is unauthenticated and matched the vulnerability solely on the Server response header showing 'Apache/2.4.29'. Before adding this to the report, what is the BEST way to determine whether this finding is a false positive?
Reviewed for accuracy · Report an issueNext question