Your company has an intrusion detection system (IDS) and firewall deployed on the perimeter of the network to detect attacks against internal resources. Yesterday, the IDS alerted you that SSL sessions are under attack using an older exploit against SSLv2. Your organization's Web server must use encryption for all financial transactions. You need to prevent this attack from being successful in

the future. What should you do?

A. Block SSLv2 on the firewall.
B. Block SSLv2 on the Web server.
C. Disable SSLv2, and enable SSLv3 on the Web server.
D. Update the Web server with the latest patches and updates.

C
Explanation: You should disable SSLv2 and enable SSLv3 on the Web server. This will prevent the usage of SSLv2, which is the problem.
If you block SSLv2 on the firewall, then SSLv2 communication will be prevented from entering or leaving the internal network. This is not the best solution.
If you block SSLv2 on the Web server, then SSLv2 communication with the Web server will be prevented. This is not the best solution.
Updating the Web server with the latest patches and updates is important. However, there is no guarantee that this will fix the problem that you are experiencing.