KT-APP Vulnerable applications

Legacy PHP 5.6 internet app cannot be retired yet. Control?

Multiple choice — select one answer

Answer choices

  1. a. Expose database port 3306 publicly, without security or identity team coordination per policy.
  2. b. Reverse proxy with modern TLS, WAF, and strict network ACL to app tier
  3. c. Turn off authentication for speed, without security or identity team coordination per policy.
  4. d. Merge with Active Directory admin tier, without security or identity team coordination per policy.

Architectural breakdown & explanation

Compensating perimeter controls while planning retirement.

Correct answer(s): b. Reverse proxy with modern TLS, WAF, and strict network ACL to app tier

Exam domain: Vulnerable applications (25% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Application Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.