Data Platform Security related questions and answers
1)Can we disable http options method for IIS?
Ans : Yes, in IIS under 'Request Filtering' --> HTTP Verbs --> OPTIONS Verb may be denied. This will not affect application functionality.
2)Can IIS default welcome page be removed?
Ans : Yes, you can delete this IIS default welcome page: C:\inetpub\wwwroot\iisstart.htm
3)Can we disable weak ciphers on application server?
Ans : Our application uses TLS 1.2 which is a secure protocol currently.
Yes, you can disable other weak ciphers after consulting with your IT/security team.