Case Project 3-2: Investigating Possible Vulnerabilities of Microsoft IIS

Description: Carrell Jackson, the web developer for Alexander Rocco Corporation, has informed
you that the company uses Microsoft IIS for its website. He's proud of the direction the website is
taking and says it has more than 1000 hits per week. Customers can reserve hotel rooms, schedule
tee times for golf courses, and make reservations at any of the facility's many restaurants. Customer
can enter their credit card information and receive confirmations via email.
Based on this information, write a memo to Mr. Jackson listing any technical cybersecurity alerts or
known vulnerabilities of IIS. If you find vulnerabilities, your memo should include recommendation
and be written in a way that doesn't generate fear or uncertainty but encourages prudent
decision-making. The website cve.mitre.org is one location where you can research IIS
vulnerabilities. Using the Search CVE List feature with the keyword IIS will reveal new and past
vulnerabilities.