Listen – To the Equifax Data Breach Pt. I: A Big Data

Listen – To the Equifax Data Breach Pt. I: A Big Data Bubble, and The Equifax Data Breach Pt. II: The Bits Hit The Fan located in the Readings and Resources section.
View – The video, Explaining the Apache Struts 2 Remote Code Execution Vulnerability, located in the Readings and Resources section. Be sure to take notes!
Next – Examine the contents of the Python script 41570.py at https://www.exploit-db.com/exploits/41570, and the Metasploit module 41614.rb at https://www.exploit-db.com/exploits/41614
Answer all three (3) of the following questions (Click to expand)
1st Question to answer (at least 100 words): Based on your existing knowledge and the CVE unit resources, what do you think these code examples are trying to accomplish? What is the flaw in Apache Struts that is allowing these exploits to work? [note: you’re being graded on your best guess, not whether you have the technically correct answer]
2nd Question to answer (at least 100 words): You are on the team tasked with fixing this Struts error for your organization. What sort of information do you need to gather before creating your plan of action? What can go wrong if you don’t have all the information gathered?
3rd Question to answer (at least 100 words, but you can write more): How angry are you at Equifax for allowing this vulnerability to remain unpatched for so long? Why do you think the patching was delayed? What would you have done differently?