A 3rd party company has provided us with security vunrability analysis of our company websites and management wish me to report on how we will tackle these issues.
Alert group Severity Alert count
SSL 2.0 deprecated protocol High 1
ASP.NET error message Medium 1
The POODLE attack (SSLv3 supported) Medium 1
ASP.NET version disclosure Low 1
Clickjacking: X-Frame-Options header missing Low 1
OPTIONS method is enabled Low 1
Error page web server version disclosure Informational 1
Microsoft IIS version disclosure Informational 1
Please advise on how we can tackle each of these issues.