An organization identifies a number of hosts making outbound connections to a known malicious IP over port TCP 80. The organization wants to identify the data being transmitted and prevent future connections to this IP. Which of the following should the organization do to achieve this outcome?
A) Use a protocol analyzer to reconstruct the data and implement a web-proxy.
B) Deploy a web-proxy and then blacklist the IP on the firewall.
C) Deploy a web-proxy and implement IPS at the network edge.
D) Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.
Correct Answer:
Verified
Q239: A security analyst captures forensic evidence from
Q240: The IT department is deploying new computers.
Q241: A member of the admins group reports
Q242: An incident involving a workstation that is
Q243: Ann, a security administrator, wants to ensure
Q245: A forensic investigator has run into difficulty
Q246: A security engineer is configuring a wireless
Q247: A third-party penetration testing company was able
Q248: After a recent internal breach, a company
Q249: To determine the ALE of a particular
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents