A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure dashboard for a single user from different IP addresses in different countries. Which of the following is the BEST method to prevent these types of events? A. Implement MFA on all accounts in the cloud infrastructure. B. Require users to access the cloud infrastructure only via VPN. Block access to the cloud dashboard based on geolocation. D. Whitelist IPs that are known to be used by corporate employees.
A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure dashboard for a single user from different IP addresses in different countries. Which of the following is the BEST method to prevent these types of events? A. Implement MFA on all accounts in the cloud infrastructure. B. Require users to access the cloud infrastructure only via VPN. Block access to the cloud dashboard based on geolocation. D. Whitelist IPs that are known to be used by corporate employees.
Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
Related questions
Question
![1-
A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure
dashboard for a single user from different IP addresses in different countries. Which of the
following is the BEST method to prevent these types of events?
A.
Implement MFA on all accounts in the cloud infrastructure.
B.
Require users to access the cloud infrastructure only via VPN.
Block access to the cloud dashboard based on geolocation.
D.
Whitelist IPs that are known to be used by corporate employees.
2-
Bag for
A security analyst is concermed that unauthorized devices can join the network in the human
resources department due to wired network ports that are accessible in a public area. The
department occasionally uses the area for training and does not want the ports disabled or
removed. Which of the following is the BEST solution to mitigate potential security issues?
A.
Disable DHCP on the subnet.
B.
Enable DHCP snooping on the network switch.
C.
Sinkhole the ports when training is not in session.
D.
Enable 802.1X security on the wired ports.](/v2/_next/image?url=https%3A%2F%2Fcontent.bartleby.com%2Fqna-images%2Fquestion%2F8ed5c8a9-edb7-4932-9d05-88a89c1954d4%2F1dc37c88-252f-476a-be7f-d1c8ab769255%2F23298cp_processed.jpeg&w=3840&q=75)
Transcribed Image Text:1-
A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure
dashboard for a single user from different IP addresses in different countries. Which of the
following is the BEST method to prevent these types of events?
A.
Implement MFA on all accounts in the cloud infrastructure.
B.
Require users to access the cloud infrastructure only via VPN.
Block access to the cloud dashboard based on geolocation.
D.
Whitelist IPs that are known to be used by corporate employees.
2-
Bag for
A security analyst is concermed that unauthorized devices can join the network in the human
resources department due to wired network ports that are accessible in a public area. The
department occasionally uses the area for training and does not want the ports disabled or
removed. Which of the following is the BEST solution to mitigate potential security issues?
A.
Disable DHCP on the subnet.
B.
Enable DHCP snooping on the network switch.
C.
Sinkhole the ports when training is not in session.
D.
Enable 802.1X security on the wired ports.
![A security analyst is reviewing a web server's log files and sees the following:
86.52.101.11 -- [18/Apr/2020:20:22:43 +0200] "GET /admin/users.txt
HTTP/1.1" 200 8022 "-" "Mozilla/5.0 Firefox/45.0"
120.58.72.112- - [18/Apr/2020:20:22:43 +0200] "GET /admin/costs.txt
HTTP/1.1" 404 - "-" "Mozilla/5.0 Firefox/45.0"
92.32.41.101
/maintenance/users.txt HTTP/1.1" 408 -
81.2.111.21
/maintenance/costs.txt HTTP/1.1" 204
[18/Apr/2020:20:22:43 +0200] "GET
--
"-" "Mozilla/5.0 Firefox/45.0
[18/Apr/2020:20:22:43 +0200] "GET
--
"-" "Mozilla/5.0 Firefox/45.0
There is no reason for any clients to be accessing user or cost files on the web server. Which
of the following lIP addresses corresponds to the request that is MOOST concerning?
A.
81.2.111.21
B.
86.52.101.11
C.
92.32.41.101
2 17:19:12
120.58 72 112
4-
An organization is currently using a SIEM that is compatible with STIX and TAXII. The
organization is looking for a solution for obtaining external threat intelligence data sources for
known-bad IPs, domains, and files. Which of the following is the main reason for using the
external threat intelligence data sources?
A.
To correlate the organization's information to known vectors
B.
To develop dashboards using external data sources
To create new signatures using threat intelligence for the IPS
D.
To identify how the organization is postured against threats](/v2/_next/image?url=https%3A%2F%2Fcontent.bartleby.com%2Fqna-images%2Fquestion%2F8ed5c8a9-edb7-4932-9d05-88a89c1954d4%2F1dc37c88-252f-476a-be7f-d1c8ab769255%2Fnco1i8_processed.jpeg&w=3840&q=75)
Transcribed Image Text:A security analyst is reviewing a web server's log files and sees the following:
86.52.101.11 -- [18/Apr/2020:20:22:43 +0200] "GET /admin/users.txt
HTTP/1.1" 200 8022 "-" "Mozilla/5.0 Firefox/45.0"
120.58.72.112- - [18/Apr/2020:20:22:43 +0200] "GET /admin/costs.txt
HTTP/1.1" 404 - "-" "Mozilla/5.0 Firefox/45.0"
92.32.41.101
/maintenance/users.txt HTTP/1.1" 408 -
81.2.111.21
/maintenance/costs.txt HTTP/1.1" 204
[18/Apr/2020:20:22:43 +0200] "GET
--
"-" "Mozilla/5.0 Firefox/45.0
[18/Apr/2020:20:22:43 +0200] "GET
--
"-" "Mozilla/5.0 Firefox/45.0
There is no reason for any clients to be accessing user or cost files on the web server. Which
of the following lIP addresses corresponds to the request that is MOOST concerning?
A.
81.2.111.21
B.
86.52.101.11
C.
92.32.41.101
2 17:19:12
120.58 72 112
4-
An organization is currently using a SIEM that is compatible with STIX and TAXII. The
organization is looking for a solution for obtaining external threat intelligence data sources for
known-bad IPs, domains, and files. Which of the following is the main reason for using the
external threat intelligence data sources?
A.
To correlate the organization's information to known vectors
B.
To develop dashboards using external data sources
To create new signatures using threat intelligence for the IPS
D.
To identify how the organization is postured against threats
Expert Solution
![](/static/compass_v2/shared-icons/check-mark.png)
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
This is a popular solution!
Trending now
This is a popular solution!
Step by step
Solved in 2 steps
![Blurred answer](/static/compass_v2/solution-images/blurred-answer.jpg)
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Recommended textbooks for you
![Database System Concepts](https://www.bartleby.com/isbn_cover_images/9780078022159/9780078022159_smallCoverImage.jpg)
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
![Starting Out with Python (4th Edition)](https://www.bartleby.com/isbn_cover_images/9780134444321/9780134444321_smallCoverImage.gif)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
![Digital Fundamentals (11th Edition)](https://www.bartleby.com/isbn_cover_images/9780132737968/9780132737968_smallCoverImage.gif)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
![Database System Concepts](https://www.bartleby.com/isbn_cover_images/9780078022159/9780078022159_smallCoverImage.jpg)
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
![Starting Out with Python (4th Edition)](https://www.bartleby.com/isbn_cover_images/9780134444321/9780134444321_smallCoverImage.gif)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
![Digital Fundamentals (11th Edition)](https://www.bartleby.com/isbn_cover_images/9780132737968/9780132737968_smallCoverImage.gif)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
![C How to Program (8th Edition)](https://www.bartleby.com/isbn_cover_images/9780133976892/9780133976892_smallCoverImage.gif)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
![Database Systems: Design, Implementation, & Manag…](https://www.bartleby.com/isbn_cover_images/9781337627900/9781337627900_smallCoverImage.gif)
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
![Programmable Logic Controllers](https://www.bartleby.com/isbn_cover_images/9780073373843/9780073373843_smallCoverImage.gif)
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education