1-A security analyst receives an alert regarding multiple logins to the corporate doud infrastructuredashboard for a single user from different IP addresses in different countries. Which of thefollowing is the BEST method to prevent these types of events?A.Implement MFA on all accounts in the cloud infrastructure.B.Require users to access the cloud infrastructure only via VPN.Block access to the cloud dashboard based on geolocation.D.Whitelist IPs that are known to be used by corporate employees.2-Bag forA security analyst is concermed that unauthorized devices can join the network in the humanresources department due to wired network ports that are accessible in a public area. Thedepartment occasionally uses the area for training and does not want the ports disabled orremoved. Which of the following is the BEST solution to mitigate potential security issues?A.Disable DHCP on the subnet.B.Enable DHCP snooping on the network switch.C.Sinkhole the ports when training is not in session.D.Enable 802.1X security on the wired ports. A security analyst is reviewing a web server's log files and sees the following:86.52.101.11 -- [18/Apr/2020:20:22:43 +0200] "GET /admin/users.txtHTTP/1.1" 200 8022 "-" "Mozilla/5.0 Firefox/45.0"120.58.72.112- - [18/Apr/2020:20:22:43 +0200] "GET /admin/costs.txtHTTP/1.1" 404 - "-" "Mozilla/5.0 Firefox/45.0"92.32.41.101/maintenance/users.txt HTTP/1.1" 408 -81.2.111.21/maintenance/costs.txt HTTP/1.1" 204[18/Apr/2020:20:22:43 +0200] "GET--"-" "Mozilla/5.0 Firefox/45.0[18/Apr/2020:20:22:43 +0200] "GET--"-" "Mozilla/5.0 Firefox/45.0There is no reason for any clients to be accessing user or cost files on the web server. Whichof the following lIP addresses corresponds to the request that is MOOST concerning?A.81.2.111.21B.86.52.101.11C.92.32.41.1012 17:19:12120.58 72 1124-An organization is currently using a SIEM that is compatible with STIX and TAXII. Theorganization is looking for a solution for obtaining external threat intelligence data sources forknown-bad IPs, domains, and files. Which of the following is the main reason for using theexternal threat intelligence data sources?A.To correlate the organization's information to known vectorsB.To develop dashboards using external data sourcesTo create new signatures using threat intelligence for the IPSD.To identify how the organization is postured against threats

As per Bartleby guidelines, Since you have asked multiple question, we will solve the first question…

A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure dashboard for a single user from different IP addresses in different countries. Which of the following is the BEST method to prevent these types of events? A. Implement MFA on all accounts in the cloud infrastructure. B. Require users to access the cloud infrastructure only via VPN. Block access to the cloud dashboard based on geolocation. D. Whitelist IPs that are known to be used by corporate employees.

A security analyst receives an alert regarding multiple logins to the corporate doud infrastructure dashboard for a single user from different IP addresses in different countries. Which of the following is the BEST method to prevent these types of events? A. Implement MFA on all accounts in the cloud infrastructure. B. Require users to access the cloud infrastructure only via VPN. Block access to the cloud dashboard based on geolocation. D. Whitelist IPs that are known to be used by corporate employees.

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

The HSBC.COM server on the other end of your TCP session hijacking attempt has received a valid connection from your desktop PC. You were attempting to establish a connection to the HSBC.COM server, but an attack stopped that from happening. In light of the relevant security standards, please elaborate on how the existence of this attach might endanger the security of your connection.
What is a replay attack? Describe the role of the sequence number field in a replay attack? Describe the Transport Layer Security (TLS) service in detail. Why is there a separate Change Cipher Spec Protocol, rather than including a change_cipher_spec message as part of the Handshake Protocol? What is the difference between a TLS connection and TLS session?
The HSBC.COM server on the other end of your TCP session hijacking attempt has received a valid connection from your desktop PC. You were attempting to establish a connection to the HSBC.COM server, but an attack stopped that from happening. In light of the relevant security standards, please elaborate on how the existence of this attach might endanger the security of your connection.
5, For the first mode of Message Authentication code (MAC), which description is NOT correct? The key used in this mode is for message encryption. This mode cannot protect message confidentiality. The receiver is able to detect malicious message modification by checking the MAC. The attacker who does not know the key cannot calculate the MAC.
Cisco is a pioneer in producing a variety of firewall applications with many features. To configure any Cisco firewall, IP Access Control List (ACL) is used. The document “Tutorial on Cisco Firewall Rule Format” describes the general format of ACL, and also shows how ACL can filter network traffic. Describe in detail how to configure a CISCO Firewall using ACLs.
1. The most common method of securing e-commerce transmissions is dependent on 5. When anonymous authentication is used with IIS, the username and passw a. the client trusting the entity that digitally signed the web server's certificate b. the web server installing its root certificate in the client's certificate store c. the web server installing its public key on the client using a cookie d. the client and web server exchanging root certificates 2. The default port for HTTPS is a. 25 b. 80 C. 110 d. 443 3. In this lab, if SSL was initially not selectable; you could not configure SSL because a. the CA had not yet issued an SSL certificate b. SSL requires greater than 128-bit encryption C. anonymous authentication was permitted d. no port had been configured to "listen" for https requests Chapter 4 Advancea uiypwgr-r a. To minimize network traffic b. To be able to configure the web server To have a location for centralized account maintenance C. d. Every server should be an active…
Johnathan is the network engineer of an organization that restricts the use of certain webpages. As he does not have any pending work, he decides to take a break and watch a movie online until a task is assigned to him. Analyze which of the following actions is best suited for him in this situation so that the IP address of the organization is not compromised. a. Use a network-based firewall for this purpose b. Use IDS to bypass security protocols c. Use proxy servers to mask Internet activities d. Use a packet-filtering firewall for this purpose
Question 26 18 The Web-enabled Mode SSL. VPN installation downloads the Cisco AnyConnect client from a specified network server. 21 True False 24 Question 27 27 Reverse Routing Injection (RRI) is supported when a Csco ASA is configured as a transparent firewall mode 30 True 2. False Question 28 36 Cisco ASA uses an inheritance mndel that pull network & security policies from end-user sessions. 39 True False
Which of the following gives the best explanation of the differences between RADIUS and TACACS+? TACACS+ employs the UDP protocol, whereas RADIUS uses the TCP protocol. RADIUS is supported by the Cisco Secure ACS software, although TACACS+ is not supported. TACACS+ just encrypts the password, while RADIUS encrypts all of the communication that takes place. In contrast to TACACS+, which keeps authentication and authorization distinct procedures, RADIUS combines both processes into a single flow.
What distinguishes RADIUS and TACACS+? TACACS+ utilises UDP, RADIUS TCP. Cisco Secure ACS supports RADIUS but not TACACS+. RADIUS encrypts all communication, whereas TACACS+ encrypts the password. RADIUS integrates authentication and authorisation, but TACACS+ does not.
DNS poisoning attacks need to use spoofed source IP addresses for the forged DNS responses sent to the victim recursive DNS server. True False
For DNS query, it is natural to expect that the local DNS server may not know how to resolve an address. In this case, further queries will be made by this local DNS server. If a hacker can find "a way" to make a certain DNS server report back the wrong IP address, then anyone trying to get to one Web address will be sent to a bogus one, without any obvious way for the user to detect that anything is wrong. Likewise, email could be delivered to the wrong destination. 1) Describe two possible attacks to make the resolver report the wrong IP address.