An organization identifies a number of hosts making outbound connections to a known malicious IP over port TCP 80. The organization wants to identify the data being transmitted and prevent future connections to this IP.Which of the following should the organization do to achieve this outcome?
A. Use a protocol analyzer to reconstruct the data and implement a web-proxy.
B. Deploy a web-proxy and then blacklist the IP on the firewall.
C. Deploy a web-proxy and implement IPS at the network edge.
D. Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.
Answer: D. Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.
You might also like to view...
A CISC computer with an an internal clock of 800 MHz, executes about ______ instructions per section.
Fill in the blank(s) with the appropriate word(s).
The ____ attribute allows you to determine which sides of the table will have borders.
A. rules B. box C. frame D. rhs
Which key value data type can be used for any form of data?
A. QWORD B. DWORD C. Binary D. String
The _________________________ displays information about the file size, the current tool, or the document dimensions.
Fill in the blank(s) with the appropriate word(s).