A company is a victim of phishing and spear phishing campaign. Users are clicking on website links that look like common Bank sites and entering their credentials accidentally. A security engineer decides to use a layered defense to prevent the fishing or lessen its impact. Which of the following should the security engineer implement? Select 2
Spam filter
host intrusion prevention
client certificates
content filter
log monitoring
data loss prevention
In order to understand what is the best approach to go through in order to defend our organisation and customers from phishing, we have to first understand what is phishing and spear phishing.
When the attackers attempt to trick the users into clicking a malicious link that would eventually download malware into the system of user or trying to steal the sensitive info of the users by making them think they are at a genuine site. This whole activity is called phishing. Now the phishing attempts are of several scales and one of them is that they use to information of your employees or your company to make their emails look more realistic and genuine. This is called spear phishing.
In order to protect ourself from continuous phishing we have to add another layer of defence or we can also enable 2 layer authentication.
According to this question, the security engineer should use the Spam filter and Data loss prevention.
Here are the reasons to do so, the spam filter makes sure that the links which are malicious or bad never reaches to the user by filtering or blocking them and data loss prevention makes sure that the confidential information of the company which is not supposed to leak out should stay in the company. This leaves the attackers to very little information. We can also public DNS service to keep ourselves more secure as an organisation.
Please comment and let me know if you have any further doubts. Please upvote this answer if you like it.
Thank you.
Have a great day.
Get Answers For Free
Most questions answered within 1 hours.