Question

A recent penetration test revealed several issues with a public-facing website used by customers. The testers...

A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to:

Enter long lines of code and special characters Crash the system

Gain unauthorized access to the internal application server Map the internal network

The development team has stated they will need to rewrite a significant portion of the code used, and it will take more than a year to deliver the finished product. Which of the following would be the BEST solution to introduce in the interim?

  1. Content fileting
  2. WAF
  3. TLS
  4. IPS/IDS
  5. UTM

____________________________________________________________________________________--

A security administrator is implementing a secure method that allows developers to place files or objects onto a Linux server. Developers are required to log in using a username, password, and asymmetric key.

Which of the following protocols should be implemented?

  1. SSL/TLS
  2. SFTP
  3. SRTP
  4. IPSec

______________________________________________________________________________________________________________________________

A security administrator receives alerts from the perimeter UTM. Upon checking the logs, the administrator

finds the following output:

Time: 12/25 0300

From Zone: Untrust To Zone: DMZ

Attacker: externalip.com Victim: 172.16.0.20

To Port: 80 Action: Alert Severity: Critical

When examining the PCAP associated with the event, the security administrator finds the following information:

Which of the following actions should the security administrator take?

  1. Upload the PCAP to the IDS in order to generate a blocking signature to block the traffic.
  2. Manually copy the <script> data from the PCAP file and generate a blocking signature in the HIDS to block the traffic for future events.
  3. Implement a host-based firewall rule to block future events of this type from occurring.
  4. Submit a change request to modify the XSS vulnerability signature to TCP reset on future attempts.

this is all the informatio i have

Homework Answers

Answer #1

SOLUTION(1):- (E) UTM

EXPLANATION:- UTMs are infrequently designated to as next-generation firewalls as a single network appliance or as a service on the network. UTMs confers multiple security features and services, comprising with Anti-malware, Anti-spam, Content filtering, Web filtering, Firewall, Intrusion detection, VPN.

SOLUTION(2):- (B) SFTP

SOLUTION(3):- (B) Manually copy the <script> data from the PCAP file and generate a blocking signature in the HIDS to block the traffic for future events.

==========================================================================

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT