Logo
Home Study Material Contact Search
AI Chat FREE
  1. computer science
  2. programming
  3. the soc has noticed an unusual volume of traffic c

The SOC has noticed an unusual volume of traffic coming from an open wi-fi guest Network...

60.1K

Verified Solution

Question

Programming

The SOC has noticed an unusual volume of traffic comingfrom an open wi-fi guest Network that appears correlated with aborder Network slow down. The network team is unable to capturetraffic, but logs from Network Services are available.

  • No users have authenticated recently there was a guestnetworks captive portal

  • DDoS mitigation systems are not alerting

  • DNS resolver logs show some very long domainnames

Which of the following is the best step for securityanalysis to take next?

  1. Block all outbound traffic from the guest Network at theborder firewall

  2. verify the passphrase on the guest network has not beenchanged

  3. search antivirus logs for evidence of compromise companydevice

  4. review access point logs to identify potential a zombieservices

Answer & Explanation Solved by verified expert
4.1 Ratings (621 Votes)
Block all outbound traffic from the guest Network at the border firewall is the best step Security Analysis take Firewalls NextGeneration Firewalls NFGW and Web Application Firewalls WAFFirewalls are a standard part of any cybersecurity arsenal Two new technologies are complementing or replacing the traditional firewall NGFWextends the firewall by providing intrusion prevention and intrusion detection with deep packet inspection capabilities NGFWs can block threats at the network edge using techniques like URL filtering behavioral analysis and geolocation filtering They use a reverse proxy to terminate connections and inspect content before it reaches a web server WAFa WAF is deployed in front of web applications inspects traffic and identifies traffic patterns that may represent malicious activity A WAF can detect attacks while minimizing false positives by learning acceptable URLs parameters and user inputs and uses this data to identify traffic or inputs that deviate from the norm These technologies are leveraged in the modern SOC to reduce the attack profile of websites a and web applications and gather higher quality data about legitimate and malicious traffic hitting critical web properties Endpoint Detection and Response EDR EDR is a new category of tools that helps SOC teams respond to attacks on endpoints like user workstations mobile phones servers or IoT devices These tools are built around the assumption that attacks will happen and that the SOC team usually has very limited visibility and control into whats happening on a remote endpoint EDR solutions are deployed on endpoints provide instant accurate data about malicious activity and gives SOC teams remote control over    See Answer
Get Answers to Unlimited Questions

Join us to gain access to millions of questions and expert answers. Enjoy exclusive benefits tailored just for you!

Membership Benefits:
  • Unlimited Question Access with detailed Answers
  • Zin AI - 3 Million Words
  • 10 Dall-E 3 Images
  • 20 Plot Generations
  • Conversation with Dialogue Memory
  • No Ads, Ever!
  • Access to Our Best AI Platform: Zin AI - Your personal assistant for all your inquiries!
Become a Member

Other questions asked by students

Q

Sally’s Toyota Corolla is an old car but it served her well. She is planning to...

Basic Math
Q

Neutrons are born out of fission at a high energy and must be slowed down to...

Physics
Q

What creates inflammation O The innate immune system O Most pathogens O Just bacterial pathogens...

Biology
Q

What statement supports the definition of a command economy The government determines Owhat goods are...

Biology
Q

increasesir excess pressure jo hota hai 2T R vo to surface tension ki wjha se...

Physics
Q

Two monoatomic ideal gases A and B of molecular masses m and respectively are enclosed...

Physics
Q

5 Poisson Approximation Mass produced needles are packed in boxes of 1000 On overage 1...

Basic Math
Q

Figure 1 Rectangular garden fencing rdener has a large open space and wants to use...

Calculus
Q

Give a complete r 5 5cos theta graph of the polar equation and identify the...

Algebra
Q

Value of p Select Focus Select Directrix Select Vertex Select 6 A 2 2 Line...

Algebra
Q

Entries for bad debt expense under the direct write-off and allowance methods ...

Accounting
Q

Waste Management Company's (WMC) general ledger indicates a cash balance of $23,440 as of September...

Accounting