A security analyst has identified malware that is propagating automatically to multiple systems on the network. Which of the following types of malware is MOST likely impacting the network?

• A.Virus
• B.Worm
• C.Logic bomb
• D.Backdoor

Comment: *

Name: *

Email: *

Verification: *

Task: Configure the firewall (fill out the table) to allow these four rules:
* Only allow the Accounting computer to have HTTPS access to the Administrative server.
* Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
* Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2

Correct Answer:

See the solution below.
Explanation
Use the following answer for this simulation task.
Below table has all the answers required for this question.

Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule's criteria:
Block the connection Allow the connection
Allow the connection only if it is secured
TCP is responsible for providing a reliable, one-to-one, connection-oriented session. TCP establishes a connection and ensures that the other end receives any packets sent.
Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session.
When the session ends, the connection is torn down.
UDP provides an unreliable connectionless communication method between hosts. UDP is considered a best-effort protocol, but it's considerably faster than TCP.
The sessions don't establish a synchronized session like the kind used in TCP, and UDP doesn't guarantee error-free communications.
The primary purpose of UDP is to send small packets of information.
The application is responsible for acknowledging the correct reception of the data. Port 22 is used by both SSH and SCP with UDP.
Port 443 is used for secure web connections? HTTPS and is a TCP port.
Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between 10.4.255.10/24 (Accounting) and
10.4.255.101 (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between 10.4.255.10/23 (HR) and 10.4.255.2 (server2) Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between: 10.4.255.10.25 (IT computer) and 10.4.255.101 (Administrative server1)
10.4.255.10.25 (IT computer) and 10.4.255.102 (Administrative server2)

Comment: *

Name: *

Email: *

Verification: *

A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts. For which of the following is the company hiring the consulting firm?

• A.Application fuzzing
• B.Penetration testing
• C.User permission auditing
• D.Vulnerability scanning

Comment: *

Name: *

Email: *

Verification: *

A security administrator is implementing a new WAF solution and has placed some of the web servers behind the WAF, with the WAF set to audit mode. When reviewing the audit logs of external requests and posts to the web servers, the administrator finds the following entry:

Based on this data, which of the following actions should the administrator take?

• A.Create an alert to generate emails for abnormally high activity.
• B.Change the parameter name 'Account_Name' identified in the log.
• C.Alert the web server administrators to a misconfiguration
• D.Create a blocking policy based on the parameter values

Comment: *

Name: *

Email: *

Verification: *

When trying to log onto a company's new ticketing system, some employees receive the following message: Access denied: too many concurrent sessions. The ticketing system was recently installed on a small VM with only the recommended hardware specifications. Which of the following is the MOST likely cause for this error message?

• A.The VM does not have enough processing power.
• B.Network resources have been exceeded.
• C.The software is out of licenses.
• D.The firewall is misconfigured.

Comment: *

Name: *

Email: *

Verification: *