Computers and Technology, 29.10.2021 18:10 softball2895
While investigating an incident in a company's SIEM console, a security analyst found hundreds of failed SSH login attempts, which all occurred in rapid succession. The failed attempts were followed by a successful login on the root user. Company policy allows systems administrators to manage their systems only from the company's internal network using their assigned corporate logins. Which of the following are the BEST actions the analyst can take to stop any further compromise?
A) Add a rule on the affected system to block access to port TCP/22.
B) Reset the passwords for all accounts on the affected system.
C) Add a rule on the perimeter firewall to block the source IP address.
D) Configure /etc/sshd_config to deny root logins and restart the SSHD service.
E) Configure /etc/passwd to deny root logins and restart the SSHD service.
F) Add a rule on the network IPS to block SSH user sessions.
Answers: 2
Computers and Technology, 23.06.2019 00:20, kathlynskare06
Ihave been given the number of guns per 100, and the total firearm-related deaths per 100,000. i have to find the actual number of guns per country and actual number of gun-related deaths. if somebody could show me how to do 1 question, i can finish the rest, i am just confused. tia
Answers: 3
Computers and Technology, 23.06.2019 14:30, ahmedeldyame
Select the correct answer. which step can possibly increase the severity of an incident? a. separating sensitive data from non-sensitive data b. immediately spreading the news about the incident response plan c. installing new hard disks d. increasing access controls
Answers: 2
Computers and Technology, 23.06.2019 16:30, isaiahhuettnerowgg8d
What is one reason why indoor air pollution has become an increasing problem.
Answers: 1
While investigating an incident in a company's SIEM console, a security analyst found hundreds of fa...
Mathematics, 19.03.2020 21:43
Mathematics, 19.03.2020 21:43