An organization identifies a number of hosts making outbound connections to a known malicious IP over port TCP 80. The organization wants to identify the data being transmitted and prevent future connections to this IP.Which of the following should the organization do to achieve this outcome?
A. Use a protocol analyzer to reconstruct the data and implement a web-proxy.
B. Deploy a web-proxy and then blacklist the IP on the firewall.
C. Deploy a web-proxy and implement IPS at the network edge.
D. Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.
Answer: D. Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.
Computer Science & Information Technology
You might also like to view...
What does a red line above a transition in the Timeline panel indicate?
What will be an ideal response?
Computer Science & Information Technology
Which Cisco IOS command is used to enable a switch interface to become a routed port?
A) sdm prefer routing B) ip route enable C) no switchport D) ip routing
Computer Science & Information Technology