Computers and Technology, 29.10.2021 18:10 softball2895
While investigating an incident in a company's SIEM console, a security analyst found hundreds of failed SSH login attempts, which all occurred in rapid succession. The failed attempts were followed by a successful login on the root user. Company policy allows systems administrators to manage their systems only from the company's internal network using their assigned corporate logins. Which of the following are the BEST actions the analyst can take to stop any further compromise?
A) Add a rule on the affected system to block access to port TCP/22.
B) Reset the passwords for all accounts on the affected system.
C) Add a rule on the perimeter firewall to block the source IP address.
D) Configure /etc/sshd_config to deny root logins and restart the SSHD service.
E) Configure /etc/passwd to deny root logins and restart the SSHD service.
F) Add a rule on the network IPS to block SSH user sessions.
Answers: 2
Another question on Computers and Technology
Computers and Technology, 21.06.2019 21:00
The mode is generally used when delivering a presentation to an need now
Answers: 1
Computers and Technology, 22.06.2019 16:00
Why should characters such as / \ " ' * ; - ? [ ] ( ) ~ ! $ { } < > # @ & | space, tab, and newline be avoided in file names?
Answers: 2
Computers and Technology, 23.06.2019 06:30
On early television stations, what typically filled the screen from around 11pm until 6am? test dummies test patterns tests testing colors
Answers: 1
Computers and Technology, 24.06.2019 01:00
Me if you do then you get 10 points and brainliest
Answers: 1
You know the right answer?
While investigating an incident in a company's SIEM console, a security analyst found hundreds of fa...
Questions
Chemistry, 20.04.2021 04:50
Mathematics, 20.04.2021 05:00
Biology, 20.04.2021 05:00
History, 20.04.2021 05:00
Mathematics, 20.04.2021 05:00
Arts, 20.04.2021 05:00
Mathematics, 20.04.2021 05:00
Mathematics, 20.04.2021 05:00
