A vendor has asked a company to run an agent that collects and transmits log data from a faulty server. A security engineer has been engaged and is concerned about running the agent on the given server because the server contains sensitive business data.
Before running the agent, which of the following methods would BEST ensure sensitive data does not leave the network? (Select TWO)
PLEASE PROVIDE AN EXPLANATION FOR THE 2 OPTIONS SELECTED
AND WHY THE OTHER OPTIONS ARE NOT CORRECT FOR UPVOTE - THANK
YOU
be
The TWO methods which are selected among following methods are Log Analysis and Protocol Analysis
because ,Data stored in logs contains information like IP addresses, client/server requests, HTTP status etc. With proper analysis, also you can track down suspicious requests and system vulnerabilities and set configuration parameters accordingly that protect you from similar future threats. Log analysis software can alert you via email or any other source whenever a suspicious activity (ex-a login attempt from outside your trusted network) happens
A protocol is a standard procedure for regulating data transmission between computers. Protocol analysis is the process of examining those procedures. The way we go about this analysis is with special tools .protocol analysis techniques are to understand the procedures occurring on your network.
Fuzzing cannot be used as it is less effective in dealing security threats like viruses, Trojan, etc.( that do'nt create program crashes) and it can only detect simple threats.also it require significant time to perform a task.It ensures that the application is robust and secure, but do not ensure sensitive data does not leave the network . It is exploitable by hackers including unhandled exceptions, crashes,etc
penetration testing are not done properly, they can cause a lot of damage. Tests that are not carried out properly can crash servers, data, corrupt,expose , or cause adverse effects.
reverse engineering only supports finding faults in the product and to ensure the safety and well-being of the product's users. but do not ensure sensitive data does not leave the network
A Man in the Middle attack, or MITM, is a situation in which malicious entity can read or write data that is being transmitted between two or more system In a MITM attack, the attacker may use one of the many possible ways to split the TCP connection into two separate connections. One is client and the attacker, whereas the second connection is between attacker and the web server.Hence attacker can read and write sensitive data easily.
A vendor has asked a company to run an agent that collects and transmits log data...
Cost benefit analysis for the
Long Engineering Company
The Long Engineering Company (LEC) has decided to install a network
system to help their technical support engineers (five of them who
earn an average of $100,000 each per year) to deliver better
customer service including: mail out sales and other literature,
answer phone calls for technical assistance and log and forward
repair requests using an alpha-numeric paging system that will be
part of the new network system. Currently all company...
A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...