The security administrator has noticed a range of network problems affecting the proxy server.
Based on reviewing the logs, the administrator notices that the firewall is being targeted with
various web attacks at the same time that the network problems are occurring. Which of the
following strategies would be MOST effective in conducting an in-depth assessment and
remediation of the problems?
A.
1. Deploy an HTTP interceptor on the switch span port; 2. Adjust the external facing NIDS; 3.
Reconfigure the firewall ACLs to block the all traffic above port 2000; 4. Verify the proxy server is
configured correctly and hardened; 5. Review the logs weekly in the future.
B.
1. Deploy a protocol analyzer on the switch span port; 2. Adjust the internal HIDS; 3.
Reconfigure the firewall ACLs to block outbound HTTP traffic; 4. Reboot the proxy server; 5.
Continue to monitor the network.
C.
1. Deploy a protocol analyzer on the switch span port; 2. Adjust the external facing IPS; 3.
Reconfigure the firewall ACLs to block unnecessary ports; 4. Verify the proxy server is configured
correctly and hardened; 5. Continue to monitor the network.
D.
1. Deploy a network fuzzer on the switch span port; 2. Adjust the external facing IPS; 3.
Reconfigure the proxy server to block the attacks; 4. Verify the firewall is configured correctly and
hardened.