Which of the following can the administrator do in the short term to minimize the attack?

A morphed worm carrying a 0-day payload has infiltrated the company network and is now
spreading across the organization. The security administrator was able to isolate the worm
communication and payload distribution channel to TCP port 445. Which of the following can the
administrator do in the short term to minimize the attack?

A morphed worm carrying a 0-day payload has infiltrated the company network and is now
spreading across the organization. The security administrator was able to isolate the worm
communication and payload distribution channel to TCP port 445. Which of the following can the
administrator do in the short term to minimize the attack?

A.
Deploy the following ACL to the HIPS: DENY – TCP – ANY – ANY – 445.

B.
Run a TCP 445 port scan across the organization and patch hosts with open ports.

C.
Add the following ACL to the corporate firewall: DENY – TCP – ANY – ANY – 445.

D.
Force a signature update and full system scan from the enterprise anti-virus solution.



Leave a Reply 0

Your email address will not be published. Required fields are marked *