Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?

The security administrator at ABC company received the following log information from an external
party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is
the reason the ABC company’s security administrator is unable to determine the origin of the
attack?

The security administrator at ABC company received the following log information from an external
party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is
the reason the ABC company’s security administrator is unable to determine the origin of the
attack?

A.
A NIDS was used in place of a NIPS.

B.
The log is not in UTC.

C.
The external party uses a firewall.

D.
ABC company uses PAT.

Explanation:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

14 − twelve =

Vu

Vu

10.0.0.0/8 IP addresses are reserved for private network. Why it shows on this log as public address? Is it wrong?

Reply