A security consultant decides to use multiple layers of anti-virus defense, such as end user
desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of
attack?
A.
Forensic attack
B.
ARP spoofing attack
C.
Social engineering attack
D.
Scanning attack
Question:
I don’t see how antivirus protection could have any connection with ANY of answers above,but filtering of incoming e-Mail could reduce spam messages.
In the question I recognized defence-in-depth strategy(usually used to defeat hackers and malicious computer code), but d-i-d is not only multilayer A-V protection.
So, the question is: How antivirus protection could influence to mitigate social engineering?
In my opinion A-V can only detect/protect from viruses, trojans, worms and similar malware, but not against hoaxes and other social engineering methods.
No, think about it.
In SE, hackers can send emails containing a trojan.
If the user opens the file they then become infected, therefore AV protection protects against SE.
All the Answers are wrong.
A) Doesn’t exist
B) Can’t protect against Layer 2 attacks with an anti-virus (maybe a “internet security” package
C) It’s a reach to assume social engineering is the attack. Social engineering has many forms, from direct or indirect human communication. Email gateway and anti-virus would not stop a simple phone call. I guess the key word here might me mitigate in which you could stretch the idea of a “trojaned” email. Still, it’s too narrow of an answer for me.
D) Doesn’t really exist since scanning isn’t attacking, and both “defenses” would be useless against a scanner.
C
Miguel, don’t you know there is a “show answer” button?
I also think is C
Miguel your’re the best! you allways know the answer!
n a more passive approach a device listens for ARP replies on a network, and sends a notification via email when an ARP entry changes.
Also, using a VPN or encryption to prevent people from sniffing your traffic in a hostile environment. you can also make a static arp entry in your windows machine if you know the right MAC address of the router with:
Defense Tools
ArpON – ARP handler inspection
ARPDefender appliance
Arpwatch
XArp
anti-arpspoof
AntiARP
no such thing as A,
to prevent scanning attack at best you can firewall, use IDS etc
by default it is C:
Im guessing because antivirus in live mode picks up on known signature attacks and phishing strategies
If you search on Google the question title, all other webs says the answer is C aswell.