Computers and Technology, 24.03.2021 17:20, pssluke

The application team within a company is asking the security team to investigate why its application is slow after an upgrade. The source of the team's application is 10.13.136.9, and the destination IP is 10.17.36.5. The security analyst pulls the logs from the endpoint security software but sees nothing is being blocked. The analyst then looks at the UTM firewall logs and sees the following: Session Source Destination Protocol Port Action IPS DoS
12699 10.13. 136.9 10.17.36. 5 TCP 80 Allow Yes No
12699 10.13. 136.9 10.17. 36.5 TCP 443 Allow Yes No
12699 10.13. 136.9 10.17.36. 5 TCP 1433 Deny Yes No
12719 10.13.136. s 10.17.36. 5 TCP 87 Deny Yes No
12719 10.13. 136.9 10.17.36.5 TCP 88 Allow Yes No
12719 10.13. 136.9 10.17.36.5 TCP 636 Allow Yes No
12899 10.13. 126.6 10.17.36.5 UDP 9877 Deny No No

Which of the following should the security analyst request NEXT based on the UTM firewall analysis?
a. Request the application team to allow TCP port 87 to listen on 10.17.36.5.
b. Request the network team to open port 1433 from 10.13.136.9 to 10.17.36.5.
c. Request the network team to turn of IPS for 10.13.136.8 going to 10.17.36.5.
d. Request the application team to reconfigure the application and allow RPC communication.

Answers: 2

Show answers

Other questions on the subject: Computers and Technology

Computers and Technology, 22.06.2019 12:50, michaelchavez6959127

You have just been hired as an information security engineer for a large, multi-international corporation. unfortunately, your company has suffered multiple security breaches that have threatened customers' trust in the fact that their confidential data and financial assets are private and secured. credit-card information was compromised by an attack that infiltrated the network through a vulnerable wireless connection within the organization. the other breach was an inside job where personal data was stolen because of weak access-control policies within the organization that allowed an unauthorized individual access to valuable data. your job is to develop a risk-management policy that addresses the two security breaches and how to mitigate these risks. requirementswrite a brief description of the case study. it requires two to three pages, based upon the apa style of writing. use transition words; a thesis statement; an introduction, body, and conclusion; and a reference page with at least two references. use a double-spaced, arial font, size 12.

Answers: 1

continue

Computers and Technology, 22.06.2019 17:50, ImBADatmath8743

Farah works in an office with two other employees. all three share a printer and an internet connection. the utility that makes this possible is defragger quicktime soho winzip

Answers: 1

continue

Computers and Technology, 23.06.2019 13:30, jhitotw

What is the primary difference between the header section of a document and the body? a. the body is displayed on the webpage and the header is not. b. the header is displayed on the webpage and the body is not. c. the tag for the body is self-closing, but the tags for the headers must be closed. d. the tag for the header is self closing, but the tag for the body must be closed.

Answers: 3

continue

Computers and Technology, 24.06.2019 10:00, genyjoannerubiera

In which view can you see speaker notes?

Answers: 1

continue

Do you know the correct answer?

The application team within a company is asking the security team to investigate why its application...