The help desk informed a security analyst of a trend that is
beginning to develop regarding a suspicious email that has been
reported by multiple users. The analyst has determined the email
includes an attachment named invoice.zip that contains the
following files:
Locky.js
xerty.ini
xerty.lib
Further analysis indicates that when the zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRST to prevent data on the company NAS from being encrypted by infected devices? (choose one and why)
A. Disable access to the company VPN.
B. Move the files from the NAS to a cloud-based storage
solution.
C. Set permissions on file shares to read-only.
D. Add the URL included in the .js file to the company's web proxy
filter.
To prevent data on the company NAS from being encrypted by infected devices:
Move the files from the NAS to a cloud-based storage solution.
Full form of the NAS is Network-attached storage, its purpose is to heterogeneous group where the files shared through the server access.
Since cloud provides high network security, so need to transfer the data on the company NAS to cloud-based storage.
Cloud provides protection of data so need best safety to infected files.
Option B correct
The help desk informed a security analyst of a trend that is beginning to develop regarding...
The new Chief Technology Officer (CTO) is seeking recommendations for network monitoring services for the local intranet. The CTO would like the capability to monitor all traffic to and from the gateway, as well as the capability to block certain content. Which of the following recommendations would meet the needs of the organization? A. Recommend setup of IP filtering on both the internal and external interfaces of the gateway router. B. Recommend installation of a firewall on the internal interface...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...